The IBM identity and access management products have continued to modernize and scale to provide the industry's most comprehensive IAM solution, a key pillar to any Zero Trust strategy. To raise visibility that our platform is a modernized and comprehensive portfolio, we are excited to unify under a single brand: IBM Security Verify. The heart of our mission is to provide smart identity for the hybrid multicloud world.
IBM Security Verify, formerly IBM Cloud Identity, is IBM’s identity-as-a-service (IDaaS) offering that aggregates dynamic user, device, and environmental context to automate risk protection and continuously authenticate any user to any resource, across both workforce and consumer populations. Identity plays a strategic part in an overall digital transformation, and business are evaluating how they can modernize IAM to address today’s hybrid multicloud challenges. Verify plays a central part in that journey as an IDaaS offering, and we at IBM have committed to this modernization, continually rolling out new platform capability every three weeks. In the last few months alone, we have added several capabilities across three key IAM pillars:
Context is Key
Verify taps into deep contextual insights provided by the fusion of IBM’s fraud protection and access management technology. To support a Zero Trust approach, we believe a smart identity solution should perform an “always verify” step in the background as part of adaptive access, using AI to aggregate a holistic understanding of risk. However, when risk is identified, it should also be logged properly and acted upon immediately. Verify integrates with the IBM Resilient security orchestration, automation, and response platform to automatically create incident response cases when Verify’s adaptive access detects high risk. If remediation is needed, bi-directional integration allows IAM to become a control point to perform identity-related tasks like resetting a password or removing an entitlement.
Cloud IAM should also integrate with an organization’s SIEM to place IAM events in the context of a larger threat monitoring program. Verify now integrates with IBM QRadar through a new DSM to enable out-of-the-box, identity-related event data streaming. This integration will help security teams gain more robust visibility and act against any identity-related threats within their wider ecosystems.
Make Identity Consumable
Developers need to build run-time flows for authentication, give users registration capabilities, and embed MFA into their applications, without necessarily being an IAM expert. To do this efficiently, they need robust APIs and documentation, sample code, and guided instructions. The Verify developer portal offers a wizard-like experience to guide developers through the process of integrating an application step-by-step.
Many organizations leverage open source solutions like Keycloak or Red Hat SSO as their foundation for identity capabilities, although they may reach a point at which full IDaaS capabilities like more advanced authentication methods become necessary. Verify can be extended into Keycloak and Red Hat SSO environments without disrupting application code. Using the Verify extensions, open source users can easily up-level their identity implementations into modern, passwordless experiences.
Comprehensive Capabilities from the Cloud
Regardless of where an organization is on their unique journey to cloud, it goes without saying that “ripping and replacing” IAM infrastructure and starting from scratch typically isn’t an option. While Verify administrators could start fresh in a cloud directory, they can also integrate with existing identity sources using methods like LDAP passthrough authentication with Active Directory or other third-party directories. Similarly, certain legacy on-premises applications are sticking around for the foreseeable future, and businesses need a unified access approach for both their on-premises and cloud apps. Verify includes a lightweight reverse proxy called the IBM Application Gateway as enabling software for protecting on-premises applications from the cloud, all from the same unified launchpad.
Cloud IAM should also bridge gaps in workflows and eliminate siloed solutions. Verify includes governance capabilities alongside its access management use cases to offer a more holistic approach. For instance, it can be difficult for organizations to efficiently meet compliance requirements to recertify that access levels are still appropriate over time. Administrators can now automate recertification campaigns at custom, periodic intervals to facilitate this process.
Introducing IBM Security Verify – Smart Identity for a Hybrid Multicloud World
We believe a truly modern approach to IAM will fully leverage context, be highly consumable, and offer comprehensive breadth of capability, especially as identity continues to play an important role in Zero Trust initiatives.
While this first roll-out of IAM rebranding began with IBM Cloud Identity and IBM Security Access Manager becoming IBM Security Verify and IBM Security Verify Access respectively, other parts of our portfolio will join them soon, coupled with new capability. We are energized to continue working with you on your IAM modernization journey to provide a frictionless and secure experience for every user.