There is one big mistake many organisations make in their approach to application onboarding. This mistake leads to cost blowouts, poor technical governance, slow onboarding agility, and at worst (and we’ve seen it before) the total abandonment of an identity platform transformation.
Before we expose this mistake we need to look at what an app migration strategy can look like and some of the pitfalls we can get caught in before we even begin.
Firstly, businesses are notorious for underestimating the effort that goes into onboarding applications to their new Identity platform. It doesn’t matter which vendor or product type you choose, there’s a lot to think about when planning the migration of existing apps, how to streamline the onboarding process for new apps in the future, and reaching the scale you need for your initiative to be considered successful.
Furthermore, failing to factor in the app onboarding process into the total cost of ownership (TCO) can cause significant headaches to an identity transformation. Organisations often assume this exercise is a one-off event, when nothing could be further from the truth.
Customers get caught up on the ‘standing up’ part of Identity platforms. And to be honest, vendors like this part too, because it establishes their footprint. Customers get distracted with new capability, when really that’s just the beginning. Where the success is truly realised is when all of your applications are onboarded and new apps are enabled with ease. Ultimately, we want a no-fuss and security conscious approach to enabling applications, whether it’s enabling Single Sign-On, Provisioning Identities, Governing Access or Managing Privileged Users.
There’s many methodologies to application onboarding, and often several can be packaged together to meet organisational needs. We’ve listed a few of the high-level approaches below:
- Off The Shelf – ‘Click Ops’
- Ideal for smaller businesses with limited applications to onboard.
- Quick turn around.
- Virtually unlimited access to product capabilities.
- Low quality assurance.
- Higher effort per individual application and minimal efficiency gain.
- Higher chance of misconfiguration which could lead to security exposure.
- API Driven
- Easily re-deploy applications by re-running API calls.
- Allows for peer-review prior to deployment.
- Requires more developer oriented skill set.
- Higher level of repeatability than click-ops.
- DevOps
- High cost in establishing DevOps pipelines.
- More control over application deployments.
- Patternisation of application types puts protections in place against misconfiguration.
- Higher ROI for large amount of apps that need to be onboarded.
- Self-Service
- Great user experience for application teams wanting to onboard.
- Requires high governance oversight.
- Misconfigurations could result in data leaks.
- Ideally used alongside other methodologies.
Now, what’s the big mistake that businesses make?
It’s not selecting or designing a methodology that plays to the strength of your organisation. Without the right approach to app onboarding, unnecessary cost can accrue for every application you onboard. Furthermore, the time to market for applications may not be moving at the speed of you business.
On the flip-side, over-engineering an onboarding strategy that doesn’t suit your organisation may result in an investment of time and effort that will never be recovered.
There are some general considerations that can help drive your strategy selection:
- Does your organisation have an established DevOps platform?
- Does your Identity team have development capability?
- How many applications do you have?
- What is your budget?
- How quickly do you need to enable onboarding for applications?
Here’s a couple of examples of businesses using different strategies:
“Company X is a mid-sized retailer, they have 15 applications which need to be onboarded to their On-Prem Identity Platform for Single Sign-On. Their IT Team is small and consists of SysAdmin skillsets over Developers. New applications are onboarded once ever few months.”
In this case, Company X may be better suited to a Click-Ops model. The investment in a high-maturity onboarding strategy would likely be overkill as efficiency gains are not likely to be recognised.
“Company Y is a mid-sized Fintech organisation. They are planning on migrating to a new SaaS based Identity platform. They currently have 50 applications to onboard, with several new applications to onboard each month. They are expecting high organisational growth over the next 5 years. As a Fintech company they have established DevOps processes and strong developer capability.”
For Company Y, a DevOps onboarding strategy would better suit the organisation. They can use existing skillsets to build onboarding automation, and this will yield a return as the organisation grows and more applications require integration.
App onboarding is the engine room of your Identity uplift efforts. And if your engine isn’t finely tuned to complement your organisation, then the each application that needs to be onboarded could be costing more than it needs to. Because yes, there’s tangible cost associated to every application you onboard.
Where Assertiv Can Help
As a purely Identity focused services company, Assertiv is uniquely skilled in Identity projects of all shapes and sizes. We’ve supported some of the largest identity implementations in the Asia-Pacific region with their application onboarding journey. We’ve also supported some of the smaller, more unique organisations who have their own bespoke onboarding challenges.
Our skill-set covers:
- Strategy and Advisory
- Project Management
- Architecture and Solution Design
- Technical Subject Matter Experts (On both Application and Identity System sides of the fence)
- Non-Production System Integration
- Application and System Testing
- Ongoing Production Support
- DevOps and Development Specialisation
Assertiv can draw upon extensive experience to design an efficient onboarding strategy that maximises the return for your organisation. The range of skills we offer can bridge any capability gaps, from strategy design through to automation development.
Whether you’re thinking about or planning identity transformation, in the thick of onboarding challenges, or looking for advice on how to improve current process, now is the perfect time to work with Assertiv.