We changed our name from IT Central Station: Here's why

Looking for an Identity and Access Management product for an energy and utility organization

Hello everyone,

We are working with an energy and utility client based in the US.

Our suite of applications is Bespoke applications built on Microsoft Stack (.NET, MVC, ASP.NET, .NET core, SQL Server, .NET CORE RESTful services, etc).

We integrate with a host of external vendor products such as Payment Gateway, eKYC vendors, third-party Aggregators, etc.

We are looking to explore an IAM product tool that fits well within our technology landscape.

Primarily, we would have internal employees authenticating and connecting to a host of applications from the Internet and as well as external vendors, partners also connecting to it.

Currently, we have suggested having an external Domain Controller for external users and a separate Domain Controller - for internal users. This way we can have more granular governance, access, and security policies for external and internal users.

In the future, we might expose the authentication using social media as well (such as GMAIL, LI, FB, etc) for guest users.

Please share your advice about an IAM product/solution that fits our requirements and within the Microsoft Technology stack and landscape.

ITCS user
1113 Answers

author avatar

Hello Ram. 

As additional information is required, you can PM me. So I will be able to forward you to the right contact.

author avatar
Top 5Real User

You can also look at the https://www.ubisecure.com/ . They have excellent features when it comes to managing external identities. 

Also, a wide variety of APIs available for integration. 

author avatar
Top 10LeaderboardReal User

Symantec Security suite (previously) called CA Identity Suite is a good IAM solution. The product is very stable and customizable. Plus it has a complete portfolio that includes security features for a customer. 

PLA licenses enable customers to use all product lines without extra charge. 

In case you need any assistance or Proof of value more than happy to assist. 

author avatar

Entrust has a portfolio of Identity solutions that address the apps above: on-prem or cloud-based options and support for external ID such as Google or FB.

author avatar
Top 5Real User

The internal/external domain controller approach could be the right way to go. The internal must already be in place, right?  Microsoft Active Directory (hopefully migrating to Azure Active Directory). Microsoft is the clear market share leader for identity systems so I recommend you start there and figure out why AD/AAD wouldn't work externally.

The downside to two domains is just that; you're identity teams are going to have to master two software stacks.  Granularity and controls sound great, but have you ever tried to create them yet?  Do an internal exercise that would define your access policies and give that list to a shortlist of vendors as an RFP challenge.

author avatar
Top 5Real User

Please check the following IAM solutions:

Okta: Okta | Identity for the internet

Hello ID: HelloID - Cloud: Identity: Access

author avatarEvgeny Belenky
Community Manager

@Michel Timp thanks for your suggestion. Can you please elaborate a bit what outstands those solutions out of others? 

author avatar

Hey Rama, it looks like you are looking for an Access Management solution. 

From my experience, since you are heavily invested in Microsoft, it may be the best solution. It tends to be a bit more complex but adding another vendor would also increase the complexity. Best practice would have you maintain separate directories for employees and customers.

Admittedly, I am biased towards SailPoint. It provides the Governance that you need as a Utility by increasing your visibility and centralized management of your users. I just do not see a similar product today that has the IGA capabilities that you need as well as the integration capabilities to support solutions like Microsoft. The two companies work closely together on the integration

As Occam's razor says - other things equal, explanations that posit fewer entities, or fewer kinds of entities, are to be preferred to explanations that posit more. Pick two market leaders and off you go!

author avatar
Top 5LeaderboardConsultant

@Ram Chenna ​ Sounds like there is a lot of things at play here. 

I would suggest reaching out to a trusted IAM service integrator and you need to get your requirements detailed and prioritized. There are all sorts of options from looking inside the Microsoft Stack at Azure IGA although it isn't as mature as some of the market-leading products like SailPoint, One Identity and Saviynt. 

These products cover the depth of full IGA implementations and help you improve your security controls around access and identity management. We normally spend about 20 days working through client requirements before being able to suggest a specific solution. We recently helped a company in the Australian energy sector leverage a Sailpoint implementation for their internal workforce while assisting them with an Azure B2C/B2B implementation for their external userspace

author avatar
Top 5User

Of course, to have the best Identity and Access Management solution it is recommended to extend the on-premises identities in the Active Directory Domain Services and replicate them to the cloud with the Azure AD. 

There you can integrate all the identities with modern protocols, Single Sign-On, Conditional Access, Multifactor Authentication and Self Service Password Reset.

Also, to register and unsubscribe users based on membership or membership in security groups. This may be authorized by a member or owner of the process or application - all done automatically.

author avatar

@Ram Chenna ​Hi Ram! I would suggest that this is a great place to start https://cpl.thalesgroup.com/si...  

author avatar
Community Manager

Hi @Amimesh Anand, @Matt Thomson, @Alfredo Silva ​and @Chris Derjany.

Can you please chime in into this discussion and share your professional opinion?

author avatarRam Chenna (Blueray Digital Services)
Top 5LeaderboardReal User

@Evgeny Belenky Thanks so much

Find out what your peers are saying about SailPoint, Omada, ForgeRock and others in Identity Management (IM). Updated: January 2022.
564,599 professionals have used our research since 2012.