IAM SSO Streamlines Onboarding and Offboarding AWS Users

With industrial IoT and commercial telematics demanding advanced identity management, see how the IAM SSO Federation facilitates just-in-time access.

CDW Expert

Protecting data when third parties are involved

47%

percentage of CISOs whose organizations have experienced an identity management attack in the last year¹

20%

percentage increase in access broker ads on the dark web by threat actors ramping up credential-based attacks²

Can robust security coexist with seamless workstreams?

A REAL-WORLD EXAMPLE

A Major Migration Can’t Slow Down for Security

An electronic instrument manufacturer needed assistance with cloud governance and platform engineering to prepare for a major migration from its data center.

Since this work involved multiple third-party vendors and contractors, the manufacturer also needed a secure identity management solution that allowed easy onboarding and offboarding of users to AWS environments. The manufacturer worked with CDW to implement a just-in-time access solution that would be:

Well architected
Easy to implement
Transparent
Compliant with cybersecurity directives and existing procedural guidelines for onboarding through Microsoft Enterprise Active Directory

THE TURNING POINT

Securely Automating User Access

To automate user provisioning and de-provisioning, CDW helped set up the IAM SSO (Identity Access Management Single Sign-on) Federation with SCIM (System for Cross-domain Identity Management). This helped establish an accurate record and allowed for just-in-time access — a security strategy that minimizes the risk of unauthorized access by granting permissions only when they’re needed, for a limited time.

Granting access just before it’s needed, and automatically revoking it once the task is completed, reduces the attack surface and limits the window of opportunity for potential breaches.

Leveraging Microsoft Enterprise AD to manage groups, automate onboarding processes and implement MFA (multifactor authentication) kept the manufacturer’s workstreams seamless. It also facilitated AWS access without the need for extensive work or attribute mapping, which had already been completed in previous initiatives.

Microsoft and CDW

CDW’s expertise with Surface, Microsoft 365 and Azure gives your teams the freedom to work their way with a portfolio of versatile devices, services and exceptional modern security wrapped into one management platform built for modern work.

Learn More

Cloud solutions and services

CDW helps you accelerate your digital transformation through expert implementation and successful adoption of cloud-native solutions, from cloud orchestration and containers to infrastructure as code.

Learn More

THE RESULTS

Robust Security that Doesn’t Disrupt Workstreams

A female IT professional works at a desk surrounded by multiple monitors.

With the deployment of the IAM SSO Federation, the instrument manufacturer was able to achieve organizational identity management and access without disrupting any existing onboarding/offboarding automation.

Here’s why it worked:

CDW helped the manufacturer’s IT team leverage the identity provider (Entra AD) and AWS organizations’ single sign-on.
The IAM Identity Center, permission sets and SCIM integration are centrally managed and maintained through a single interface.
This framework gives users a seamless and secure experience.

What’s next?

With the secure completion of its migration, the instrument manufacturer can now confidently keep pace with the rapid development of industrial IoT and commercial telematics.

“The AWS IAM Identity Center and SCIM integration introduced automation, streamlined provisioning, consistent access control and compliance. It established robust identity management and enhanced security across the entire cloud ecosystem.”

Mike Wiseley, CDW Principal Consultant for Digital Velocity