enterprisesecuritymag

4 Rivers: IAM and PAM Delivered Out of the Box

Johann Belau, Managing Director, 4 RiversJohann Belau, Managing Director The versatility of Identity Access Management (IAM) and Privileged Access Management (PAM) is maximized when these solution sets are delivered in a straightforward packaged solution. Simply because, quite a few customers prefer an easy-to-setup solution, owing to the myriad of internal restrictions that hinder a seamless implementation process. Johann Belau, managing director of 4 Rivers, summarizes one of the many inadequacies faced by end-users when rolling out IAM or PAM based IT infrastructures. “If an administrator were to access a certain asset that he or she would want to work on, they would need to log in to the PAM suite, in addition to the corporate VPN,” highlights Belau. “We have found a workaround to this arduous process by binding all of these processes with Okta Identity Cloud to facilitate easy access of the assets in question by making it comfortable and scalable within the infrastructure.”

Belau’s firm, 4 Rivers, connects the user logs with Okta to conduct such accessibility sessions through PAM, thereby targeting the required asset without the aforementioned hassles of navigation. 4 Rivers circumvents quite such IAM and PAM hurdles, allowing customers to carry out a multitude of business operations, or orchestrate transition processes such as acquisitions or consolidation of data-driven assets across different locations or networks. The company’s functional capabilities ensure that customers need not implement a PAM or IAM solution across each network node or area distributed over multiple regions. Instead, 4 Rivers enables users to centralize PAM or IAM solutions in a defined data centre and interconnect distributed networks and assets through VPNs using Okta Identity Cloud. Collectively, 4 Rivers provides the full range of One Identity’s PAM suite of services—Safeguard—encompassing processes such as planning, proof of concept, installation, upgrades, and migration as well as a care-free managed services.

The Mainz-based company specializes in five keys areas: traditional identity and access management, cloud-based identity and access management, privileged access management, active directory management, and high security mobile VPN Networks. And, in addition to its prolific partnerships with Okta and One Identity, 4 Rivers also adopts Viprinet—a high security mobile VPN network—to address problems such as slow internet bandwidth across off-site locations and mobile use cases.

Improvising on the Merits of Access Management

As an expert that has taken the front row seats to the evolution of access management solutions throughout his career, Belau says that newer PAM solutions such as the One Identity Safeguard have become as good as industry-standard solutions like CyberArk.

It just works out of the box

One Identity Safeguard is considered to be easier to set-up and maintain for customers that do not necessarily require special or sophisticated functions. The less expensive and more straightforward Safeguard solution is pre-packaged with virtual images that require a network configuration and the eventual roll-out. “It just works out of the box,” adds Belau.

Elaborating on the idea of delivering out of the box solutions, Belau recollects the time he worked for One Identity, engaging with large-scale enterprises such as BMW, Deutsche Bank, and more. These clients required a high degree of customization concerning access management. “The amount of customization needed was virtually the equivalent of a new development process. One had to rebuild the software in such a way that none of the preexisting functionalities remained as they were. And clearly, such an approach proved to be unfeasible for smaller companies,” he adds. Businesses that do not require a sophisticated IAM or PAM function set would expect high value out of the box. These companies quite often do not have the necessary budget or the time to accommodate exuberant installation intervals or the workforce to cope with the herculean task. This predicament led Belau to improvise upon the access management status quo, thereby offering identity and access management as an out of the box, virtual solution that could fetch maximum benefit to the client immediately. Such architecture helps clients on the verge of an enterprise transition, which would make projects much more predictable and economical. Moreover, 4 Rivers’ partnership with Okta further enhances the merits of One Identity, mainly owing to the sheer number of functionalities available on the platform while offering a highly intuitive and comfortable interface for clients.

Leading by Example

Quite recently, 4 Rivers engaged with a company that managed around ten powerplants in Germany, tasked with the challenge of consolidating their IT infrastructure. The client sought the introduction of PAM in their IT infrastructure to manage and monitor the portfolio of powerplants. The client had a superficial understanding of their network infrastructure and did not have the necessary network documentation for access management, as the powerplants were added to the client’s infrastructure quite recently. Figuratively, installing a PAM solution on each of the powerplant nodes was unfeasible to the client. To address this challenge, the client worked with 4 Rivers by renting and customizing a data centre with the necessary prerequisites for IAM and PAM functionalities. 4 Rivers connected the powerplants distributed throughout Germany by orchestrating the network through VPN and allowing the administrator or the user to choose the server that needs to be accessed through the PAM solution. This architecture ensured zero dependencies on the local network or IT staff present at each of the powerplant locations, as they were all managed centrally.
4 Rivers has looked into the possibility of further building upon this solution and introducing Okta, eliminating the need to log into a VPN to access PAM. “We will try to integrate Okta into the network of powerplants by combining it with One Identity, such that users can log in through the active directory credentials and connect to the PAM solution in a more comfortable way. One Identity has a very nice and user-friendly web interface, which allows each of the users to access their relevant network or asset with ease,” explains Belau.

Rising to the Occasion

The after-effects of the COVID-19 pandemic has shortened the financial runway for small and medium-sized businesses; in these trying times, the excellence showcased by solution providers such as One Identity and Okta is noteworthy. Evidently, in the face of such economic turmoil, spending a considerable amount of capital on large-scale access management projects could damage the sustainability prospect of these companies, particularly when most of the workforce continues to operate from home and would not be able to address such implementation needs immediately. Belau says that such expenditure could easily be avoided without tinkering with shell scripts to gain access to servers that are scattered across remote data centres. The managing director firmly believes that all of these business prerequisites can be addressed in a realistic timeframe within an economical budget, effectively dodging the resource-intensive implementation durations. More importantly, hosting these access management solutions on AWS or similar enterprise platforms could quickly burn a hole in the pockets of small businesses, in addition to burdening them with the complex licensing model. Without the right approach to access management or an effective hosting solution, provisioning access management could do more harm than good.

“One Identity has a very nice and user-friendly web interface, which allows each of the users to access their relevant network or asset with ease”

4 Rivers is well-poised to suffice such needs, as they understand these small and medium-sized businesses’ requirements firsthand. As a local business operating from Germany, 4 Rivers ensures that its clients maximize the value of IAM and PAM solutions out of the box. However, the company does not shy away from exploring uncharted territories, and the managing director says that geographical expansion is just a few hires away. Regardless of the future holds, 4 Rivers continues to address requirements for small and medium-sized businesses that larger organizations would not necessarily comprehend. It checks all the right boxes for clients, without financial exuberance or excessively complex solution sets.

In conclusive words, Belau sheds light on the company’s unique value proposition: “Our main differentiator is our approach to deliver value to our customers. We call it the ‘Model T approach’, after a famous one-liner attributed to Henry Ford: you can get any color you want as long as it’s black.”
- Aaron Pierce
    December 09, 2020
Share this Article:
4 Rivers

Company
4 Rivers

Headquarters
Germany

Management
Johann Belau, Managing Director

Description
4 Rivers connects the user logs with Okta to conduct such accessibility sessions through PAM, thereby targeting the required asset without the aforementioned hassles of navigation. 4 Rivers circumvents quite such IAM and PAM hurdles, allowing customers to carry out a multitude of business operations, or orchestrate transition processes such as acquisitions or consolidation of data-driven assets across different locations or networks. The company’s functional capabilities ensure that customers need not implement a PAM or IAM solution across each network node or area distributed over multiple regions. Instead, 4 Rivers enables users to centralize PAM or IAM solutions in a defined data centre and interconnect distributed networks and assets through VPNs using Okta Identity Cloud. Collectively, 4 Rivers provides the full range of One Identity’s PAM suite of services—Safeguard—encompassing processes such as planning, proof of concept, installation, upgrades, and migration as well as a care-free managed services