Migrate SSO for employee Web Access Management based applications
Implementation Effort: High - Customer IT teams need to execute migration projects involving multiple application owners and technical stakeholders.
User Impact: High - Employees must be informed and possibly retrained due to user experience changes post-migration.
Overview
Migrating Single Sign-On (SSO) for Web Access Management (WAM)-based applications involves shifting authentication from legacy on-premises solutions, such as Oracle Access Manager or CA SiteMinder, to Microsoft Entra ID. This migration centralizes user identity management and improves security by leveraging Entra's Conditional Access policies. It aligns closely with the Zero Trust principle "Verify explicitly," because authentication in Entra ID uses continuous verification of user identity, device health, and location data. It also supports "Use least privilege access," enabling risk-based, adaptive policy controls. Not completing this migration maintains reliance on outdated systems that lack modern security features, increasing vulnerability to identity-based attacks by threat actors, as legacy systems rarely adapt to real-time risks and breaches.
Web Access Management (WAM) is a specialized identity management system designed to control and secure access to web-based resources and applications.