The Cloud is here to stay. Ever since Amazon introduced the Elastic Compute Cloud in 2006, more and more IT can be obtained as a service. This allows organizations to label IT as ‘not my core business’ without entering into tedious IT-sourcing constructions. No wonder that phrases such as ‘Cloud, unless…’ are increasingly common in many IT strategies. But what can the Cloud offer for Identity Driven Security solutions? Some solutions already offer many features. CloudServices for Access Control (authentication, federation, etc.) have a rather solid track record. Gartner even produced its ‘own’ Magic Quadrant for it. And naturally, the area of Cloud Security makes use of CloudServices as well. What about Identity & Access Governance (IAG)? This topic strikes the hard reality of On-Premise legacy applications, valuable custom applications and deep-rooted systems that aim to support the business processes. In addition, IAG often requires customer-specific implementations to support existing business processes. This raises the question whether you are willing to adjust your business processes. In past years, we as Grabowsky were able to help many customers with IAG. At first sight, Cloud may seem a bridge too far for Privileged Account Management (PAM) solutions. Storing the ‘keys to the kingdom’ on an infrastructure that is owned by a third party still makes many CISOs shiver. Yet this area is also quickly developing towards an accessible, fully secure and well-functioning functionality. CloudServices themselves are also being further developed. The monolithic solution in the Cloud is slowly transforming into the more versatile Microservices. This allows you to obtain two-factor authentication from service provider A and a workflow from service provider B. The use of standard connectors and APIs add a whole new dimension to these services in the Cloud. Although traditional On-Premise legacy applications can be integrated with the new Cloud Microservices, they still have its own share of challenges. For example, it is increasingly challenging for organizations to recruit and bind specialists, to bridge the gap between needs for improvement that arise from daily operations and the features that complex solutions offer. And that challenge conceals another one, which is the need to reduce the complexity that, despite all the best intentions, has been implemented over the years. How do we choose the best path forward with all these trends and challenges? The answer is not only in the choice for a specific technology. What fits your organization best? Although clear-cut answers are not always available, we can conceive of the following forms: On-Premises: there is and will always be a demand for On-Premise solutions, for example for organizations that are part of the vital infrastructure. Managed Service: organizations that have invested in On-Premise solutions over the years wish to be unburdened. This is also an obvious path for organizations that cannot or do not want to change their business processes. Hybrid: situations that combine On-Premise solutions with (parts of) a Cloud Solutions to create a migration scenario that allows you to use your own strategy in switching to the Cloud, or not. Cloud: organizations that start from a greenfield can launch a Cloud Solution and grow along with the trends. The objective is always supporting the business processes as efficiently as possible. As far as we are concerned, proven architecture principles and an actively involved organization are the keys to success. In the area of Identity Driven Security, Grabowsky is focused on preventive measures with IT solutions at its core. We will gladly advise you on mitigating demonstrable risks and threats and put you on the right path for achieving your objectives. For now and in the future. Always from the perspective of the bigger picture.