Authorization for Global Scale Services
A company hits performance limits of their legacy authorization server.
A global-range cosmetics company has launched digital services for their products. This step is in line with latest trends in the sector. The services get popular quickly and the company experiences scalability challenges. One of the key challenges are not services themselves but the authorization and enforcement scalability.
The company launches mobile applications and aggressively encourage their customers to register. This move brings a spectacular success.
The applications are used on a daily basis by their customers to get advice and reminders, track their activities in the services and learn about new products and special offers. Such a customer behavior and application usage pattern results in a high services load on a daily basis. More importantly though, it leads to a peak load each time a new product is launched.
Regular service overloads resulting in a bad user experience make the company investigate the cause of the problem and troubleshoot it.
The company goes serverless with key services, which puts an end to the scalability problem during load fluctuations and optimizes costs with the pay-per-use model. Still, the bottleneck is with authorization and enforcement, which do not scale with services.
The cause is twofold: the authorization model itself and the software incapable to scale and support any other authorization model.
The company needs a rapid model improvement and a modern software that addresses the challenges with minimal changes in the current service architecture.
The company recognizes Cloudentity’s ACP performance benchmarks, scalability, serverless support, and the easy of the authorization model integration.
The company takes the following actions:
- Installs ACP next to their existing authorization server that augmented their security infrastructure thanks to leveraging bring-your-own-identity model,
- Eliminates major bottlenecks by changing the authorization model to the centralized access control management and the distributed enforcement,
- Leverages Cloudentity’s support for serverless access enforcement with MicroPerimeter™ sidecar to protect their services and scale along with them,
- Eliminates performance limitations of their legacy authorization system,
- Uses rich authorization policies and authorization server settings to effectively protect resources appropriately to the use case.
The company eliminates performance bottlenecks without replacing their current infrastructure.
Peak loads do not cause the authorization system overload anymore. Tools for the scalability and serverless protection offered by Cloudentity are hardly available on the market from anyone else.
The company can define access control rules to protect resources effectively and get the user consent for third-party applications.