How Capital One Put Identity in the Cloud

As the world moves increasingly online, organizations must grapple with the fact that their identity systems have to keep up with growth in users, applications, and data. To remain competitive, having the latest identity capabilities is non negotiable.

Capital One realized its customers and employees required a more secure and seamless experience that would only come with a fully integrated identity solution. They also wanted to take advantage of the scalability and flexibility of the cloud. But they also needed the reliability and customization benefits that’s usually only found in on-premises software.

When it comes to choosing where to deploy an identity system, let’s do a quick refresh. There are several deployment options to consider: Identity-as-a-Service (IDaaS) and on-premises software, as well as a combination of both in an advanced hybrid solution.

IDaaS is a cloud identity technology that doesn't require any infrastructure or ongoing maintenance, thereby making it easier to implement, while on-premises software allows you greater freedom in terms of customization and is an excellent choice for businesses looking for maximum uptime and control.

Sometimes, though, pure IDaaS options may need to be supplemented with on-premises solutions, for example, due to regulatory and compliance standards or uptime requirements, especially for large organizations that still rely heavily on legacy systems. Equally, if the goal is to simplify application and user management, then companies may need to extend their on-premises software with cloud deployments to gain greater agility and automation.

It's critical for companies to therefore pick a solution that allows them to integrate these deployment choices to achieve the most effective fit for your company architecture. You should be able to transfer between models and control where your identity is deployed, which is exactly what Capital One did when they migrated their Ping Identity infrastructure to Amazon Web Services (AWS).

Capital One was already a Ping customer when they decided to move their identity infrastructure to the cloud. The bank had multiple instances of Ping Identity software across various regional data centers. They initially tried to migrate this software to the cloud with Amazon Web Services (AWS), but the process was too long and cumbersome. They needed an easier, more automated way of making scalable changes.

Capital One quickly settled on cloud containerization to simplify the migration. Containers would also enable the bank to quickly spin up or shut down instances of Ping software to match demand and keep costs under control. This approach resulted in impressive operational improvements. Notably, the development team became able to respond to the business quicker than ever before by enabling self-service application onboarding and management and eliminating repetitive, manual tasks.

Crucially, Capital One’s development team was able to achieve this without sacrificing control or uptime. Compared to traditional deployments, they can easily bring resources online or offline with greater speed and precision. If they notice an issue, they can fix it and push a new version into production while sticking to their uptime goals. And they can manage all their environments from a single point of control, which has improved efficiency and freed them up to tackle more strategic work.

To get all the details on how the Capital One team successfully and securely shifted their Ping Identity infrastructure to the cloud, watch our webinar: “Capital One’s Cloud Security Journey with Ping Identity on AWS.”

The value of moving workloads to the cloud makes IDaaS the obvious solution for most small and medium-sized businesses. But large enterprises don’t want to sacrifice the control and customization benefits of software, nor do they want to disrupt business continuity during a migration.

At Ping, we recognize our clients’ long-term cloud vision and their diverse requirements. That’s why we provide different cloud deployment options to suit each organization’s unique needs. The PingOne Cloud Platform is a single, unified identity platform that adapts to the reality of hybrid, multi-cloud deployments for large organizations.

For example, we offer PingOne Advanced Services, which provide the maximum level of customization, together with all the advantages of a cloud deployment. Meanwhile, for simpler use cases, PingOne for Workforce and PingOne for Customers provide integrated identity capabilities and tools to help you orchestrate seamless, identity-aware digital experiences for employees, partners, and customers.

Capital One is a great example of how hybrid, multi-cloud IT can be successful. As one of the largest banks in the world, it has a complex infrastructure that needs to support many users. Through the bank’s partnership with Ping, it successfully moved to AWS while maintaining ultimate control of its identity infrastructure. Watch our webinar replay if you're interested in learning more about this process. You'll hear from the Capital One team about their journey and get tips on making the switch yourself.