Identity Resilience Explained: 6 Frequently Asked Questions from Our Product Professionals

As Identity Resilience gains momentum as a priority initiative for cybersecurity professionals, certain tools, like MightyID’s identity security solution, are relatively unknown. Executives and tech leaders are often surprised and excited to see the advancements that have been made in protecting IAM systems in the event of an emergency or error.  

After performing hundreds of implementations, free trials, and proof-of-concept exercises, our technical team has worked through a myriad of scenarios and challenges brought by MightyIDs clients. Despite the extreme need for identity resilience solutions, even the most technical professionals are still learning of the options at their disposal.

We’ve sat down with our technical team to help answer some of the common questions around MightyID – how it works, and how it helps critical business functions running in the event of a disaster.  

Question: What Identity Providers does MightyID support?

Answer: Currently, MightyID supports Okta WIC, Okta CIC (formerly Auth0), and Microsoft EntraID (formerly Microsoft AzureAD). Our product roadmap includes the addition of new IdPs every six months.

‍

Question: We know the backups are fast, but how fast are they, really?

Answer: Obviously there are always factors that influence exact timing, but on average, a backup takes roughly 1 hour to complete 300,000 objects. An object can be either a user, group, application, policy, or association (i.e. the relationship of a user and their group assignment).  

For example, if we are backing up 10 users who are each assigned to 1 group, we are backing up 21 objects. 10 users + 1 group + 10 user/group associations = 21 objects.

‍

Question: What does MightyID back up from an application perspective?

Answer: MightyID backs up and restores through the API. So, from an application perspective, some of the items MightyID is backing up include logos, notes, and the visibility.

‍

Question: Data privacy is non-negotiable. What do you do with KMS?

Answer: MightyID allows you to enter your KMS. So, MightyID just gives you a place to store the data (our AWS tenants) and we do not have access to any of your data.

‍

Question: What are the options for MFA that MightyID provides for sign-in to the platform?

Answer: Currently, MightyID supports authenticator apps such as Okta Verify, Auth0 Guardian, Google Auth, etc. But if there is another form of MFA that is necessary (for example, Yubikey), our team works with you to implement the solution your team requires.  

‍

Question: How can I see what data is in the backup as opposed to my tenant to compare?

Answer: MightyID displays everything included in each backup. Users can then choose the level of granularity required for a restore by selecting the desired objects from the backup. You will be able to compare the backup side-by-side with the existing data.

Below are some additional common questions we receive on a regular basis. Reach out to your rep at sales@mightyid.com to get answers to these and more!

• How does MightyID anonymize personal data?
• Can I store backups in my AWS tenant?
• What is the user experience like during an Okta to Microsoft EntraID (a.k.a. Azure AD) migration?
• How does MightyID help in my SOC 2 compliance efforts? HIPAA? ISO 27001?

‍