Notifications
Clear all
Topic starter
15/05/2026 7:33 pm
TL;DR: Omada Identity Cloud Private places the full platform inside a customer-owned Microsoft Azure tenant, giving regulated organisations and public-sector teams a cloud deployment model that preserves tenant boundaries, keeps identity data in a chosen environment, and retains the SaaS release cadence, according to Omada Identity. The governance shift is real: cloud velocity no longer requires the same tenant-sharing compromise.
NHIMG editorial — what this means for NHI practitioners
Questions worth separating out
Q: How should regulated teams evaluate cloud-private identity governance platforms?
A: Start with tenancy, evidence, and operational ownership.
Q: Why does tenant ownership matter for NHI governance?
A: Tenant ownership matters because NHI records, secrets, and lifecycle evidence often need the same audit boundaries as human identity data.
Q: What is the difference between private IGA deployment and on-premises identity governance?
A: Private IGA in a customer cloud tenant keeps cloud operating patterns while preserving a controlled boundary, whereas on-premises deployment places the full stack inside customer-managed infrastructure.
Practitioner guidance
- Validate tenant ownership and boundary controls Confirm who administers the Azure environment, who controls logging and retention, and where identity data and workflow artifacts are stored.
- Map regulatory requirements to deployment topology Translate DORA, NIS2, FINMA, or similar obligations into concrete requirements for residency, audit evidence, and operational separation.
- Test release parity and change management Check whether the private deployment follows the same release cadence as the SaaS service and how emergency fixes are applied.
Regulated programs should align this choice with NIST Cybersecurity Framework 2.0 governance and protection functions, then validate the evidence trail before rollout?
👉 Read Omada Identity's overview of Cloud Private identity governance →
Explore further
15/05/2026 7:34 pm
Private cloud tenancy is becoming a governance requirement, not a packaging preference. Regulated buyers are increasingly evaluating identity platforms on whether cloud delivery preserves tenant ownership, auditability, and data locality. That is especially true when identity governance now includes non-human identities, which can carry the same evidentiary and residency expectations as human identities. The market signal is clear: procurement is shifting from feature comparison to control-plane placement, and practitioners should demand that distinction up front.
A few things that frame the scale:
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures, according to Ultimate Guide to NHIs.
- Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them.
A question worth separating out:
Q: When does a cloud identity platform create more governance risk than it reduces?
A: Risk rises when the platform is cloud-hosted but the team cannot explain tenancy, data residency, release drift, or operational ownership. In that case, the tool may improve workflow efficiency while weakening auditability. Governance fails when cloud convenience hides control ambiguity.
👉 Read our full editorial: Cloud-private IGA changes the governance trade-off for regulated identity
