Author: Veli-Pekka Vähälummukka, Program Director at Trivore
How many times have you wondered what happens if Microsoft Entra ID or Google Workspace decides to take a nap? Not due to a user error or a wrong password, but a situation where the entire public cloud IdP is simply out of service.
The answer is usually a silent admission: “Well, then no work gets done.”
And that is a problem.
Not because those services aren’t good—they are. But when an entire company’s IT ecosystem relies on a single identity service, you have built a modern office building where the only entrance is that one main door. And the key to that door is in someone else’s pocket.
These situations are not theoretical. Microsoft Entra ID has had several significant outages in recent years, and each time, thousands of organisations have been left waiting with their hands in their pockets. In July 2024, the CrowdStrike update crashed 8.5 million Windows devices globally and demonstrated how dependence on a single provider can paralyse entire industries. It is not a question of if, but when.
So, What Should Be Done?
Perhaps many think we should just trust our luck and patch the fault when it arises. This is the same logic as not acquiring backup power until the data centre shuts down for the first time.
A smarter way is to build layers in advance. Yes, it means extra work and investment, but the cost of maintaining a backup system is predictable. The cost of a total outage is not, especially when you add lost working hours, the cessation of customer service, and reputational risk to the bill.
A Parallel Local Identity System
In practice, this means you do not rely solely on one cloud IdP. It is worth setting up a parallel local system that runs on your own hardware or in your own private cloud environment.
Trivore ID has been built specifically for this need. It supports OIDC and SAML protocols, so it works with your existing applications as they are. If necessary, it can act as the primary IdP if the cloud provider’s service is down. And because it runs in your own environment, the decision-making power remains with you, not in the cloud provider’s support queue.
It doesn’t have to be all-encompassing. However, you must be able to handle authentication for your most critical systems without having to call Microsoft to ask when the service will return.
Get Your “Break-Glass” Accounts in Order
Another concrete step is having so-called “break-glass” accounts. It sounds dramatic, but in practice, it’s a simple idea: strictly controlled emergency users, stored in a physically secure location, which can access management systems even when cloud MFA is unresponsive. These are not for daily use, but in a crisis, they are more valuable than Kari Mattsson’s phone number.
Standards Solve the Room for Manoeuvre
If your applications correctly support OIDC or SAML protocols, you have the opportunity to change IdP providers without having to reconfigure every application from scratch. It isn’t easy, but it is possible. Without standards, you cannot change providers even in theory.
At this point, it is also worth evaluating whether your current systems support these standards sufficiently well. If they don’t, that is also good to know before the crisis, rather than after it.
The Process on Paper Before it is Needed
A technical solution alone is not enough, however. You need a process—a written plan of who does what and with which credentials when the normal authentication pipelines are cut. Who takes responsibility? Who communicates to users? In what order are services restored?
Test the scenario in a closed environment before you have to learn it in production under pressure. Practice reveals gaps faster than any document.
Sovereignty Does Not Mean Isolation
Sovereignty does not mean you have to build your own cloud in a basement, disconnected from everything. It means the ability to operate when the connection to the big cloud is cut. This may only be temporary, but “temporary” doesn’t help if everything stops immediately in the first second.
So, think: which types of systems are your most critical—administrative connections to the data centre or end-user application access? That is where the prioritisation should begin.
And if that main door ever locks, it is good to know that an emergency exit already exists. And the key is in your own pocket.
Do you want to assess your organisation’s level of identity preparedness? Contact us—let’s look at the situation together.