What Should IT Be Able To Provision Access To?

By Rajat Bhargava Posted August 1, 2016

A lot has changed for IT in the last decade.

The Cloud has been leveraged. WiFi has become omnipresent. Desktops have been replaced with laptops, Macbooks, tablets, and smartphones. And don’t get us started on all the new apps… and social networks… and apps for managing social networks.

The list of different resources that IT is expected to (and required) to manage user access to has expanded at an incredible rate. Here’s your guide to what resources IT should be able to provision access to today.

Wide Range of Devices

hi res logos

IT has been provisioning access to Windows devices for a long time now. But Apple and Linux machines have been gaining ground year after year. A 2014 survey of IT professionals found that over 90% of businesses use Apple products (JAMF).

Enterprise Mac Management is no longer something that IT departments can safely avoid. But that’s not stopping it from happening. It simply isn’t secure and it isn’t efficient to ignore.

Infrastructure-as-a-Service (IaaS)

AWS

“93 percent of organizations surveyed are running applications or experimenting with infrastructure-as-a-service.”

– RightScale, 2015

From Virtual Machines (VMs) hosted internally to Amazon Web Services (AWS), Infrastructure-as-a-Service has become a huge part of the way get business gets done in the modern enterprise. AWS is leading the charge as the most popular IaaS, but there is no shortage of big players in this arena, from Google to Rackspace, Digital Ocean, and IBM.

Internal Apps

If you thought that the migration to the cloud meant that companies would exclusively use third-party, SaaS-based apps, then you thought wrong. In fact, “68 percent of enterprises run less than a fifth of their application portfolio in the cloud” [RightScale, 2015].

Developed in-house and stored on-premises, internal apps are generally customized to fit the unique needs of each business. This can sometimes make them tricky to manage for IT, but that doesn’t mean that you get a free pass on provisioning access.

Third Party Apps (SaaS)

3378793

The number of SaaS-based apps increases year after year at businesses around the world. The trend may have started with Salesforce, but now includes other big players, such as Google Apps and Microsoft Office 365, competing for space in the office workflow.

SaaS-based apps have become such a huge part of the way work gets done that they’ve become impossible for IT to ignore. Ideally, your directory service is able to authenticate access to these apps so that onboarding and offboarding users doesn’t become an all-consuming process.

WiFi

In a way, things were simpler before WiFi became the de facto standard. Sure, every work station had to be plugged in in order to access the Internet, but at least that way IT was able to track exactly who was online – and it certainly couldn’t be somebody parked in their car outside on the sidewalk, hacking onto the network with nefarious intent.

2000px-Wi-Fi_Logo.svg

Today, if you want totally secure, centralized control over every user logging on to your WiFi network, the best way to achieve it is through RADIUS-as-a-Service (also known as Virtual RADIUS).

How is it Possible to Manage all of these?

In a perfect world, every user would have one identity / set of credentials that would be able to access all of these resources.

In reality, at most offices, the number of identities has just kept going up. This is called Identity Sprawl and it’s part of the reason why we at JumpCloud say that IT is in the middle of an “Identity Crisis”.

But don’t throw in the towel yet. The cloud has put IT in this mess, but the cloud can also get IT out of it.

Provisioning Access to IT Resources Effectively

Ultimately, the directory service is at the root of identity and access management. In order to provision access to all the resources in use at companies today, you need a directory service that can communicate in a wide variety of protocols, that works well with Windows, Mac OS X, and Linux devices, and that is natively designed to integrate with cloud infrastructure. This is called a cloud directory, virtual directory service, or Directory-as-a-Service® (DaaS).

Take a look at the diagram below that lays out JumpCloud’s Directory-as-a-Service® offering:

daas-landscape

As you can see, the cloud-based directory service touches on all the resources we mentioned above that IT needs to be able to manage, provision, and de-provision access to, including IaaS, Google Apps and Office 365, WiFi, and Windows, Mac OS X, and Linux devices.

At the center is JumpCloud’s centralized user management console, which provides complete control over user access control from the admin’s browser.

If you want to make identity management and access provisioning a breeze across all of your IT infrastructure, then you can give our virtual directory service a try for free right here. If you have more detailed questions about exactly what JumpCloud’s Identity-as-a-Service is capable of, we encourage you to contact us directly.

Rajat Bhargava

Rajat Bhargava is co-founder and CEO of JumpCloud, the first Directory-as-a-Service (DaaS). JumpCloud securely connects and manages employees, their devices and IT applications. An MIT graduate with two decades of experience in industries including cloud, security, networking and IT, Rajat is an eight-time entrepreneur with five exits including two IPOs, three trade sales and three companies still private.

Recent Posts