The process for controlling user access to a company’s resources has changed with the evolution of the Internet and introduction of more cloud-based services. Not only do employees access an organization’s IT infrastructure, but third party contractors, vendors, and temporary workers also require access.
The Modern Company: Hiring the Best Talent
An organization’s structure is no longer simple since it’s employees aren’t required to be on-premise to access the resources they need to do their jobs. This way of working complicates personnel strategy, since companies now also leverage contractors and vendors from around the world. On the upside: Today’s global economy allows organizations to find and hire the best talent. But the modern company structure also creates an IT challenge.
The Challenge: Securely Controlling User Access
In today’s global world, IT organizations must securely control access to their internal resources, which include devices, applications, data, and even the network itself. IT admins first need to determine the best way to provide the appropriate levels of access to employees, contractors and vendors, without compromising security. Over the last few years, a number of major security breaches have occurred due to improper third-party access controls.. The most significant security breach was the Target breach. A third party was compromised and so was their access into Target’s network, resulting in millions of credit cards being stolen.
The Old Way: Keeping Everything On-Premise
In the past, most companies used Microsoft® Active Directory® and OpenLDAP™, two one-premise software solutions that serve as directories. These directory services fundamentally controlled user access. IT admins would populate the directories with the users within the organization and set their access rights. As a result, those user stores controlled who had access to what devices, applications, and networks. Yet, some IT admins using AD or OpenLDAP are reluctant to put temporary or part-time workers into their core directory service solution, because there is often concerns about co-mingling users, inadvertently providing higher levels of access, and compliance issues. As a result, third parties, like contractors and vendors, and their access rights are often not managed well.
The New Solution: Leveraging Directory-as-a-Service
The past is the past for a reason, especially in technology. Old ways of working are outdated and limiting. Nowadays, IT admins can leverage a better solution: JumpCloud® Directory-as-a-Service® (DaaS). Directory-as-a-Service is a centralized cloud-based directory service that will connect users to a variety of devices, applications, and networks. This solution works for modern, global companies, because third parties are managed inside of DaaS and connected, depending on IT protocols, to the on-premises directory service or kept completely separate. Users are placed into the directory database and then added to the IT resources that they need to access. Because access is easy to grant and terminate, third parties can be given only the access they need, even if it’s only for a few hours. The advantages of Directory-as-a-Service include the ability to easily manage third parties outside of the organization’s network, the ability to manage access cross-platform, and the integration with cloud infrastructure and services.
Controlling contractor and vendor access to your IT resources doesn’t need to be time consuming, difficult, or risky. By finding the right platform – Directory-as-a-Service – IT admins can generate the productivity gains they need while also keeping the network secure. Drop us a note to learn more about Directory-as-a-Service, or give JumpCloud a try for yourself. The first 10 users are free forever.