By Zach DeMeyer Posted August 24, 2018
If web application single sign-on (SSO) solutions—also known as Identity-as-a-Service platforms—are so popular, why is an alternative even necessary? It’s a great question, but the intent of the question is much broader for most IT admins. An alternative to an Identity-as-a-Service solution is really more about creating an integrated approach to identity management rather than just an alternative to web app SSO.
The Way it Was
Before we can address modern identity management, let’s dive into the way it was done in the past. Traditionally, IT organizations leveraged an on-prem identity provider (IdP), such as Microsoft® Active Directory® (AD), to act as the arbiter of user identities. With an IT market dominated by Windows®-based tools, identity management was relatively simple, given that AD could control Windows environments with ease.
The IT landscape has shifted dramatically over the last decade. The rapid advance of innovation in the market is causing IT admins to struggle with their approach to identity management and security. Namely, applications that used to be on-prem have shifted to the cloud. The on-prem AD was not suited to tackle the job all alone. That’s when/why IDaaS hit the scene. If you consider AD to be like a flat tire, usable but not ideal, then IDaaS/SSO solutions act as a sort of patch. Piling SSO tools on Active Directory could essentially patch the holes left by web apps.
That architecture, unfortunately, just isn’t enough in a constantly changing IT world. With cloud servers from AWS®, Mac® and Linux® machines, WiFi security, and more, even with IDaaS tools attached, AD just cannot cut the mustard of the modern era. Due to these shortcomings of the AD+SSO architecture, considering an alternative to Identity-as-a-Service is starting to make a lot more sense.
The Rubber Hits the Road
As any smart car owner knows, you can’t responsibly drive around with a patched up tire. It’s just not safe; you need to get a new tire. IT admins continue to consider their next generation identity management approach, and as they do, it seems like admins don’t want to keep patching; they want a new tire.
Their thought process is to shift their IT management tools infrastructure to the cloud while finding a solution that can integrate a wide range of capabilities. For many organizations, this thought process is a tough ask. How can you wrap up all the functionalities of AD and IDaaS into one solution?
Alternative to Identity-as-a-Service: Directory-as-a-Service®
Well, a modern IDaaS implementation isn’t just web app SSO, but rather a complete identity provider. This IdP should be capable of connecting user identities to systems (Windows, Linux, Mac), web and on-prem applications via LDAP and SAML, cloud and physical file servers (e.g. NAS appliances, Samba file servers, Box™, etc.), and wired and WiFi networks through RADIUS. While it seems like quite the laundry list of functionalities, this identity provider is no pipe dream. Better yet, it’s available to the IT world.
It’s called JumpCloud® Directory-as-a-Service®, and it’s a reimagination of the legacy Active Directory for the cloud era. With JumpCloud, identities can be managed regardless of location, platform, protocol, or provider. Add to that a True Single Sign-on™ experience with LDAP, SAML, and RADIUS-as-a-Service, as well as multi-factor authentication (MFA) and SSH key management for identity security, and you’ve got a cloud directory service for the modern era.
Contact our expert support team to learn more about how JumpCloud Directory-as-a-Service just may be the alternative to Identity-as-a-Service that your organization is looking for. You can also check out our YouTube channel for videos on the subject, or even demo JumpCloud to see it for yourself. If Directory-as-a-Service seems like the identity provider solution for you, consider signing up for JumpCloud. Not only is signing up free and doesn’t require a credit card, but it comes with your first ten users absolutely free.