Centralized Password Management With DaaS

By Vince Lujan Posted July 23, 2017

Centralized Password Management

Centralized password management refers to the ability to manage user passwords from a centralized location within a network. A key advantage is that a centralized password can be leveraged for access to a wide variety of compatible IT resources. In an age when 85% of enterprises utilize multiple cloud-delivered services, according to RightScale’s 2017 State of the Cloud Study, centralized password management has never been more important.

This blog post defines centralized password management and why it is critical for your organization’s IT security.

Password proliferation

password management cloud

Taking a holistic view, passwords, as they relate to identity and access management (IAM), refer to a digital key typically used to verify a user identity. Modern passwords come in all shapes and sizes (e.g. text, certificates, biometrics, etc.). However, text based passwords or phrases are by far the most common. Regardless of the method, the core concept is simply to authenticate and authorize an individual user identity and to protect important data, applications, or networks.

This is simple enough when you only have to manage one identity — you either have the password or you don’t. However, things get complicated very quickly when you have to manage access to a large number of IT resources, each requiring unique user credentials. This has been the case for most cloud-forward organizations that leverage multiple SaaS applications and other cloud services day-to-day. Without centralized password management, most end users get around this by sharing easy to remember credentials across various resources (to the admin’s lament). However, implementation of a centralized password manager offers a much more convenient and secure solution.

SSO vs. Centralized Password Management

jumpcloud true single sign-on

Web application single sign-on (SSO) providers thrive in the IAM space by providing users with cloud based password storage to web applications. The advantage is that users no longer have to memorize various passwords for access to their web applications and they can manage passwords from one location.

However, first generation SSO solutions of this type have two significant challenges. The first is that they are aimed at SSO into web applications and not a user’s entire suite of IT resources. The second issue is that these IDaaS platforms are not the authoritative source of identities and still require an external directory service to authenticate and authorize user identities.  

Next generation cloud identity management solutions such as Directory-as-a-Service are integrating the concept of directory services and True Single Sign-On™ to consolidate access to virtually all of a user’s IT resources including systems, applications, data, and networks.

jumpcloud learn more demo

Directory-as-a-Service® enables administrators to manually set or change user passwords as well as configure password settings like minimum length, case sensitivity, and special characters. JumpCloud admins can also configure parameters regarding password history, expiration, and lockout after a set number of failed login attempts. The benefit for administrators is the added security and peace of mind from knowing all user passwords meet their standards. The benefit for users is that they only require one password to gain access to all of the digital assets they need to succeed and can utilize our self serve process for changing or resetting passwords at any time.

Directory-as-a-Service also provides administrators with the option to enable Multi-factor Authentication (MFA). MFA can work with any smartphone that supports TOTP, and can be configured at the system level, the application level, or both. System level MFA requires users enter an MFA code at startup. Application level MFA requires users enter an MFA code upon requesting access to specific applications. The benefit is having additional layers of security to protect your network and IT resources.

Sign up with JumpCloud today to see how Directory-as-a-Service can secure your organization with centralized password management. Your first ten users are free forever! You can also contact a member of our team for any product related questions or check out our solutions page for common use cases.

Sources:

Weins, Kim. “Cloud Computing Trends: 2017 State of the Cloud Survey.” Cloud Management Blog. RightScale, 15 Feb. 2017. Web. 17 July 2017. < http://www.rightscale.com/blog/cloud-industry-insights/cloud-computing-trends-2017-state-cloud-survey >.

Vince Lujan

Vince is a writer and videographer at JumpCloud. Originally from a small village just outside of Albuquerque, he now calls Boulder home. When Vince is not developing content for JumpCloud, he can usually be found doing creek stuff.

Recent Posts