By Rajat Bhargava Posted December 15, 2015
Centralizing identities within an organization has been a pipe dream for quite some time. With so many different types of IT resources to manage, IT has struggled, and understandably so, with having a single identity for each individual that grants access to whatever resources he or she needs, from laptops to web applications. Add cloud-based services like Salesforce or Google Apps into the mix, and centralizing identities becomes a nightmare for IT.
Disparate Identities Create Avoidable Security Risks
Disparate identities is a significant risk for a company. Effectively, it means that IT has multiple mini directories to manage. Each IT resource may need a separate set of logins. Because of that, IT loses control over managing the resources and spends an increased amount of time trying to gain that control back, mostly through culture, protocols, and best practices that are impossible to enforce.
Worst of all, disparate identities is a security risk. Each new identity needed is another potential one to be compromised. What’s more, IT needs to be aware of all of the different devices and applications in use, which in the era of shadow IT is an uphill battle.
The Change in Centralizing Identities Because of the Cloud
Historically, it was easier to centralize identities when the network was homogenous. Prior to the turn of the century, most networks were all Windows. That made it much easier for IT to leverage Microsoft Active Directory to manage user credentials. Users would simply have one identity that would log them into the network, their device, and Windows-based applications. Since there wasn’t too much outside of the internal network, IT had central control. They could activate and deactivate users as necessary and grant access to resources as required.
Over the last decade, however, that ability to centralize identities has dramatically changed. The cloud has created significant new challenges that are only now getting solved. Google Apps changed the dynamic for corporate email and productivity applications. Amazon Web Services moved the data center to outside of the once-standard network perimeter, if you can even call it that now. Users nowadays leverage more SaaS-based applications than ever before, and devices aren’t all issued by the company. How does IT create central control for this new era of disparate IT resources?
The problem with central control is corporate directory services. Microsoft Active Directory and OpenLDAP have served as directory services for the last two decades. Unfortunately, they were both created in an era where everything that needed to be managed was behind the firewall. That is, of course, no longer the case. Because of that, those solutions have struggled to adapt, and, as a result, a new wave of innovative solutions is centralizing corporate identities.
Directory-as-a-Service Enables Central User Identities
Directory-as-a-Service, for example, connects users to a variety of IT resources, including devices, applications, and networks, regardless of location or type of service (on-premise or in the cloud). That flexibility enables IT organizations to have one core and central user identity for whatever they need to access. And for companies that means increased security, control, and management of resource access and user identities.
If you would like to learn more about how IT organizations are leveraging Directory-as-a-Service to have one identity to rule them all, drop us a note. We’d be happy to walk you through how our platform works. Or see for yourself by signing up for a free account.