By Rajat Bhargava Posted May 4, 2017
The identity and access management (IAM) market is shifting to the cloud. What used to be delivered on-prem for a variety of reasons is now starting to move to the cloud. As a result, a new category of solutions is emerging, called cloud IAM. This market is a new take on identity management in enterprises, and it is intersecting with the many changes in the IT landscape. One particular area that is adding a great deal of value to IT organizations: the cloud IAM feature cloud RADIUS.
The Identity Management Market
The identity management market really started to emerge in the late 1990s and early 2000s. In the 1990s, our advisor, Tim Howes, and his colleagues created the LDAP authentication protocol, and subsequently OpenLDAP™ and Microsoft Active Directory® entered the market as directory services. Microsoft’s AD quickly became the most dominant platform in the market. Because of this, IT organizations were able to start to control user access as well as Windows devices. Of course, the goal of AD was to give IT more control over Windows networks, and to more deeply lock in customers to the Windows platform.
This approach worked well, and the IAM market was dominated by Active Directory. There were smaller categories that began to emerge such as web application single sign-on, but none were as significant or as large as the directory services category. But, because Microsoft owned that market, nobody challenged their position.
RADIUS is Introduced
In parallel, organizations were implementing more complex networks. These networks were being driven by major network providers such as Cisco, Juniper, and others. While network and IT admins were building these networks, they also leveraged a protocol called RADIUS to help them manage it. RADIUS was a core authentication service that had been adopted by the networking industry. It could integrate with Active Directory, but only with significant work and effort on the part of IT. Because of this significant work load, most organizations would run separate authentication platforms with AD and RADIUS.
As WiFi became more popular, RADIUS was a convenient protocol that could be leveraged to control who could access networks. WiFi networks are inherently insecure because their signal is broadcast over an area and is hard to control. By adding RADIUS to the mix, IT admins can lock down their wireless access to only those that should have access. Generally that is determined by integrating the RADIUS solution with the directory service. While valuable, this too has many moving parts and integrations.
The innovation in cloud IAM is the integration of the RADIUS infrastructure to the directory service. With a RADIUS-as-a-Service infrastructure included with the cloud directory, there is little work for the IT admin. The wireless access points (WAPs) are pointed to the cloud RADIUS service. Then, because the cloud RADIUS service has already been integrated with the core directory service in the cloud, there is no work or moving parts for IT to take care of. Simply add your users and federate them to the RADIUS servers, and you can now control who accesses the network and who doesn’t. This cloud IAM feature for cloud RADIUS is an easy way to increase the value of cloud identity management within the enterprise.
If you would like to learn more about how the cloud IAM feature cloud RADIUS is being used in organizations around the world, drop us a note. We’d be happy to walk you through how and why it can make a big difference to the security of your organization without a great deal of heavy lifting. Also, feel free to sign-up for a free JumpCloud IDaaS account and check out the virtual RADIUS functionality for yourself. Your first 10 users are free forever.