By Vince Lujan Posted September 25, 2019
A key area of on-prem identity and access management systems – namely Microsoft Active Directory® – has been Windows desktop authentication. In the rush to shift Identity and Access Management (IAM) to the cloud, a critical feature that IDaaS systems have missed is the ability to authenticate Windows, Mac, and Linux systems. Now, the cloud IAM feature for desktop authentication is giving IT organizations the ability to centrally manage all of their identities in the cloud.
Overview of IAM
The IAM market has been interesting over the last two decades. Desktop and server authentication was a critical component of first generation directory services systems in the PC era such as Active Directory and OpenLDAP. AD ensured that IT admins could control who could login into what desktops, laptops, and servers. Of course, one of the benefits of the domain controller was its ability to also log in users to other IT resources including the network, Windows file servers, applications, and more.
Active Directory became the dominant identity provider in the industry. As a result, other IAM vendors built on top of it. With web applications emerging as a big part of what users needed to do their jobs, web application Single Sign-On (SSO) providers started to provide their solutions on top of AD. Of course, they didn’t need to worry about desktop authentication, because they were focused on web applications. As these solutions moved to the cloud, they continued to integrate and focus on Active Directory as the core identity provider.
The process of authenticating systems became a lot more difficult when desktops started to shift from Windows to Mac and Linux systems and the data center infrastructure moved to AWS. Active Directory wasn’t as simple for other platforms or those located elsewhere. So, the concept of including desktop authentication into a cloud IAM platform was a critical step.
IAM in The Cloud – Desktop Authentication
This step has only been taken recently with the advent of Directory-as-a-Service®. This cloud IAM platform is securely managing and connecting user identities to the IT resources that those users need including systems (Windows, Mac, Linux), cloud and on-prem servers (e.g. AWS, Google Cloud, Azure), web or on-prem applications via LDAP or SAML, and wired or WiFi networks through RADIUS. The idea is for this modern IDaaS solution to replace Active Directory and create a virtual identity provider that isn’t tied to a particular platform, provider, protocol, or location. That’s a significant step-up for IT admins and end users alike.
The cloud IAM feature for desktop authentication is a core part of the cloud identity management solution. IT admins can leverage one identity for their desktop auth as well as web applications or cloud servers. IT organizations also don’t need to worry about whether the desktop or laptop platform is Windows, Mac, or Linux.
If you would like to learn more about the cloud IAM feature desktop authentication, drop us a note. Or, feel free to sign-up for our cloud identity provider and check out how you can manage your Windows, Mac, and Linux users. Your first 10 users are free forever.