By Jon Griffin Posted July 4, 2017
The identity and access management (IAM) market is in a state of flux. After almost two decades of a relatively sleepy market, the last few years has been an explosion of innovation in the identity management world. Of course, this is driven by the fact that the IT market in general is in a massive state of change, but it is also due to demands for the security of identities. A new generation of solution is emerging called Directory-as-a-Service® and enabling the cloud IAM feature SaaS LDAP.
LDAP was created by our advisor Tim Howes and his colleagues at the University of Michigan in the early 1990s. The advent of the Lightweight Directory Access Protocol (LDAP) gave universities and corporations the ability to create directories of users and then grant (or deny) access to other objects in the directory.
LDAP essentially marked the start of the modern identity management market. A decade later, two leading identity management solutions emerged – OpenLDAP™, the open source directory services leader, and Microsoft Active Directory®, the commercial market share leader in the IAM space.
Organizations leveraged these two solutions as their core identity management platform. At the time, most IT resources were based on Microsoft Windows and were located on-prem, so Active Directory was a logical choice. If an IT organization needed to connect users to more technical resources such as Unix/Linux systems and applications then OpenLDAP was a viable choice. Many organizations even had both solutions – AD for their internal IAM management and LDAP for their data center.
New Solutions Emerge
As the IT landscape started to change, a new generation of IT solutions started to emerge. The internal network started to shift to being less Microsoft Windows and more Mac and Linux. In fact, today, only one in five devices is Windows (Forbes). Applications started to shift from being hosted on-prem to being delivered from the web. These web applications started to leverage a wide range of protocols including LDAP and SAML. The network shifted to WiFi from being wired and the data center shifted to Infrastructure-as-a-Service providers like AWS and Google Cloud. All of these changes had a dramatic impact on what IT admins needed to do for their IAM platform.
Relying on Active Directory in a mixed platform and provider environment was making less and less sense. When you added in the challenges with hybrid situations and remote workers along with multiple protocols, the tipping point had been reached. It was time to eliminate Active Directory and the on-prem LDAP instances.
Solving the AD Problem
A new generation of cloud IAM solutions featuring SaaS LDAP emerged to solve this problem. Called Directory-as-a-Service, the cloud IAM platform securely managed and controlled user access to IT resources such as systems (Windows, Mac, Linux), cloud and on-prem servers (e.g. AWS, Google Cloud, Azure), web and on-prem applications (LDAP, SAML), and wired and WiFi networks via RADIUS. This IDaaS solution becomes the unified cloud directory for an IT organization regardless of protocol, provider, platform, and location.
In specific, IT admins and DevOps engineers no longer need to support an OpenLDAP implementation. As IT and DevOps engineers know, LDAP is painful to implement, but incredibly useful. Directory-as-a-Service shifts the heavy lifting of installation, configuration, and management of LDAP to a third party provider. The benefits of this are tremendous including increased security, availability, and reliability. IT admins can focus their time and attention on tasks that are more critical than managing the identity management infrastructure.
Directory-as-a-Service’s SaaS LDAP
If you are interested in learning more about the cloud IAM feature SaaS LDAP, drop us a note. Or, sign-up for a free virtual identity provider account and check out our cloud LDAP capabilities. Your first 10 users are free forever.