By Rajat Bhargava Posted May 24, 2017
The cloud IAM (identity and access management) is a different animal from the traditional IAM market that has existed for about two decades now. IT organizations are demanding a different approach to identity management than before, and it isn’t just shifting to the cloud. One of the key areas that we’ll see innovation in is the cloud IAM feature user management.
Modern Identity Management
The modern era of identity management was really kicked off when Tim Howes, our advisor, and his colleagues created the LDAP protocol at the University of Michigan. That started a wave of solutions, mainly in the area of directory services. The two main solutions that emerged were the open source project OpenLDAP™ and the commercial solution Microsoft Active Directory®, which both were created in the late 1990s. Both of these solutions quickly became mainstays with IT organizations.
As the web started to come to fruition a new generation of solutions was introduced, one of which was single sign-on access to web applications. Additional technologies that emerged included privileged identity management, multi-factor authentication, directory extensions (to connect non-Windows IT resources to Active Directory), and auditing / governance solutions. The on-prem IAM world really centered around Active Directory as the core identity provider, and all of these emerging technologies became adjunct solutions that would help IT admins manage and control the rest of their IT environment.
Cloud Identity and Access Market Changes
This worked well under a few core assumptions:
- The core of the network is Windows based
- It is located on-prem.
As those assumptions started to change in the 2000s, and a new wave of IT trends started to take over, IT organizations started to struggle with their IAM strategy. Active Directory no longer managed a large part of the IT infrastructure and a number of additional solutions were required to fill those gaps and holes. Further, as the IT organization started to shift to the cloud, they were stuck with identity management being on-prem.
All of these fundamental changes in the IT industry created the need for a new generation of IAM, which we’ll call cloud IAM for lack of a better term. Some pundits call the market cloud identity management or IDaaS and those are likely all acceptable with some detail and understanding around the specific topic being discussed.
In this post, the cloud IAM area that we are digging into is user management. Historically, the directory service was the primary controller of user access, but as AD managed less of the IT resources, user management became more dispersed. This meant that IT admins were on the hook to cobble together processes manually, through scripts, or multiple tools to completely manage user access.
Modern IT admins have a different thought process. They would like one centralized cloud directory service that manages user access across a wide variety of IT resources from systems (Windows, Mac, Linux), servers (cloud or on-prem), web and on-prem applications (LDAP or SAML-based), and networks (wired or WiFi). One central place to provision, deprovision, and modify user access to virtually everything. That’s the goal for IT admins today, and why cloud IAM isn’t just a shift of the traditional IAM industry to the cloud.
A New Approach to IAM
With all of these needs, a new approach is desperately required. IT admins are looking for a cross-platform solution that supports multiple protocols and providers, and allows all of their IT resources and users to be managed regardless of their location, whether in the cloud, on-prem, or remote.
Fortunately, this new approach has arrived with JumpCloud’s Directory-as-a-Service® (DaaS) platform. This cloud-based directory meets the needs of the modern IT landscape. DaaS is the centralized cloud directory service that manages user access across IT resources, regardless of location or platform.
User Management from Cloud IAM
If you would like to learn more about the cloud IAM feature user management, drop us a note. Alternatively, give our Directory-as-a-Service platform a try and see how it matches up to your vision of a cloud IAM solution. You can sign-up for a free cloud directory account and your first 10 users are free forever.