By Rajat Bhargava Posted February 3, 2017
Cloud IAM solutions are taking the identity and access management market by storm. Over the past several years, there has been an explosion of solutions claiming to be cloud IAM. Of course, each solution has its own take on what cloud IAM is and what it means. While we aren’t here to tell you what cloud identity management means to your organization, there are a number of things that you should consider.
Understanding the IAM Market
Historically, identity and access management has been the overarching term that analysts and pundits have used to describe the market. This was an important approach because of how the market evolved.
The market had originally been just directory services – mainly Microsoft Active Directory or OpenLDAP. Identity management equaled AD for a number of years.
Then the world of IT started to evolve. Vendors started to create more platforms that sat on top of AD. The AD credentials would be federated to privileged identity management solutions and web application single sign-on platforms. Multi-factor authentication emerged, so too did identity governance categories. And soon enough an ecosystem called IAM materialized beyond Active Directory.
Changes Necessitate a New Direction
As the world now shifts to the modern IT infrastructure, that same ecosystem is being shifted to the cloud. However, the new challenge is that Active Directory is no longer the centerpiece of directory services that it once was. This is being driven by how IT networks are emerging.
Today’s IT landscape is far different from what it was even a decade ago. Heterogeneous environments are the norm. MacOS and Linux devices are often more popular than Windows devices. Cloud servers are replacing on-prem data centers, and web applications are being leveraged by the entire organization. Instead of wired networks where the domain controller ruled the network login, WiFi is the norm.
All of these changes are driving the need for a new type of directory service or cloud IAM solution.
What is Cloud IAM?
Unfortunately, there is a great deal of confusion of what cloud IAM means. Many on-prem solutions have been “cloud-washed” to make them appear to be from the cloud or for the cloud.
Today, IT admins can see three major categories of cloud IAM solutions:
Web Application Single Sign-On
Perhaps the first category to refer to itself as cloud IAM or IDaaS (Identity-as-a-Service) is web app SSO. These solutions are aimed at organizations leveraging web applications that want to federate access from their directory service to web applications.
Platform Specific User Management
Many platform providers (AWS, Azure, Google, and others) have built their own user management systems and often called them cloud IAM. This is a stretch of the term. But as IT admins know, part of the struggle is to cut through the noise.
These solutions are largely closed wall user management systems. For example, they will provision and deprovision users on their own platform but will not interoperate with other platforms or on-prem IT systems, applications, or networks.
Cloud Directory (Directory-as-a-Service®)
The widest solution of the three is Directory-as-a-Service. This platform securely manages and connects employee identities to the IT resources they need, including systems (Windows, MacOS, and Linux), applications (cloud or on-prem), and networks. The solution is provider, platform, protocol, and location independent and functions as the core cloud identity provider for an organization.
Identity and Access Management on the Cloud
Cloud IAM can be a confusing term. If you would like to learn more about the market and what cloud identity management might mean to your organization, drop us a note. Also, give our IDaaS platform a try for yourself. Finally, please be aware that your first 10 users are free forever.