Cloud Identity Bridge as-a-Service

Written by Natalie Bluhm on September 12, 2017

Share This Article

The concept of a cloud identity bridge is changing the identity and access management (IAM) world, especially for organizations that still want to keep one foot on-prem while gaining control over their cloud-based apps and infrastructure. Like many categories within the IAM space, the cloud identity bridge is being offered as a SaaS based service. So what does a cloud identity bridge as a service mean for IAM?

To answer that question, let’s take a look at how the IAM industry has evolved overtime.

The Evolution of IAM

Identity and Access Management Pyramid

As most people in IT know, LDAP started the modern era of identity management in the early 90’s, and then Microsoft Active Directory® took on the mantle a few years later. Microsoft was able to establish quite the empire with Active Directory because, at this time, IT environments consisted of mostly Windows systems, and on-prem networks, applications, and data centers.

Within this ecosystem, Active Directory was excellent, and a lot of that had to do with the domain controller. On-prem resources within an IT environment were bound to the domain controller, and this created a central point for authenticating to on-prem resources. This made it possible for users to login with one set of credentials into their Windows system and easily gain access to their apps, networks, files, and servers. All the while, IT was able to have excellent control over their users, systems, and other IT resources.

Changes to the Core IT Landscape Altered IAM

cloud hosted solution

But, as the core IT landscape started to change, the IAM space started to shift as well. Many of the changes in the core IT landscape included shifting away from Microsoft resources. Users started using Mac and Linux systems, web-based apps like G Suite, and cloud-based servers hosted by AWS. Microsoft wanted to hang on to their monopoly, so they made it difficult to integrate these new resources with Active Directory.

However, these new resources have spurred a new category of identity management called cloud identity and access management that has started to chip away at Microsoft’s grasp on IT organizations. It also has became apparent that a new IAM category needed to be created. With Microsoft Active Directory as the most dominant identity provider, there needed to be a bridge from the on-prem AD server to non-Windows related IT resources.

Introducing Cloud Identity Bridge-as-a-Service

So, the cloud identity bridge category was born. As an AD extension, cloud identity bridge as-a-service connects AD identities to cloud servers (e.g. AWS, GCP), web and on-prem applications (via SAML and LDAP), cloud productivity/directory platforms like O365 and G Suite, physical and virtual data storage, and WiFi networks via RADIUS. The good news is that the cloud identity bridge is being delivered as a SaaS-based service which means that IT admins don’t need to deal with the hassle of installing hardware, procuring software, configuring systems, and maintaining them. They can quickly and easily extend AD credentials to non-Windows resources without additional infrastructure. And, IT organizations only pay for what they use.

So, how quick is it to set up cloud identity bridge as-a-service? First, a lightweight agent is installed on all of the domain controllers that are part of the IT environment. Then, IT selects the users and groups that need to access resources like Linux servers, a Mac system, or cloud infrastructure in AWS. Once users and groups are identified, a JumpCloud group is created within the Active Directory console. As users and groups are added to the security group, those identities are federated to the cloud directory service via the cloud identity bridge. From there, IT has the pleasure of taking advantage of our multi-protocol approach and easily connecting users to the resources they need access to.

Learn more about Cloud Identity Bridge-as-a-Service

For a more in depth explanation on implementing the cloud identity bridge, consider watching this tutorial video, which can also be found below. You can also find more information about our virtual identity bridge by signing up for a free demo or dropping us a note. If you’re interested in trying out cloud identity bridge as a service, sign up for a free account. Your first ten users are free forever.

Natalie Bluhm

Natalie is a writer for JumpCloud, an Identity and Access Management solution designed for the cloud era. Natalie graduated with a degree in professional and technical writing, and she loves learning about cloud infrastructure, identity security, and IT protocols.

Continue Learning with our Newsletter