By Jon Griffin Posted July 17, 2017
When IT networks were simpler, the concept of having single sign-on to just about all of a user’s IT resources was much simpler to achieve. Most users were only dealing with Microsoft Windows based environments, so it was easier to make everything work. Now, in a world where the IT landscape has evolved and expanded with each passing year, the concept of single sign-on has changed dramatically too. Fortunately, a new generation of cloud identity management function True Single Sign-On is changing the game – and simplifying SSO once again.
The Original SSO
Microsoft introduced Microsoft Active Directory® to simplify the concept of managing and provisioning user access to Windows-based IT resources. As networks shifted to the client server and Internet eras, Microsoft dominated the landscape. Windows was the operating system of choice, Windows servers were used extensively, and Windows-based applications dominated. This landscape made it ripe for Microsoft to introduce a central user management platform. Providing IT with another critical management tool increased Microsoft’s dominance and ability to lock-in customers.
The end user experience was critical. A user could simply logon to their device when connected to the internal network, and user authentication would flow through the on-prem Active Directory. This would then authorize access to whatever IT resources that the end user was entitled to. IT simply had to manage the user access in one place, and the user only needed to login one time. This could be called the original single sign-on.
The Ever-Changing IT Landscape
As the IT landscape shifted, so did the definition of single sign-on. Very quickly as IT organizations shifted their applications to the cloud and started to use Mac or Linux devices, the ability to achieve single sign-on using the original method began to disintegrate. A user could login to their device, but that would not necessarily log them into their other resources that were non-Windows based (web applications, Linux-based applications, Mac laptops, Linux servers, etc.). Microsoft failed to adapt to this change – and the result was that the first generation of IDaaS (Identity-as-a-Service) providers emerged to provide web application SSO. This wave of SSO providers is still what many people think of when they refer to SSO, but it’s important to know that it really doesn’t provide SSO to everything, just to web apps.
The Future of Identity Management
As the world continued to shift to be non-Windows based and in the cloud, a new generation of identity and access management solutions emerged. Cloud identity management began to appear, and one of the key solutions in that category, Directory-as-a-Service®, delivered True Single Sign-On. This next generation cloud identity management solution integrated one set of secure credentials to access systems (Windows, Mac, Linux), cloud servers (AWS, Google Cloud, Azure, etc.), on-prem and web applications, and wired and WiFi networks. These solutions address the changes in the IT landscape and allow single sign-on to return to the level of ease found with the original iteration of SSO.
Learn More About True Single Sign-On
If you would like to learn more about the cloud identity management function True Single Sign-On delivered by Directory-as-a-Service, drop us a note. Or, feel free to sign-up for our IDaaS platform to see the cloud based directory for yourself. Your first 10 users are free forever – no credit card required.