By Ryan Squires Posted September 10, 2018
With so many acronyms and terms flung around the world of IT at any given time, it remains difficult to stay abreast of all the new ways people are talking about varying IT concepts. Of course, whenever there are competing companies, different terms will mean different things to different organizations. That’s the way it goes. So, that’s why we’re here to set the record straight about the definition of unified access management.
Microsoft and Unified Access Management
In order to get a grip on the origin of the term unified access management, we need to talk about the IT environment during the early to mid 2000s. During this time, Microsoft® was able to position their identity provider (IdP) solution, Active Directory (AD), as the defacto directory services platform for enterprises. Part of the reason for their dominance stemmed from the fact that virtually every system and application a user leveraged (for example Word® and Exchange®) was Windows®-based. It just made sense for IT to utilize Microsoft tools in their workplaces. But, this methodology tied user identities to AD, which would spell trouble for IT admins later down the line.
Soon, web apps like Salesforce®, and Google Apps™ (now known as G Suite™) began to storm into the workplace. These apps weren’t installed on systems via CD-ROM discs like Windows-based applications from Microsoft. No, these apps were accessed through a web browser. Because they were delivered via a browser, that made web apps from Dropbox™ to Slack platform agnostic, which meant they were not Windows-based and, by extension, outside the control of AD. Suddenly, AD had resources it could not control and vendors lined up to deliver solutions to federate AD credentials to web applications and restore order to the IT environment. But, other disruptions such as Mac® and Linux® systems, WiFi and cloud infrastructure (AWS®, GCP™, Azure®) arrived to further complicate the meaning of unified access management.
SSO is not Unified Access Management
Vendors created single sign-on (SSO) solutions to help fill in the rapidly expanding gap between on-prem Windows identities, systems, and on-prem infrastructure to what users were now using with increased frequency: web apps. So, that’s where first generation IDaaS companies came in. The solution they built dealt with layering their SSO solution on top of the on-prem AD implementation. The user could leverage their credentials to gain access to the system, wired network, and web apps but it created more work for IT admins who now had additional software to deploy. People start to get the term unified access management in their minds and mouths resulting from this melding of AD and web apps. Obviously, with just Windows and web apps covered, it does seem to be a stretch to say ‘unified’.
So, even though web applications were quickly growing in popularity due to cost savings and ease of use, SSO solutions were still tied to the on-prem AD implementation. As the IT environment moved out of the 2000s and into modern times, on-prem implementations started to make less sense with each web application, WiFi network, cloud infrastructure service, or cloud-based file server (Box™, Dropbox®) an organization began to utilize.
Directory Services and Unified Access Management
Some organizations didn’t leverage AD or directory services at all because their tools were in the cloud or they were on non-Windows platforms. How does unified access management apply to an organization such as this? The truth is, the core identity store of all types of organizations with their varying use cases has shifted such that some companies have an aging on-prem identity store and others have nothing at all. So, we here at JumpCloud® created a service that can supply the core identity to organizations of all types and federate them to nearly any resource an IT organization may leverage. This is how you get to true unified access management, and we call it True Single Sign-On™.
True Single Sign-On allows users to access any resource they may have within their organization’s network or remotely with a single set of credentials. That means that WiFi networks via RADIUS, legacy LDAP applications, file servers on-prem and off, cloud infrastructure (AWS®, GCP™, and Azure®) as well as the systems themselves (including both Mac and Linux in addition to Windows) all authenticate and authorize via one centralized authority. IT admins no longer need to tack cumbersome add-ons to AD, because everything is built into our Directory-as-a-Service platform.
Learn More About JumpCloud and True SSO
If you want to learn more about the true definition of unified access management, please feel free to drop us a line. If you’re ready to get your hands dirty and start managing disparate users, systems, and resources sign up for a free account today. It’s good for 10 users and will be forever.