Desktop Authentication

By Rajat Bhargava Posted May 15, 2017

Desktop Authentication

With the move to the cloud, and a number of web single sign-on platforms getting a great deal of attention, it’s easy to understand why desktop authentication isn’t “sexy” anymore. In many organizations, it actually seems like it’s a forgotten activity. IT organizations are often prioritizing Identity-as-a-Service (IDaaS) over directory services, which ends up being the control point for desktop authorization.

If we step back and look at history, it’s a little easier to understand where the market is headed.

Authentication through Active Directory®

Microsoft Active Directory

Back when the client / server era was in full swing and the Internet was emerging as a major, transformational platform, Microsoft brilliantly introduced an identity management solution called Active Directory. AD would go on to be the monopoly in the Identity and Access Management (IAM) space and virtually rule the desktop authentication category.

This directory, though innovative at the time, wasn’t that hard of a problem for Microsoft to solve as most IT networks were homogeneous Windows-based IT environments. Controlling the desktop environment was fairly straight forward for IT admins in this era.

The result was that Active Directory became entrenched in IT environments, both small and large. In fact, nobody in the identity management space even thought much about desktop authentication or directory services due to how established AD was. However, that all changed when Internet really began to take off.

More and more organizations began leveraging cloud software and infrastructure. Everybody’s attention turned external, away from on-premise infrastructure. IT admins were still using Active Directory, but they began looking to single sign-on solutions to solve arising access and authentication needs. Their core directory services were still taken care of by AD, but they needed to build on top of it in order to manage their cloud-based resources. Initially, most IT departments addressed this by supplementing the on-prem identity provider with a first generation IDaaS solution.

Managing Windows, Mac, and Linux

While IT and DevOps engineers were focused externally on the cloud, there was a transformation going on internally too. Windows machines were being replaced by Mac and Linux devices. In fact, Microsoft Windows went from being 9 out of 10 devices used, to being one of out of five (Forbes.com). That’s a massive change. End users were switching to platforms that were easier for them and BYOD programs were letting them do it. What used to be simple control over desktop authentication with Windows, started to become a complex task with a variety of operating systems.

As IT admins know, Microsoft optimized Active Directory to work with Windows. So, all of the new BYOD Mac and Linux machines were considered second-class citizens. This left a large portion of the users unmanaged, and as a result not secured. Having computers with unmanaged entrances to your enterprise’s network is a serious risk. Desktop security is as critical as ever. It is the conduit to an organization’s digital assets, whether they are on-prem or in the cloud. Securing and controlling that platform is vital to ensuring company information is not accessed by the wrong people.

Directory-as-a-Service Works Across Major Systems

jumpcoud Directory-as-a-Service

With the massive changes in the IT landscape, a new generation of cloud identity management platform needed to emerge to solve the issue of cross platform desktop authorization. To solve this issue, Directory-as-a-Service® (DaaS) stepped up. DaaS securely manages and controls user access to IT systems, applications, and networks. With one unified cloud directory service, IT organizations can control desktop authentication to Windows, Mac, and Linux devices. IT can, with the same cloud identity provider, support LDAP authentication, cloud RADIUS, system management on all three platforms, multi-factor authentication, single sign-on to web and on-prem applications, and more. Directory-as-a-Service is the modern adaptation of LDAP and Active Directory for the cloud era.

Desktop Authentication in a Mixed Platform Environment

If you would like to learn more about desktop authentication in a mixed platform environment, drop us a note. Alternatively, sign-up for a free modern IDaaS account, and give the cloud directory a try for yourself. Your first 10 users are free forever.

Rajat Bhargava

Rajat Bhargava is co-founder and CEO of JumpCloud, the first Directory-as-a-Service (DaaS). JumpCloud securely connects and manages employees, their devices and IT applications. An MIT graduate with two decades of experience in industries including cloud, security, networking and IT, Rajat is an eight-time entrepreneur with five exits including two IPOs, three trade sales and three companies still private.

Recent Posts