In Blog, Directory-as-a-Service (DaaS), Identity and Access Management (IAM)

pablo (5)

Today’s identity and access management landscape is more complex than ever. Yet there are some simple approaches that can make a dramatic difference for IT organizations.

A federated identity service that’s cloud based could solve many issues for cloud-forward organizations. Today’s modern business is leveraging a wide variety of IT resources. Long gone are the days of IT controlling what systems and applications users will leverage.

The consumerization of IT is spawning a new generation of IT solutions – those that enable end users, yet give IT organizations the control that they need. Identity management solutions are at the core of solving that problem.

Dialing Back In Time

computer-storage-timeline

In the early 2000s, organizations were largely based on Microsoft Windows, and everything was hosted inside of the organization’s firewall. IT organizations went to great lengths to ensure standardization and conformity with the guidelines of the organization. A homogenous infrastructure was easier to manage and cheaper to administer. End users also experienced a more agreeable environment. They simply needed to log in to their machine to gain access to any appropriate resources on the network. It was really a True Single Sign-Onexperience.

Crossed Wires and The Advent Of The Cloud

As the cloud emerged and infrastructure and applications made their way to it, IT’s standards and guidelines were turned upside down.

Individual contributors were purchasing SaaS-based applications to help them do their jobs. They were often purchasing them on their credit card and expensing them. Corporate data was leaving the four virtual walls of the organization.

As Apple Macs and Linux machines started to become more popular, employees started using those machines as their work machines. Windows started to become less popular. Today only one out of five devices is Windows.

AWSIT organizations started to leverage AWS to lighten their infrastructure load. Over the course of time, they started to shift their infrastructure to the cloud, too. All of these moving parts created a challenge: how to securely connect their users to all of these various IT resources.

The on-premises directory service – generally Microsoft Active Directory – wasn’t set up for this environment. It assumed that everything a user needed to connect to was Windows and on-prem. So, IT started acquiring more solutions to help plug holes. A web single sign-on solution was used for the SaaS-based applications. AWS servers would be managed by Chef or Puppet. Mac and Linux machines would get a directory extension solution.

The simple identity provider approach was now a mess of identity management technologies all plugging one hole from the previous solution.

Make The Connection With Federated Identity Service

IT organizations needed a major innovation. It came by way of a federated identity service that integrated all of these various modern IT components so that one set of credentials could access them. It ensures that users can gain access to what they need while IT maintains control.

A central user management system adds, deletes, and modifies user access from one web-based console. Systems, such as Windows, Mac, and Linux platforms, whether hosted locally or in the cloud are managed from the identity service. Cloud and on-prem applications – leveraging LDAP or SAML – are also included in the cloud-based directory service. Google Apps can be integrated as well. Integrated RADIUS support ensures that the WiFi network is secure. Instead of IT organizations layering multiple identity management solutions, a single Identity-as-a-Service platform can solve their needs.

Below you’ll see a diagram of JumpCloud’s Directory-as-a-Service®:

daas-landscape-federated identity

If you would like to learn more about how Directory-as-a-Service can be your federated identity management service, drop us a note. We’d be happy to discuss it with you. Or, feel free to give JumpCloud’s Directory-as-a-Service a try for yourself.

Recent Posts