Cloud-based directory services streamline IT operations without the costs or maintenance required to administer on-premises services like Active Directory®.
Selecting the right directory solution is particularly critical now, as we navigate challenging economic conditions and changing attitudes about traditional in-office work. To help you and your organization make an informed decision about your directory service, we’ve compiled this guide to examine the economic impacts and costs associated with cloud directory services. Real data makes it easier to decide how to invest your organization’s time and money.
IT Leaders Use Data to Make Better Decisions
When it comes to an IT decision as important as core infrastructure, it’s critical to build a case with data. That case needs to include the challenges ahead and why those are important to the organization — as well as the projected economic impact of the decision. Said another way, sum up why a cloud directory service is important to the organization’s future.
A cloud-based directory service is designed to manage remote users and access control, federate core user identities to all their IT resources, configure and secure users’ workstations and laptops, and monitor authentications and other directory events.
Note: For more detailed analysis, drop us a note. We’re happy to share our Directory-as-a-Service ROI calculators and associated documentation.
Return on Investment (ROI) of Cloud-Based Directory Services
Cloud-based directory services have four positive economic effects for organizations:
1. Increase End User Productivity
Many end users now work remotely, and their IT resources are scattered between on-prem and cloud platforms. Users spend significant amounts of time getting access to the tools they need and keeping that access, including remembering and updating passwords across resources. However, with a cloud-based directory service, users need to remember only one set of core credentials, which grants them access to virtually all IT resources.
A cloud-based directory service synchronizes with major operating systems and services that require a directory, such as G Suite™ and Microsoft 365™. It also federates core identities to other IT resources via a suite of protocols including LDAP, RADIUS, SAML, and SCIM. Then, users log into their macOS®, Windows®, and Linux® workstations, email, single sign-on (SSO) portfolios, and more with the same set of credentials.
Impact: Users are more productive because they need to remember only one set of secure credentials to access their IT resources.
2. Reduce Password Tickets & Manual IT Tasks
Tasks like password resets or account activations cut into the time better spent on more strategic tasks. Historically, IT was saddled with such repetitive tasks, but that’s not the case with a cloud-based directory service.
Because users have to remember only one set of core credentials, they’re less likely to submit support tickets or encounter access issues. You can also enable users to change their passwords directly on their workstations without a VPN and ensure those changes are written back to the core user store and reflected in all connected IT resources. These workflows become increasingly important as the number of technology solutions in an organization grows.
Impact: Centralize user management and offload manual IT work, preserving time for higher-value IT projects.
3. Reduce On-Premises Infrastructure
Historically, organizations hosted their directory services solutions — like AD and OpenLDAP — on-prem. Those solutions required servers, software, network equipment, and ongoing maintenance and management. They also required supplemental tools to connect users to emerging IT resources, like web applications and non-Windows operating systems, and to implement multi-factor authentication (MFA) and audit logging.
Cloud-based directory services embrace all major operating systems and a wide array of IT resources without supplemental tools or on-prem infrastructure. Comprehensive access control and device management originates from one platform, without the need to maintain or manage servers.
Impact: Reduce costs with a SaaS directory solution by shifting the infrastructure costs and maintenance to the provider, as well as reducing the number of IT solutions needed to manage access control and devices.
4. Prevent Security Breaches
With a cloud-based identity management system, IT administrators centrally manage user accounts for all different types of infrastructure, as well as configure and secure user workstations. This includes organizational password requirements, such as length and complexity. This also includes the tools necessary to require MFA at high-value access points and manage SSH keys.
From a central point of command, admins then immediately revoke access across an environment if credentials are compromised or a user leaves the organization.
Impact: Control and secure user access to critical resources including on-prem and cloud infrastructure, legacy and web apps, networks, and workstations. Reduce the risk of a security breach and quickly revoke access everywhere in the event credentials are compromised.
Costs of Cloud-Based Directory Services
The four items listed above are areas in which an organization can generate a positive return on investment. However, for that return, two cost centers are critical.
1. Licensing Costs
SaaS-based platforms are licensed through a subscription model. The pricing varies based on billing cycle (annual or monthly), the number of users, and the feature set.
Ideally, a cloud-based directory solution offers features à la carte or bundled, depending on an organization’s needs. There’s no need to account separately for costs such as infrastructure, backup, and security. This alternative is a transition to a OpEx model.
Cost: A SaaS directory requires a monthly or annual subscription, but the costs are more predictable than with traditional directory services.
2. Internal Management
Any new IT solution requires human involvement, including cloud-based directory services. If AD is already in place, implementing a cloud-directory service requires integration of the two services and a migration of user accounts. Alternately, in the absence of a directory, there’s a need for new accounts for users and new connections with IT resources.
However, once the solution is in place, operational tasks are simplified, including user onboarding, and password management tasks are shifted to users. These platforms also integrate with a wider range of IT resources, which results in a reduction in the number of management tools needed.
Cost: Setup requires involvement from internal IT staff, but results in streamlined IT processes after implementation.
Assessing the Value of Cloud-Based Directory Services
With a cloud-based directory service, there’s a return on investment as operations become more efficient and automated.
JumpCloud® Directory-as-a-Service® represents one option for a centralized access control and device management platform in the cloud. From JumpCloud, admins manage users and connect them to their requisite IT resources, as well as manage their workstations with GPO-like Policies, custom commands, and Apple® MDM, no matter where they’re located.
To learn more about JumpCloud’s potential return on investment, read our case study with real estate firm Chase International and its IT manager, Justin Price, who found an all-in-one identity and access management (IAM) solution in JumpCloud at a critical time for the organization.