Federated Identity Manager

By Greg Keller Posted March 24, 2016

IT organizations are presently connecting their users to more IT resources than ever before. There are devices and applications for virtually all uses. Technology is at the heart of many organizations – even ones that are producing and selling nontechnical goods and services. IT has progressed from a cost center to a strategic advantage. Organizations that can leverage their IT platforms effectively will out-innovate their competition. DevOps methodologies are enhancing that focus and giving organizations the tools that they need to succeed.

Technology and Jobs: The Unbreakable Link

Securely controlling access to IT resources is vital for any organization. Users need to be more productive than ever. Whether it be email or complex applications and processing, technology is at the center of today’s jobs. IT needs to be able to efficiently and appropriately grant, revoke, and modify access. That central control is imperative for security, compliance, and visibility. The mechanism by which many IT organizations are managing this activity is through a federated identity manager.

Not-So-Permanent Solutions

Identity management platforms are at the center of user management and access control. Historically, those solutions have lived on-premises and were either Microsoft’s Active Directory or the open source OpenLDAP solution. These directory services enabled IT to store user credentials in a database and then allowed various IT resources to validate credentials when end users requested access. The process worked well for a pre-cloud world, since most devices and applications were Microsoft Windows based and behind the firewall. An on-prem directory service could easily and appropriately connect users to their IT resources.

As the world moved to the cloud with server infrastructure and web applications hosted off-premises, the legacy on-prem user directory couldn’t keep up. As a result, different solutions were created to bolt-on to the directory. Web application single sign-on solutions would grant users access to SaaS-based applications. Directory extension technology would help to connect with Mac and Linux devices. Additionally, cloud servers hosted at AWS or Google Compute Engine might be managed with a cloud-hosted LDAP or Chef and Puppet. All of these solutions started to create more challenges and moving parts for IT, resulting in user identities not  easily federating to the various IT resources that they needed to access.

Enduring Platforms for Federated Identity Management

Identity-as-a-Service platforms took aim at this problem. Solutions, such as Directory-as-a-Service®, created an integrated True Single Sign-On™ platform. Identities could be federated to web applications, cloud servers, and a wide variety of other IT resources. On-premises devices didn’t need to be just Windows based. Mac and Linux machines were treated as first-class citizens. LDAP-based applications could be authenticated as simply as any other resource. Also, RADIUS integration helped to make the WiFi network even more secure. Instead of multiple identity and access management solutions, a cloud-based, federated identity manager could address all of the key needs of an organization leveraging the cloud.

If you would like to learn more about how Directory-as-a-Service can be your federated identity manager, drop us a note. We’d be happy to walk you through its capabilities. Or, if you would like to try it for yourself, you can do so here. Your first 10 users are free forever.

Greg Keller

Greg is JumpCloud's Chief Product Officer, overseeing the product management team, product vision and go-to-market execution for the company's Directory-as-a-Service offering. The SaaS-based platform re-imagines Active Directory and LDAP for the cloud era, securely connecting and managing employees, their devices and IT applications.

Recent Posts