By Greg Keller Posted May 12, 2017
With a wider range of desktop and laptop platforms in use now, it is interesting to think about how those systems will be managed. Traditionally, Microsoft Active Directory® owned the process of enabling and removing user access to desktop systems. With Windows no longer the dominant platform it once was, IT admins are wondering what the future of desktop authentication will look like.
The Foundation of Desktop Authentication
If we go back to the 1990s, we can start to understand how we got to where we are today. The client/server era was in full swing, and the Internet was starting to emerge. Our advisor, Tim Howes, and his colleagues created the LDAP protocol, arguably the foundation from which modern identity management was born. Microsoft followed with their Active Directory solution in 1999. AD would go on to be the monopoly in the space.
Microsoft’s dominance made a great deal of sense. The IT environment at that time was virtually all Windows-based and on-prem. Microsoft also did a number of brilliant things with their domain controller solution. A user would only need to login once into their desktop or laptop, and then they would subsequently gain access to the applications and files that they needed. Today, we might refer to that as True Single Sign-On™, but at the time, because everything was Windows and the software was installed on the machines, it was expected.
The Windows monopoly beget Active Directory. Then, Active Directory would beget maintaining the Windows monopoly. Microsoft understood that the easier that they made it to manage Windows machines and users, the more likely that IT would demand that the entire team use Windows devices and applications. The “lock in” strategy worked and Microsoft was incredibly dominant for a long time.
The Current IT Landscape
Then, as always, things in the IT industry started to change. With such a dominant company like Microsoft, the only forces that can make an impact are massive trends. The cloud was one trend that hit Microsoft hard. AWS, Google Apps, and other cloud infrastructure and applications started to shift the way that end users worked. The interface wasn’t Windows necessarily any more, it was the browser – and multiple popular browsers existed.
The other major trend was mixed platforms. It started with the resurgence of Apple with their mobile devices, and ultimately extended to the Mac which became one of the most popular computers on the planet. But, it didn’t stop there. Linux, which started making inroads in the late 1990s and early 2000s, exploded once Infrastructure-as-a-Service (IaaS) providers such as AWS, IBM SoftLayer, Rackspace, and others emerged. Windows was no longer the dominant platform.
The result was that the IT environment was mixed with Windows, Mac, and Linux systems. Desktop authentication in this landscape was different. Active Directory, which worked really well with Windows, struggled in a mixed platform world. Additionally, AD is an on-prem application built into Windows Server. IT admins are shifting their infrastructure to the cloud and not relying on Windows platforms.
New Requirements in Desktop Authentication
The future of desktop authentication isn’t going to be a single vendor, on-prem solution. IT admins want flexibility and agility. A cloud identity management solution is what the future of desktop authorization looks like. The platform – called Directory-as-a-Service® (DaaS) – will authenticate with a wide variety of platforms (Windows, Mac, Linux), providers (AWS, G Suite, Office 365, etc.), protocols (LDAP, RADIUS, SAML, SSH, and others), and locations (on-prem, cloud, remote, hybrid). Because the platform is delivered from the cloud, it needs no maintenance and upkeep from IT. Think of the cloud directory as the reimagination of Active Directory for the modern, cloud era.
Desktop Authentication Going Forward
If you would like to talk more about the future of desktop authentication, drop us a note. Alternatively, sign-up for a free Directory-as-a-Service account and check out how a virtual identity provider can work for you. Your first 10 users are free forever.