By Natalie Bluhm Posted September 6, 2017
Historically, authenticating into an IT resource took place on that particular resource. Then the concept of directory services emerged which centralized the idea of authentication. For a long time, this was done on-prem. Now the concept of hosted authentication services is moving to the cloud.
But first, let’s take a look at what authentication used to be.
LDAP and Microsoft Streamlined Authentication
The introduction of LDAP kicked off the era of identity management and authentication services. The concept was to have a lightweight method to check if a user should be able to access a particular resource – system, application, file, network, etc. The LDAP protocol standardized that communication path.
Microsoft took that to a new level with the introduction of Active Directory. They also added another authentication protocol with Kerberos. Now there were multiple ways that Windows resources could talk to the core directory service. User authentication was a smooth, secure and controlled process, as long as IT infrastructure remained on-prem and homogenous.
Then Along Came the Cloud
Technology had other plans. A series of major innovations have disrupted the IT landscape, one after the next. The world has moved to the cloud, web-based applications, and non-Windows computer platforms. The end result was that users had to connect to a wider range of IT resources which spurred the development of a number of new authentication protocols including SAML, OAuth, OpenID, and many more.
Legacy directory services couldn’t handle all of the different types of authentication processes that needed to happen. For some organizations, this has resulted in having unmanaged resources in their environment which ends up creating a lack of control over user authentication. A lack of visibility over user authentication means it’s going to be difficult to ensure users are using proper authentication methods, and if you’re having trouble managing user authentication, chances are you’re lacking centralized control over your user’s identities in general.
The Solution: A Hosted Authentication Platform
A modern approach to directory services called Directory-as-a-Service (DaaS) has emerged as a hosted authentication platform. By leveraging a wide range of protocols, our virtual identity provider connects users to the IT resources they need including systems (system agent), applications (LDAP and SAML), files, and networks (RADIUS). The benefit to IT is that one identity can be used across the entire IT infrastructure.
If you’re interested in learning more about our architecture and protocols, consider watching this webinar where Greg Keller, our CPO, breaks down how our protocols work to centralize identity management in your environment.
For an in depth example at how some of our customers are optimizing their authentication process, we encourage you to read how Tamr has streamlined user access to 300 AWS servers.
You can also learn more about our hosted authentication platform by dropping us a note. Additionally, you’re invited to start testing our modern directory service by signing up for a free account. Your first ten users are free forever.