Historically the identity provider in an organization has been hosted on-premises. Also known as the directory service, the solution was housed behind locked doors within the organization’s physical space for security reasons and also in order to better connect users to on-premises IT resources. With the emergence of the cloud, many IT organizations are starting to leverage hosted identity providers as a means to connect users while also maintaining security within the overall organization.
What’s at Stake
The identity provider is a core application for IT. Arguably, it is more important than almost any other IT component other than the network itself. The directory service securely connects users to all of the IT resources they will need to access. The IT resources within the organization could include systems such as Linux, Mac, and Windows devices. Making the situation more complex is the fact that users are connected to the cloud and the on-premises applications that they need as well. Additionally, some identity providers are required to assist in integrating user access to the WiFi network.
The Way it Was: Microsoft AD or OpenLDAP
In the early 2000s the concept of an identity provider was fairly straight forward. The choice of solutions available were effectively limited to Microsoft Active Directory or the open source, OpenLDAP. Both solutions were hosted on-premises and were largely limited to connecting users to the IT solutions that were located on-premises as well. In the case of Microsoft AD, it was leveraged for networks that were almost entirely Microsoft Windows based. OpenLDAP, on the other hand, was more focused on Linux-based environments. As IT networks began to evolve and became more heterogeneous, combining Windows, Mac, and Linux systems, challenges began to emerge for the core identity provider platform.
Moving to the Cloud
Over the past few years, IT resources such as systems and applications were being, with greater frequency, moved to the cloud. At the same time, the IT environment was moving to mixed OS landscape where Macs and Linux devices were becoming more prevalent. The emergence of Amazon Web Services (AWS) changed the way a lot of organizations were handling these challenges and, what were formerly on-premises data centers, started moving to the cloud. Instead of these organizations leveraging essentially out-dated on-premises applications, many of them started to make the shift to the cloud. All of these fundamental changes to the IT network have put tremendous pressure on the legacy identity providers.
What’s Next: DaaS
As a result, a new category of hosted identity providers called Directory-as-a-Service® platforms have emerged to solve the issue of connecting users toIT resources in world that is becoming more and more focused on the cloud. Also known as Identity-as-a-Service, these are delivered as solutions to the IT organizations, eliminating the need to install, configure, and maintain the identity provider software and hardware. Further, virtual identity platforms have greatly expanded the capabilities of the directory service. Instead of the relatively narrow approach of a single platform or protocol, modern cloud directory services are multi-platform, multi-protocol solutions that can appropriate IT resources or users anywhere in the world.
If you would like to learn more about how a hosted identity provider can support your identity management plans, drop us a note. Or, feel free to sign-up for an account to see the platform for yourself.