By Rajat Bhargava Posted January 22, 2015
As JumpCloud® has engaged in the directory services market through our Directory-as-a-Service® solution, we are keenly aware and interested in the broader market landscape, commonly referred to as Identity and Access Management (IAM) or Identity Management by analyst firms. Interestingly enough though, the market hasn’t historically been talking about the directory as being a part of that landscape. Industry folks are almost always talking about “above the directory layer.” Our sense is that this is likely because the identity provider role has been locked up by Microsoft’s Active Directory® and OpenLDAP™ for the past 20 years. At JumpCloud, we think that this “industry lock up” is a historical vestige that is about to change, but it is interesting to review how our team at JumpCloud views the identity management market.
JumpCloud’s perspective of the IAM landscape:
Here is how each category relates to the directory services space. We’ll start with the base of the whole identity and access management market — the user directory — and then work our way up the pyramid to the MFA category.
- Directory – The directory is the core user store. Generally, directories have leveraged LDAP as their protocol and are located on-premise. JumpCloud is aiming to change that with the introduction of a cloud-based directory.
- Directory Extension – Over the last decade, directory extension was the main category in IAM. Because Microsoft owned the directory services space, other companies opted to extend that directory to Linux devices, Macs, and mobile devices.
- Single Sign-On (SSO) – SSO is one of the “hotter” topics in the IAM landscape. With massive adoption of web-based services for corporate applications—e.g. Salesforce, Box, Workday, etc.—having a single username/password combo or a button to push to access all corporate IT resources is a true benefit to IT admins. It both cuts down on their level of effort to provision and manage users and their applications, and increases security. SSO, which is offered as a software solution and cloud-based solution, provides employees with a better, more productive experience.
- Privileged Account Management – Privileged account management refers to controlling access to privileged accounts. This relates to access control for servers, databases, switches, routers, and other critical infrastructure components. These solutions provide an alternative to less granular administrator access, such as sudo, and also provide detailed auditing and reporting. The key theme of these solutions is providing the least amount of privileges to a user to accomplish their jobs.
- Password managers – Not all analysts will consider password managers as part of the identity and access management world since they are largely end user focused, but the password managers are clearly another way for organizations to control and share access. They are also another way that employees can secure their access to various sites and systems (i.e. an alternative to SSO).
- Multi-factor Authentication – Multi-factor authentication is already a very significant segment because of incumbents. It is now growing dramatically for two reasons: one, you don’t need a token anymore because a smartphone serves that purpose; and, two, organizations are attaching multi-factor access to a much wider part of their IT infrastructure, including more devices and applications.
- Governance – Governance refers to the identity and access management solutions aimed at tracking and auditing access. For some organizations, compliance is critical and legally required, thus ensuring that the right people are accessing the right systems and doing the right things on them is critical.
As you can see, the identity management market is complex with a number of sub-categories. Identity access management solutions are a core part of IT infrastructure. As modern organizations move towards more complex hybrid environments (i.e. some cloud and some on-premise), the identity and access control market will continue to innovate.
Learn More About Identity and Access Management
We’d love to hear your feedback on our breakdown of the identity and access management market, and what you think we can adjust. If you’d like to learn more, check out this post where we look at some of the players in each sector.