IAM In The Cloud

By Vince Lujan Posted May 10, 2018

IAM in the Cloud

Identity and access management (IAM) in the cloud is a new category of solution in the IT world. While seasoned IT veterans might argue that Identity-as-a-Service (IDaaS) has been around for years, we’re talking about a much more significant solution for IT organizations. In short, we’re talking about a truly comprehensive cloud identity management solution.

The advantages of IAM in the cloud are numerous, including increased efficiency, security, control, and agility. However, to fully understand the significance of this cloud-based approach to managing identities, let’s take a quick look at the development of identity management solutions and what has changed through the years.

Overview of Identity Management

Overview of IAM in the Cloud

The modern era of identity management dates back to the creation of LDAP (Lightweight Directory Access Protocol). LDAP was created in 1993 by our advisor, Tim Howes, and his colleagues at the University of Michigan. It was developed as a lightweight alternative to X.500, the precursor identity management solution, and has since been incredibly successful. In fact, LDAPv3 became the internet standard for directory services in 1997, and subsequently spawned two incredibly powerful on-prem identity management solutions: OpenLDAP™ and Microsoft® Active Directory® (AD). Both of these on-prem identity providers (IdP) were introduced in the late 1990s and have remained mainstays in the IT world ever since, although AD has been far more dominant on a market share basis.

Identity Management with Active Directory

Why IT needs IAM in the Cloud

It’s important to note that both Active Directory and OpenLDAP were introduced at a time when IT environments were effectively on-prem networks of Windows®-based IT resources. For example, the vast majority of systems, applications, files, and networks all revolved around the Windows OS. As a result, AD quickly became the core identity management platform in most IT organizations.

Of course, Active Directory worked well when IT infrastructure was all Windows. However, as Mac® and Linux® systems started to enter the network, AD struggled. Then came web applications like G Suite (formerly Google Apps), cloud servers at AWS® or GCP, storage solutions like Dropbox in the cloud or Samba and NAS appliances on-prem, and a lot more. Even the network itself shifted from a wired connection to WiFi. There are plenty of other examples, however, one aspect that all of these non-Windows IT resources share is that they are difficult to manage with AD. Over the years, admins realized that AD was only managing a small portion of the overall IT infrastructure. This has created a number of challenges with identity management as a result.

Mitigating Identity Management Challenges

Active Directory fails in the cloud and that's why IAM in the Cloud is needed

You might think that would have been the end for Active Directory. However, rather than replace AD, a whole ecosystem of add-on identity management solutions such as web application single sign-on (SSO), identity bridges, multi-factor authentication (2FA/MFA), and more were created instead. The majority of which were designed to complement the on-prem AD instance because of how entrenched AD was in the market. While effective, the problem with this approach is that IT then needed to have multiple management solutions in order to manage their overall identity infrastructure.

The Next Step in Identity Management

Next steps for IAM in the Cloud

Of course, it was these challenges that inspired a new generation of IAM in the cloud. These next generation IAM (Identity and Access Management) platforms are more than AD add-ons such as web application SSO. Rather, they are shifting the core identity management infrastructure to the cloud to be delivered as a service. For example, the JumpCloud® Directory-as-a-Service® platform goes above and beyond the use cases of AD to securely manage and connect users to their systems, applications, files, and networks regardless of their platform, provider, protocol, or location. In doing so, IT can not only eliminate AD on-prem, but also their entire on-prem identity management infrastructure (including all of their add-on solutions) in favor of a single, comprehensive identity management solution in the cloud.

Learn More About IAM in the Cloud

Learn more about IAM in the Cloud

IAM in the cloud with JumpCloud Directory-as-a-Service can be highly advantageous for IT organizations. Sign up for a free account or schedule a demo to see how. We offer 10 free users to help you explore the full functionality of our platform at no cost. Of course, you can also contact the JumpCloud team for answers to any of the questions you might have.

Vince Lujan

Vince is a writer and videographer at JumpCloud. Originally from a small village just outside of Albuquerque, he now calls Boulder home. When Vince is not developing content for JumpCloud, he can usually be found doing creek stuff.

Recent Posts