Have you ever wondered about IDaaS (Identity-as-a-Service)? This IDaaS 101 guide will go over what it is, how it came to be, and what IDaaS means in today’s IT scene.
History of IDaaS
The dominant on-prem directory service from the early-2000s to now is Microsoft® Active Directory® (AD). At its inception, AD managed on-prem Windows® systems and provided authentication to Windows applications users needed. However, as web applications grew and became more widely used in the enterprise, their identities needed to be federated to the web. So, third-party SSO providers started to appear.
Most SSO solutions were built around AD. When SSO was paired with AD and the SSO solution was delivered from the cloud, vendors branded it as IDaaS. This lent itself to the concept of cloud identity management (although the identity wasn’t really authoritative within the SSO solution) while also making it clear that it would be provided as a service, via subscription fees, from the cloud.
Together, web application SSO and AD created an IAM platform that could extend on-prem identities to the cloud. IT admins had a central location from which to manage their users, and users had a single identity for their on-prem resources and web-based applications.
A number of changes have taken place over the years that have rendered the coupling of web application SSO and AD less effective. Non-Windows OSs, like macOS® and Linux®, have gained traction at the enterprise level. AD isn’t a powerful tool for these systems, so newer organizations may leave those systems unmanaged, or forgo a directory altogether or add a directory extension solution, often at their detriment.
Many organizations favor cloud infrastructure as well. It’s secure, flexible, and can be accessed from anywhere. In fact, cloud infrastructure will likely replace virtually all on-prem infrastructure –– including data centers, data storage, and file servers –– in the near future. As a result the AD and SSO combination struggles even further with these new cloud infrastructure components.
Today, IDaaS is still often thought of as little more than web application SSO built around AD, Windows systems, and web applications. However, it needs to be more than that. Modern IDaaS should be True SSOTM. That is, one identity to securely access all IT resources, regardless of whether they’re on-prem or cloud-based. Modern IDaaS should be platform-agnostic, meaning it can manage macOS, Linux, and Windows systems. It should also be protocol-independent to help customers avoid identity lock-in, and cloud-based to keep in step with today’s IT trends.
There are many services that, when combined, can create a comprehensive IDaaS solution like the one described above. However, they generally must all sit atop a directory service first. In the age of cloud computing, on-prem directory services like AD aren’t as appealing as they once were. That’s why we’ve developed the world’s first cloud-based directory and modern approach to IDaaS, Directory-as-a-Service® (DaaS).
Directory-as-a-Service for IDaaS
Directory-as-a-Service provides user management capabilities, system management, web application SSO, privileged account management, password management, and MFA all from a single, cloud-based platform. It works for on-prem and web applications alike, and admins can use it to manage macOS, Linux, and Windows devices.
See how DaaS can provide IDaaS and more by scheduling a demo. Have a few questions? Feel free to let us know. We’d be glad to help.