If you are an IT admin, there’s little doubt that you have faced or soon will face the question, IDaaS or directory services? Why? Well, the IT landscape has changed so much that legacy approaches to controlling user access and managing systems are under tremendous pressure. Let’s dive into the question of IDaaS or directory services.
The Question of IDaaS or Directory Services
The analyst firm Stack Analysis recently tackled this topic in their paper comparing SSO and cloud directory services. First generation IDaaS (Identity-as-a-Service) platforms are essentially just web application single sign-on solutions, while directory services have been most synonymous with solutions like Microsoft® Active Directory®.
In the Stack Analysis research paper, a new generation of IAM solution is explored—the cloud directory service. This modern identity provider isn’t just Active Directory in the cloud, but rather a new approach on directory service as a whole. Cloud directory services are pushing to be the central point of control for users and systems and what those users need to access. These resources include systems, servers, applications, files, and networks regardless of platform, protocol, provider, or location. Now, that’s a far cry from the on-prem, Windows-centric Active Directory platform.
But this new identity provider approach seems to be frequently confused with another core IAM category, single sign-on (SSO). As web applications have become mainstays in organizations, connecting users to them has become more difficult. Active Directory doesn’t handle non-Windows and off-prem IT resources very well, so a new generation of vendors have created solutions to leverage AD identities to bridge user access to web apps.
So Which is Better?
With a greater shift towards cloud-based IT management tools, the question often becomes: can IT organizations replace their on-prem directory service with an SSO platform? The question often sparks more debate about system management, on-prem applications, file servers, and network access. Can an IT organization get away with just focusing on web applications and ignoring other IT resources, especially those on-prem?
For some organizations, the answer to that is yes. Their view is that the core of their IT resources are web applications, so systems just acts as dumb terminals, using a browser to access smart applications hosted in the cloud. Other organizations eschew that viewpoint and believe that systems are a critical place where work gets done, being that they are gateways to a wide range of IT resources. Depending on where you sit on that spectrum will often dictate whether IDaaS or directory services is right for you, and whether that is a reasonable comparison or not.
To learn more about the question of IDaaS or directory services, and which option is right for your organization, feel free to contact us with any questions you have. You can also explore the Stack Analysis whitepaper for more information, and/or read more about cloud directory services and single sign-on on our site.