Identity And Access Management 101

By Katelyn McWilliams Posted January 4, 2019

Identity and access management 101

Welcome to identity and access management (IAM) 101, where we’ll cover the history and value of the IAM market. For many years, identity management has been largely a sleeping industry – important, but mostly out of the spotlight. Over the last few years, though, there has been tremendous innovation in the identity and access management sector.

Identity and Access Management 101: LDAP

IAM 101 could be said to start in the early 1960s, when Fernando Corbato invented the first computer password at MIT. But the spark that kicked off the modern era of identity and access management that we know was the creation of the Lightweight Directory Access Protocol (LDAP) in the early 1990s. Developed in the early 1990s by JumpCloud advisor Tim Howes and others at the University of Michigan, the Lightweight Directory Access Protocol was designed to be a lightweight version of the X.500 directory services protocols that were being implemented at the time.

Many organizations began leveraging the LDAP protocol with username and password information as well as a variety of other attributes (such as address, telephone number, group, etc). Due to its capacity to authenticate and authorize user access, the LDAP protocol became a core directory service protocol for the Internet.

The LDAP protocol would go on to serve as the cornerstone for two key innovations in the IAM marketplace – Microsoft® Active Directory® (AD) and OpenLDAP™. Both of these on-prem identity providers (IdPs) were brought about in the late 1990s and quickly became foundational in the IAM realm.

The Rise and Fall of Active Directory

What is Active Driectory

At the time when AD and OpenLDAP were introduced, the vast majority of IT infrastructures were a network of Windows®-based resources. Not surprisingly, Microsoft Active Directory became a dominant force in the directory services space. Given an environment that was entirely Windows, with on-prem servers and software, IT admins couldn’t imagine a more time and cost efficient identity provider.

But as time went on and the IT landscape evolved, AD’s Microsoft-centric approach became a limiting factor. New types of IT resources emerged, such as web applications like as Salesforce® and Freshdesk®, cloud infrastructure like AWS® and GCP, and laptops, desktops, and servers from Apple® and Linux™. IT admins began looking to replace AD, but it was difficult to replace such a foundational element of an organization’s network. Instead, the Active Directory playbook became all about finding and implementing add-on solutions such as identity bridges, web application single sign-on (SSO), privileged identity management, and much more.

IAM Shifts to the Cloud

shifting IAM to the cloud

The thought process was that AD would always have to be in place as the core identity provider for an organization. But lately that attitude has started to shift. The new reality of modern, heterogeneous IT has driven a need for the next generation of IAM solutions to be delivered from the cloud and made for mixed platform/provider environments. More and more IT organizations want to permanently move away from the traditional on-prem, legacy identity provider. In other words, they are looking for a future-proof approach to identity management.

Introducing Directory-as-a-Service

Luckily, a solution known as JumpCloud® Directory-as-a-Service® takes the traditional approach to identity as access management and offloads it to the cloud. Offering remote endpoint management, JumpCloud can manage fleets of any system type (Mac, Linux, or Windows) and can provide a True Single Sign-On™ experience by enabling end users with one identity to access virtually all resources, regardless of platform, protocol, location, or provider.

To learn more about Directory-as-a-Service, you’re welcome to check out our YouTube channel for tutorials, demos, and more. If you have any questions regarding the JumpCloud platform, you can contact us here or schedule a demo to see the product in action. To get a hands-on experience yourself, you can sign up for a JumpCloud account; signing up doesn’t require any payment information and comes with ten free users to get you started.

Katelyn McWilliams

Kate is a Content Writer at JumpCloud. She moved to Boulder, Colorado from Seattle in 2017 with experience in marketing for IT under her belt. When she isn't writing about tech, she enjoys rock climbing and petting every dog in sight.

Recent Posts