With so many moving parts and pieces in the IT landscape today, IT organizations are completely rethinking their traditional approaches to identity management. Many are even questioning the foundations of IT itself, the identity provider (IdP). A great example of this is how many are wondering why they should have Microsoft® Active Directory® or an on-prem identity and access management (IAM) platform at all in the cloud era. With that thought in mind, this post will discuss the benefits of identity management.
Identity Management Primer
Before diving in, it is key to get a firm understanding of how we got here in the first place. The modern era of identity management really kicked off with the advent of the LDAP protocol at the University of Michigan by Tim Howes and his colleagues. The success of LDAP would lay the foundations for the birth of two additional core identity management platforms—the open source solution, OpenLDAP™, and the commercial solution, Microsoft® Active Directory® (MAD or AD).
These two platforms were designed to help control access to on-prem IT resources such as servers and applications. AD took it a few steps further by helping IT organizations control access to Windows® desktops and laptops, as well as securing and managing the user identities themselves. With Active Directory in place, IT organizations had a unique ability to provision user access to what their team needed via a single set of credentials. At the same time, IT admins could maintain strict control and security over their IT resources with Group Policy Objects or GPOs.
Dried-Up Benefits of Traditional IAM
While this system was great for Windows-based networks, the model was completely blown up with the advent of cloud infrastructure from Amazon Web Services® (AWS®) and web applications like Salesforce® and Google Apps™ (now G Suite™). With these new tools in place, end users now had to endure the friction and frustration of using many different services with many different ways to log in. Some sets of credentials worked for the Windows-based systems, while another set worked for web applications, and yet another for the WiFi network. As a result, users had to remember multiple passwords and often took shortcuts such as using ‘Password123’ across multiple resources. As a result, IT admins lived in constant fear of being compromised. And unfortunately for them, the traditional identity management approaches (AD and OpenLDAP) were of little help with this new generation of IT resources.
Benefits of Modern Identity Management
Thankfully, a new generation of identity management solutions has arrived—beamed down from the cloud. With the two directory services platforms discussed in this article, both implementations live on-prem and require ongoing maintenance. These two tasks alone can really chew into an IT admin’s time. Plus, because these solutions are purchased software licenses, they go out of date and require upgrading after 3 to 5 or so years. Finally, when you factor in that Microsoft® Active Directory® undergoes sunsetting and end-of-life distinctions, it’s really more of a hassle to keep your on-prem instance up and running than it does to just pay for a more cost-effective service from the cloud.
The next generation of identity management is delivered as a service from JumpCloud® Directory-as-a-Service®. Because of its SaaS nature, Directory-as-a-Service has a dedicated team of professionals working to keep it secure and up-to-date, thus offloading the heavy lifting from your shoulders to third-party experts. When it comes to identity management, JumpCloud enables IT admins to automate secure user onboarding and offboarding so user access can be done efficiently. Further, JumpCloud enables user access to virtually all of the IT resources that a user could need, including both on-prem and cloud resources. That means systems (Windows, Mac, Linux), cloud servers from AWS, web applications, files in the cloud and on-prem, and networks through RADIUS are all within reach of a user and accessible via a single set of credentials with True Single Sign-On™.
For system management, JumpCloud’s GPO-like Policies enable IT admins to implement system security standards like 2FA, full disk encryption, OS updates, lock screen settings, and many more remotely from anywhere there is an internet connection. The end result is that IT organizations, admins, and users can all enjoy the benefits of identity management, reimagined for the modern era of IT.
Learn More about Directory-as-a-Service Benefits
If you’re ready to see how a modern directory provides the benefits of identity management, feel free to sign up today for a free JumpCloud account. A JumpCloud account enables you to manage up to 10 users for free using the full breadth of the Directory-as-a-Service product. No credit card required. If you’d like to further discuss the benefit of identity management with one of our product experts, drop us a line. Also, make sure to check out our Knowledge Base for technical information should you encounter any hiccups.