JumpCloud Office Hours: Join our experts every Friday to talk shop. Register today

Identity Management Solutions



There are a wide variety of identity management solutions on the market today. Many of these solutions are vestiges of the past. Historically, networks were largely homogeneous, resulting in simple identity and access management platforms. Organizations merely had OpenLDAP or Microsoft Active Directory as their core user database; this served their needs well. As the IT infrastructure changed, so too did the need for a wide variety of solutions. What was done to satisfy this growing need? Vendors created a number of solutions that were built on top of the core user directory. Let’s take a closer look at these identity management solutions.

Examining the Categories of Identity Management Solutions  

Directory services

Directory-as-a-Service is the core user database where users are stored. The directory serves as the central point of control and authentication of IT resources. Historically, the directory was hosted on-premises, but modern implementations are using a cloud-hosted directory service that will accept LDAP, SAML, SSH, RADIUS, and other protocols.

Directory extensions

This category emerged as Macs and Linux devices became even more popular. Directory extensions effectively were built on top of Microsoft AD, enabling organizations to authenticate and manage Mac and Linux machines. In modern identity management solutions, the three major platforms – Windows, Mac, and Linux – are all centrally managed and treated as first-class citizens.

Web application single sign-on

Cloud applications presented IT admins with another vexing problem, how do you leverage a single set of credentials to access applications hosted in the cloud? This problem was solved by a cadre of web app SSO products. Built on the SAML protocol, these solutions would integrate with the core user directory and federate those credentials out to the web applications. Modern Identity-as-a-Service platforms tightly integrate web app SSO with directory services.

Privileged account management

A category with deep history in the network and server space, these solutions would create a systematic mechanism to access routers, switches, storage infrastructure, and servers. Of course, these high-value, critical systems had more tightly controlled access than less critical IT resources. This category has largely been absorbed by modern Directory-as-a-Service platforms.

Password managers

As the pressure mounted to thwart hackers by creating complex passwords, a new solution category emerged. The password manager is meant to simplify the lives of each user by creating a vault of their difficult-to-remember passwords. The user remembers one strong password and then is able to unlock all of their other passwords.

Multi-factor authentication

As security takes a front-and-center seat in IT, organizations are employing the capability to add another user authentication ‘factor’. This factor is generally a hidden layer in addition to the authentication that the user is aware of. Multi-factor applications are available on smartphones; integrations with devices and applications are also available.

Governance

With an increase in security breaches, more identity management infrastructures are also including auditing, logging, and governance capabilities. These functions are critical to knowing who accessed what, when, and how. This information supports compliance activities and is invaluable during a potential security incident.

Daas: The Identity Management Solution You Really Need

Today, these categories are still in place, but there is a new movement towards cloud-based identity management solutions. This category is often referred to as Identity-as-a-Service or Directory-as-a-Service.

These categories integrate a great deal of the identity stack. The reason is that a core user platform is needed to connect to a wide variety of solution types. These solutions can be located in the cloud or on-premises and consist of different platforms and protocols, but they only need one set of credentials. The ability to be a True Single Sign-On solution – not just for web applications – is a critical part of IDaaS and the next generation of identity management solutions.

If you would like to learn more about how Directory-as-a-Service is delivering on the promise of a True SSO platform, drop us a note. We’d be happy to walk you through the capabilities of the platform as well as offer you a free account. Your first 10 users are free forever.


Recent Posts
Before purchasing a subscription to Azure’s top pricing tier, it’s important to understand what benefits and drawbacks AAD Premium P2 offers.

Blog

Understanding Azure AD’s Premium P2 Tier

Before purchasing a subscription to Azure’s top pricing tier, it’s important to understand what benefits and drawbacks AAD Premium P2 offers.

With IT budgets decreasing in 2020, some organizations need cost-effective system management. Try free MDM functionality here.

Blog

Free MDM

With IT budgets decreasing in 2020, some organizations need cost-effective system management. Try free MDM functionality here.

Learn how to prevent phishing attempts, protect Microsoft 365 identities, and make password changes easier for users. Try JumpCloud free.

Blog

Prevent Phishing of Microsoft 365 Identities

Learn how to prevent phishing attempts, protect Microsoft 365 identities, and make password changes easier for users. Try JumpCloud free.