IdaaS Authentication Event Auditing & Compliance

By Rajat Bhargava Posted February 14, 2017

Today’s IT environment is high risk. There are threats around every corner.

That makes it a high-stress environment for IT admins. The next compromise could be you – and the worst part is you may not have even done anything wrong.

The problem is that identities are being compromised at unprecedented rates. Due to human behavior, those external compromises could impact your organization. A new breed of Identity-as-a-Service function for authentication event auditing and compliance is emerging to help address this issue.

Security Vigilance

It’s never been more important to be vigilant about how your end users are leveraging your IT infrastructure. In fact, many compliance regulations and statutes are mandating that IT organizations review login events to critical infrastructure and systems. Historically, this problem has been incredibly painful, requiring any number of third-party solutions. Now, with the move to the cloud, the problem is becoming even more complex.

It used to be that the core of an organization’s identity and access management infrastructure was simply Microsoft Active Directory®. Since virtually all of an organization’s systems were hosted on-prem and Windows based, the problem was more contained. A third-party product could extract the login events from AD and present them in a reasonable format. This data was critical for compliance activities and for IT admins to review for security purposes.

Compliance Starts with Identity Management

While the IT landscape shifted to be more heterogeneous with cloud and on-prem resources, the complications of gathering authentication and event data rose. Event data was now in a wide variety of locations causing IT admins more headaches. As new IAM technology was introduced, the consolidation of identity management tools started to take place. This meant that a new generation of technology could be used for event logging and audit data. Nowadays, compliance begins with identity management.

Authentication Event Auditing and Compliance via JumpCloud®

Identity-as-a-Service has become the next-generation platform reimagining the legacy, on-prem solutions Active Directory or OpenLDAP. The goal of IDaaS is to centralize the identity provider function and enable virtually any IT resource to authenticate against it. This means that Windows, macOS, and Linux devices are centrally controlled for user and device management. Cloud applications and infrastructure are managed similarly to on-prem IT resources. Authentication data from these logins are logged to the cloud-hosted directory service. IT admins can subsequently download the data and analyze it through reporting and SEIM tools.

If you would like to learn more about the authentication event log data that you can generate from our Identity-as-a-Service platform, drop us a note. Also, sign up for a free account and check out our event logging functionality. Finally, please know that your first 10 users are free forever.

Rajat Bhargava

Rajat Bhargava is co-founder and CEO of JumpCloud, the first Directory-as-a-Service (DaaS). JumpCloud securely connects and manages employees, their devices and IT applications. An MIT graduate with two decades of experience in industries including cloud, security, networking and IT, Rajat is an eight-time entrepreneur with five exits including two IPOs, three trade sales and three companies still private.

Recent Posts