By Rajat Bhargava Posted February 15, 2017
Identity-as-a-Service solutions are all the rage right now in the IT world. In fact, just about every identity and access management solution is currently calling itself an IDaaS platform.
Unfortunately, this often amounts to little more than “cloud-washing” an existing product. This type of superficial re-branding for the cloud has been happening in other IT segments for years, so it’s no surprise that it’s taking place in the IAM world too.
However, there are ways to tell the real players in the IDaaS world from the pretenders. A key area to observe is whether an Identity-as-a-Service function for system level 2FA exists.
Web App or True Single Sign On™?
Historically, most IDaaS solutions simply were web application single sign-on. The IDaaS providers and analysts came up with a fancy name for what was effectively a simple category – SSO. At the time, Microsoft Active Directory® was the core, authoritative identity provider for most organizations. This made a lot of sense since the IT landscape was largely Microsoft Windows and hosted on-prem. When web applications started to take off, a new category of identity management was born. The SSO solution delivered from the cloud was subsequently named Identity-as-a-Service.
Fast-forward to today, and the world looks very different. Windows is only one in five devices [Forbes]. Cloud infrastructure provided by AWS, Google Compute Engine, and others is the norm. Web applications are used throughout the organization, and WiFi is ubiquitous. All of these changes ripple through to what the core identity management platform is for an organization. This was traditionally handled by AD and other point solutions. Today, there is an alternative that is a true Identity-as-a-Service platform that centralizes user access to a wide variety of IT resources. The solution is called Directory-as-a-Service®.
Modern IDaaS Platforms Include System Level 2FA
A key component of that IDaaS platform is multi-factor authentication into systems. As organizations move to Linux and macOS systems, Directory-as-a-Service is enabling an increased level of security with 2FA into systems.
Multi-factor authentication into systems is one of the most significant security mechanisms that an organization can implement. Why? A stolen username and password is not sufficient to access the machine. The person attempting to access the system also must have the smartphone that generates or receives the pin code that needs to be entered. This effectively negates most hacking attempts into a machine because the hacker does not have the user’s smartphone. Modern IDaaS platforms include this MFA capability for systems.
It’s not enough to just use the term Identity-as-a-Service. As the IT landscape shifts dramatically, any modern IDaaS platform must be positioned to solve the needs of its clients. A key Identity-as-a-Service function for system level 2FA is part of the requirements for a modern directory service.
JumpCloud® Is a True Identity-as-a-Service Platform
If you would like to learn more about how IDaaS is moving beyond web application SSO and to security-oriented features such as system level 2FA, drop us a note. Also, give our Directory-as-a-Service platform a try and level-up your security with MFA for your systems. Since your first 10 users are free forever, try it today.