The COVID-19 outbreak forced many organizations globally to find new ways to maintain business continuity and keep employees and customers as safe as possible. For many of these organizations, the onus fell on their IT departments to mobilize end users to work effectively from anywhere in the world.
In the process, however, many IT administrators found that the core of their identity and access control toolbelt — their directory service — was ill equipped to handle a fully remote workforce. With that in mind, let’s hone in on the role the directory service plays in modern IT business continuity, and how IT organizations can pivot their approach to best support their workforce, regardless of whether they’re remote or in-office.
The Role of the Directory Service
Core directory services are the lifeblood of an IT organization. They connect users to their IT resources including systems, applications, files, and networks, and allow IT admins to dole out access privileges based on department and role. Beyond that, directory services enable IT admins to configure and control endpoints like systems and servers to ensure they’re secure and performing at peak capacity.
From a business perspective, the role of the directory service is a crucial one: It is responsible for both enabling end users to work effectively as well as securing an organization from attack. This two-pronged responsibility makes the directory service essential for IT admins’ ability to organize, manage, and maintain their user base from their first day to their last shift.
Directory Services Past
Historically, the directory service has lived on-premises, with Microsoft® Active Directory® (AD) often filling the starring role. Over time, AD became a ubiquitous feature of many IT organizations, with most building their entire IT infrastructures around the platform. This practice was the basis for the concept of the domain, a perimeter-protected network where end users had instant access to all of their IT resources, provided they were logged into the on-prem AD instance.
For years, this approach served IT organizations well, creating fairly seamless workflows for both admins and users. By streamlining these processes, organizations not only keep employees operational, but also makes them and IT admins more efficient in the process, improving their business’ output.
On-Prem Directory Services in a Changing World
But, as internet adoption grew and resources like applications moved to the cloud, AD’s hold over IT resources waned. AD controlled resources that existed within its on-prem, Windows®-centric domain, so as more facets of the IT solution stack moved to the cloud, AD struggled to keep up.
The uptick in remote work amid the outbreak of COVID-19 increased the challenges with AD even moreso. Traditionally, end users worked from inside of AD’s domain, making them easy to secure. With fully remote work, AD’s once-seamless management capabilities create more hassles than solutions.
With the directory service housed on-prem, remote IT admins need to invest in solutions like VPN infrastructure to be able to maintain control despite not tending to the directory service in person. In the case of server failure, most cases require that the admin goes into the office to fix the problem directly, a tough ask during quarantine lockdowns.
From the end user’s perspective, they also need to leverage VPNs to securely access the domain to receive changes to their identities and access rights. Often, the end user will do so from their insecure home network, opening up potential attack vectors that admins can’t secure.
Overall, these drawbacks also impact the organization’s business continuity. Outages and diminished control mean that employees are less likely to be able to work effectively while also introducing security vulnerabilities that can spell disaster for an organization’s short and long term business goals.
Addressing the Problem: The Domain
So, as IT organizations prioritize business continuity during turbulent times, many have found that their on-prem directory service is the main source of their woes. After all, any downtime during the workday can put remote organizations out of commission while IT admins scramble to fix problems they can’t address in person.
This issue leads many admins to reconsider their directory service and the concept of the domain altogether. With a remote workforce, end users and their resources are outside of the domain, rendering it outdated, a relic of a bygone era. The traditional approach to managing users just can’t keep up with the demands of modern IT.
That’s why tens of thousands of today’s organizations have turned to a domainless approach to IT. In a domainless enterprise, IT admins use a cloud directory service to control user identities and workstations, making it easy to manage an organization regardless of what resources are at play or whether end users are in-office or working from home.
Like with a domain-bound approach, the backbone of domainless IT is the directory service, but instead of being limited to the four walls of an office, this directory service spans the globe through the cloud. This cloud directory service also isn’t tied to any particular vendor or protocol, providing a first-class level of service to all users and IT resources, including web apps, systems (Windows, Mac®, and Linux®), servers, and other infrastructure.
Using a cloud directory service, IT organizations maintain their business continuity alongside the level of control they once experienced through the on-prem domain. Regardless of whether an organization is in-office or fully remote, a cloud directory service means they keep a continuous level of security and control, allowing their end users to work smoothly and effectively with little to no disruption.
Curious how the domainless approach to IT works? Check out this presentation of one IT admin’s journey from a struggling, domain-bound environment to a thriving domainless one, and the benefits of centralizing IT through a cloud-based directory service.