By Greg Keller Posted August 8, 2016
The identity provider or directory service is the core user database within an organization. The user store controls access to IT resources across the network. The identity provider was born out of the need to centrally manage user access to systems and applications. The idea of central user management control grew out of the increasing demand to provide user access to more and more IT resources. A user could be provisioned or deprovisioned from one spot, and the appropriate access would be enabled or disabled. Over time, the challenge for IT admins has been the ongoing implementation and management of their identity provider. Luckily, a new breed of solutions is building out a managed identity provider. This will off-load work from the IT organization and transfer it to a third-party service provider.
Gaining Control over User Access
In the modern Internet era of IT, the identity provider of choice for most organizations was Microsoft Active Directory. Microsoft introduced the solution in 1999 to create a central directory service to control user access. At the time, networks were homogenous; Microsoft Windows was the platform of choice. As a result, Windows-based systems and applications were the norm, so it made sense to have a central user directory to manage access to those devices and applications. Microsoft enhanced their position by also leveraging a True Single Sign-On approach, thus enabling single login user access to virtually any resource on the network.
Decreasing Dependence on Internal Resources
Of course, the shift to the cloud has dramatically changed the role of the identity provider. Gone are the days when IT resources and users were all located internally. Cloud infrastructure and web applications are a core part of IT networks today. Those resources often rely on an identity provider to grant user access. The challenge with on-prem directory services, such as Active Directory, Apple Open Directory, and OpenLDAP, is that they struggle to integrate cloud environments. The shift to heterogeneous platforms causes issues as well. Most of the directory services have been optimized for one platform: AD for Windows, Open Directory for Macs, and OpenLDAP for Linux. IT admins are adjusting to the mixed locations, protocols, and platforms found in the modern identity management landscape.
Achieve Success with Managed Identity Provider Solution DaaS
Directory-as-a-Service® is a managed identity provider solution that addresses these challenges. Because the platform is independent, all of the major operating systems are treated equally. Cloud systems and web apps are tightly integrated. LDAP and SAML support enable both on-prem and cloud applications to seamlessly coexist. Another great feature of the DaaS platform is the ability to secure WiFi networks through the use of the RADIUS protocol. Because the cloud directory service is delivered as a SaaS-based offering, the heavy lifting of installation, configuration, and management of the identity provider is handled by the service provider, off-loading a tremendous amount of work.
If you would like to learn more about how Directory-as-a-Service can be your managed identity provider, drop us a note. We’d be happy to discuss it with you. Or, if you’d like to try it for yourself, please sign-up for a free account.