By Jon Griffin Posted January 29, 2018
Major identity breaches have become more common than ever, and many of them come down to something as simple as a single set of credentials. Just one compromised identity can end up being catastrophic to an organization. Just ask companies like Equifax, Target, eBay, and Yahoo (CNN). Becoming the victim of a compromised identity can destroy a tremendous amount of company value. As a result, organizations everywhere are heightening their focus on security. So when IT admins start considering methods they can use to protect their organizations, one common question keeps coming up. Can a managed identity security platform help?
Traditional Identity Security
Historically, identities have most often been stored within the Microsoft Active Directory® (AD) platform. This identity provider was created in the late 90s, and over the last two decades it has become a monopoly in the space. Even as new technology came out that AD couldn’t support, most products chose to build on top of AD rather than try to replace it. There wasn’t much of a choice, due to AD being the backbone of so many organizations. As a result, a large number of organizations use AD for identity security.
Active Directory’s model for identity security has always been to keep identities at the center of the network and build strong security mechanisms around them. This strategy for defense is in depth, and the layered security model has been the approach for nearly two decades now. It worked well over that time, but it is quickly losing its effectiveness.
Why AD Identity Security is Not as Effective Anymore
Unfortunately, with the modern approach to IT networks, this layered security model is now being blown up. With the introduction of the cloud, mobile devices, remote workers, and more, the assumption that an IT network has a perimeter and a center is no longer valid. When operating in this new IT network, where does Active Directory live? The answer is it doesn’t.
These challenges have led modern IT organizations to shift to a cloud identity management platform called JumpCloud Directory-as-a-Service® (DaaS). The modern IDaaS approach used by this platform isn’t predicated on a central, on-prem network. In fact, users and IT resources can live on-prem, in the cloud, or even remotely.
As a result, identities are able to be hosted securely in the cloud within the hosted identity provider. IT admins regain full control over their identities with the ability to ensure strong password complexity and enforce multi-factor authentication. All of these credentials are also one way hashed and salted, and all data is encrypted in flight and at rest.
This modern approach to managed identity security can be a significant step up in security for companies, and it grants IT organizations the ability to shift their IT infrastructure to the cloud.
Managed Identity Security With JumpCloud
If you want to hear more about managed identity security with a modern IDaaS approach, make sure you contact the JumpCloud team. We would be happy to answer any questions you might have on the topic, and we can also set up a demo so you can see it for yourself. The world is moving to the cloud, and it’s important that identity security moves with it. Another option that you can take to learn more about the platform is to sign up for a free account. We offer 10 users free forever, ensuring that you can test the cloud-based directory at your own pace. Check it out, and see why JumpCloud is the modern directory for modern IT.