By Jon Griffin Posted June 16, 2017
Managing user access is one of the most critical tasks that IT organizations undertake. Today, more than ever, it is not only a service function to organizations, but also one of the most important security tasks. Unfortunately, managing user access has become far more complicated in the cloud era.
A Brief History of User Access Management
User management started, in earnest, almost two decades ago with the introduction of two seminal tools: LDAP and Microsoft Active Directory® (AD). Very quickly, Active Directory became the market share leader. This made a great deal of sense because the IT environment was largely on-prem and based on Microsoft Windows. As a result, provisioning and deprovisioning users was mostly straightforward. IT admins would add the user to AD and the user would subsequently have access to other resources within the domain. Of course, this was only possible in a homogenous network.
Fast-forward to modern times, and the IT environment is dramatically different. Windows is only running on one in five devices (Forbes). Mac and Linux machines are making huge inroads, and mobile devices are as well. The data center has shifted to the cloud and is delivered via AWS and Google Cloud, among many others. Web applications are replacing on-prem applications that were traditionally based on Windows. This mixed and heterogeneous IT environment is not only a challenge from an IT admin’s perspective, it is also difficult for end users.
Over the past two decades, instead of having a few login accounts, end users have acquired dozens of unique accounts. Not only does that create friction and frustration for them, but it is also a massive security risk for IT. End users find it tedious to manually access unique accounts. This causes them to create simple and common passwords. Users will often rotate between a few passwords, or they will use the same password with multiple systems or applications. Of course, this is a massive security risk and something that IT admins are extremely wary about.
Modern Challenges & Solutions to Managing User Access
On the IT side, the explosion of infrastructure, web-related systems, and services means more accounts that need to be manually provisioned and de-provisioned. A change in headcount causes a great deal of onboarding and offboarding work. An addition or deletion of a system or application causes the same process – more user accounts being created or deleted. The sum of all of these changes adds up across the enterprise and that makes for unhappy IT admins.
The cloud era has spawned a new category of user management system – Directory-as-a-Service®. IT admins simply add their users into the cloud identity management platform and then connect those users to the IT resources they need, including systems, cloud servers, on-prem and web applications, and wired or WiFi networks. As a SaaS-based user management system, Directory-as-a-Service connects virtually any IT resource regardless of provider, platform, protocol, or location. IT admins save time and effort while dramatically stepping up security. End users reduce their frustration and simplify their login experience across a disparate set of IT resources.
Learn More About User Access Management
Managing user access across an IT network is now a challenging job with very real risks that go along with it. If you would like to learn more or ask questions about managing user access, feel free to contact us. We are always happy to answer any questions. Fortunately though, modern cloud identity management solution like Directory-as-a-Service can simplify the process. IT admins can give the IDaaS platform a try for free. Sign up for an account and your first 10 users are free forever.