By Zach DeMeyer Posted January 8, 2020
With all of the disparate IT resources at play in an organization, IT admins armed with traditional identity management tools struggle to manage access to them. In an ideal world, rather than a multitude of identities, IT admins can supply their users with one comprehensive set of credentials, meaning one login to all IT resources.
Historically, this capability appeared to be a fantastical one, a flight of fancy akin to that of the mythical quest for the Holy Grail. But thanks to innovations in the modern cloud era, the concept of one login for all IT resources is closer than you might think.
History of Identity Management
IT admins know how difficult it is to provide end users with a single, comprehensive set of credentials. With a host of web-based applications, cloud infrastructure, a variety of endpoint systems, wireless networking, and more, IT admins have a tough time keeping track of all of the username/password combinations that each require. For the end users that leverage them, the task is even more arduous, which usually results in upticks in help desk tickets.
The First Unified Identity
Things weren’t always this way. In the early days of IT, admins relied upon Microsoft® Active Directory® (AD) to manage their users’ identities, which provided a core set of credentials for virtually all IT resources (as long as they were Windows-based).
Microsoft’s Windows® operating system (OS) was the de facto standard for nearly all systems used in the workplace. The OS dominated the applications space as well, and since the network consisted of wired connections, AD managed everything with relative ease. This near monopoly of the IT space established what is now known as the Windows domain, with AD as the domain controller. Of course, the IT landscape at that time was drastically different than it is now.
Disparate Times, Disparate Measures
After the Software-as-a-Service (SaaS) boom of the mid 2000s, Active Directory started to lose its grip on the average IT environment. Although these new innovations revolutionized work as we know it, they presented a major problem for IT organizations. Many of these new resources existed outside of AD’s domain, and as Mac® and Linux® endpoints started to proliferate within the modern office, the unified identity of Active Directory began to fracture.
In order to propagate on-prem Active Directory identities to these resources, IT organizations needed to employ the assistance of third-party identity management tools. Among the most popular of these were web application single sign-on (SSO) solutions, which were soon dubbed Identity-as-a-Service (IDaaS). Even today, IDaaS solutions remain as one of the most widely used identity management tools alongside AD.
Unfortunately, much like the resources they authenticate to, IDaaS and other similar tools still fracture the once-unified identity of Active Directory. As such, it appears that leveraging AD in the modern era for a comprehensive identity for all IT resources is out of the question.
Leveraging One Login for All IT Resources
Although utilizing a single set of credentials to encompass all resources seems mythical at best, there is a solution: the cloud directory service. As a concept, the cloud directory service reimagines identity management as it once was, creating a unified domain for virtually all of today’s disparate resources.
Using a cloud directory service, IT admins provide end users with one set of credentials they use to access anything: their systems (Windows, Mac, Linux), their applications (on-prem and cloud), wireless networks and VPNs, cloud infrastructure, file servers, and much more. And, since this is leveraged entirely from the cloud, admins can do so regardless of their users’ locations.
If you’re interested in providing your user base with one login to all IT resources backed by serious identity security, consider a cloud directory service for your identity management. Contact us if you’d like to learn more.