By Rajat Bhargava Posted August 7, 2015
The holy grail in Identity and Access Management is giving a user access to any of the resources they need with just one secure password. Those IT resources could be their devices, applications, or networks. Ten years ago this was largely possible because the world was homogenous. It was based on Microsoft Windows and just about everything was within the corporate walls.
With Changing IT, One Password is no Longer Enough
Over the last decade, though, the world of IT has been turned upside down. Apple has emerged as a dominant device player. Google is a major cloud application provider. And, AWS is the go-to Infrastructure-as-a-Service provider.
No longer is Microsoft the only operating system in use at most companies. Linux and macOS are perhaps just as prevalent across an organization as Windows. Modern organizations are shifting much of their infrastructure – hardware and software – to the cloud. The pay-as-you-go model along with the reduced management overhead is attractive to organizations of all sizes.
One Password Management Solution – DaaS
Of course, all of this shifting and changing in the IT landscape has a significant trickle-down effect to identity management. How do IT admins now centralize their corporate identities and federate them to all of the IT services that their employees need regardless of platform or location? At JumpCloud, we’ve been thinking about this problem for a while now and believe that the Directory-as-a-Service is the answer.
In order for IT admins to deliver one password access to their employees, their core, authoritative directory must be able to cut across platforms, devices, operating systems, protocols, locations, and more. It must be incredibly flexible to connect to just about any type of IT resource that the IT organization needs. Legacy software solutions such as Microsoft Active Directory and OpenLDAP struggle with the task – they are deeply tied to specific platforms or protocols. Also, their inward-facing nature leaves them lacking when connecting to more modern cloud applications and infrastructure.
What’s needed to accomplish the task of one password for all corporate IT resources is a modern directory service. I’m talking about a directory that’s hosted in the cloud so it can natively connect to both cloud and on-premises infrastructure. This modern directory needs to support multiple protocols and device platforms such as LDAP, SAML, Windows, Linux, Mac OS X, and others. A cloud-based directory can’t play favorites – it has to be able to connect to anything that the organization needs.
A Solution for One Password, One Identity
JumpCloud’s Directory-as-a-Service fits the bill. Sometimes put in the category of Identity-as-a-Service or Identity Access Management, JumpCloud’s cloud-based directory service functions as the core solution for a company’s user management. A single password inside of JumpCloud can be used for device, application, and network access.
JumpCloud doesn’t stop there. It seamlessly integrates with Google Apps to provision and deprovision access to that infrastructure. JumpCloud can also be tied to any number of Single Sign-on (SSO) providers to ensure that the one password in JumpCloud can be federated to thousands of Web applications.