By Jon Griffin Posted July 2, 2019
Is an online Active Directory® solution the next generation in identity management? As just about every type of software and management solution moves to the cloud, the question is: “Why hasn’t Microsoft® Active Directory or identity management in general moved to the cloud also?” In this blog post, we’ll discuss the limitations of an online Active Directory solution, and the alternatives to Active Directory for cloud implementation.
Active Directory’s Origin
Active Directory was created in the client / server era when the Internet / web was just emerging. At the time, Windows® was the dominant platform and virtually all IT resources were on-prem. The IT environment was tightly managed by IT, and as a result implementing management solutions like Active Directory made a great deal of sense. IT would have more control, and users would get easier access to the IT resources they needed.
Any Windows-based applications, file servers, systems, and other IT resources could be easily managed and connected with Active Directory. The benefits to IT were tremendous, including the ability to provision, deprovision, and modify user access, secure identities and force stronger passwords, and create a central point of information for logging and compliance. In fact, AD’s benefits were so compelling that it quickly became the de facto standard and the market share leader.
IT Needs Changed; Active Directory Didn’t
As the world started to change in IT though, the downstream consequences started to appear. Many IT organizations started to make the shift to the cloud with their web applications and server infrastructure. Solutions such as Salesforce™ and AWS® became poster children for the move to modern IT resources. Windows devices started to be replaced by Mac and Linux systems. Mobile phones and tablets started to be ubiquitous. All of these changes created havoc on the management tools that IT needed to control and secure the IT network, and AD couldn’t keep up.
One of the most critical systems in an organization is its identity management platform or namely, Active Directory. As the IT network changed, AD was under more pressure. It needed to manage cloud resources and mixed platform environments. The initial idea to solve this problem was to shift to an online Active Directory model – or an AD in the cloud. By moving AD to be hosted in the cloud, IT admins could try to connect more remote resources to AD. Of course more security and networking was needed, but since a dominant amount of IT resources were Windows-based the move still made sense.
As Windows became only one in five devices though (Forbes), the idea behind an online AD started to morph into the concept of a cloud identity management platform. The idea would be to have a platform neutral cloud directory service that could work with on-prem, cloud, and remote resources. Mac and Linux devices would be first class citizens just like Windows was on AD. Office 365™ would be treated just as G Suite™ or AWS. Protocols such as LDAP, SAML, RADIUS, and others would key off of one user management database. The idea was to reimagine the concept of an online Active Directory to be more general – a cloud directory service.
This approach created a tremendous number of benefits for IT admins and users alike. IT had one identity management platform instead of multiple, while being able to choose whatever IT resources were best for the organization. End users would have True Single Sign-On™. One secure set of credentials to login into all of their IT resources.
Cloud Identity Management is the Future of Active Directory
If you would like to learn more about online Active Directory and why cloud identity management is the next generation of AD, drop us a note. We’d be happy to walk you through the history of the identity management space, and why modern IDaaS is emerging as a must have for IT organizations. You can also sign-up for our cloud directory service for free. Your first 10 users are free forever.