By Rajat Bhargava Posted April 27, 2017
Many IT organizations are trying to make it easier for their users to access the IT resources that they need. This used to be an easy problem to solve because everything was on-prem and in-house, but with the cloud and SaaS applications becoming more and more prevalent, that’s no longer the case. On-prem solutions in identity management are giving way to cloud identity management approaches. One such solution is online single sign-on (SSO).
Early Single Sign-On
The concept of single sign-on really took off in the early 2000s with the introduction of Microsoft Active Directory®. Because the IT network was virtually all Microsoft Windows based, the advent of AD tied all of the Windows-based IT resources together with a single login. A user could login to their device while it was connected to the network, and those credentials would be authenticated via the domain controller. A successful login would result in the user being able to move from IT resource to IT resource without having to re-login.
That approach was wonderful for both end users and IT. There was less friction and frustration across the board. A forgotten password needed to be dealt with once and then the user was back in business to access whatever they needed. Provisioning and deprovisioning was centralized around Active Directory. It may not have been known as SSO at the time, but it still functioned exactly like it.
The Explosion of Online Infrastructure
But as web applications started to emerge, Active Directory started to struggle. The new IT resources in use weren’t on-prem anymore, nor were they Windows based. The challenge quickly escalated as the world started to shift to online applications. End users started to be more frustrated with their IT infrastructure, and IT admins bore the brunt of the unhappiness. This would force the admins into helping users in situations where they had no control and the worst part was that IT was losing control over security.
Recognizing this issue, on-prem SSO solutions quickly emerged. The solutions were integrated with AD, and at first this approach made a great deal of sense. These first generation SSO products were enterprise class and scalable. As more of the market made the leap to the cloud though, these legacy, on-prem, enterprise class solutions started to give way to the next generation of solutions, namely online single sign-on or IDaaS.
A wave of web application SSO solutions that were delivered as a service emerged. Because of their ease of deployment, these solutions gained a great deal of traction. However, the challenge with these first generation online SSO products was that they were still tightly integrated with Active Directory. Many IT admins were looking to replace Active Directory, but these first generation online SSO solutions weren’t making the leap so they were forced to stay on AD.
Replace Active Directory to Achieve SSO
A new generation of cloud identity management platforms has entered the market, offering the same type of unified identity that was once possible in an all Microsoft environment. At the forefront of this movement is Directory-as-a-Service®, which acts as the core identity provider, including online single sign-on functionality. This allows IT admins to securely manage and connect users and their IT systems, applications, and networks regardless of platform, protocol, provider, or location.
These tools are a significant step-up from their previous IDaaS experiences with AD extensions. Additionally with Directory-as-a-Service the concept of True Single Sign-On™ emerged. This is a conceptualization of SSO that dwarves the idea of the standard a web application SSO product attached to AD. Instead, Directory-as-a-Service and True SSO offer a single set of credentials to access everything from apps to systems and networks.
Learn More About True Single Sign-On
If you are interested in online single sign-on, take a look at True SSO by JumpCloud. Our cloud directory is enabling end users to leverage one set of credentials across virtually any IT resource, and IT admins get the benefit of only having one identity provider to manage. Check out our next generation virtual cloud directory for yourself with a free account. Your first 10 users are free forever.