A decade ago, nobody questioned the ROI of AD. In fact, nobody would question whether or not you needed Active Directory®. It was just assumed.
More recently, the ROI of Active Directory has become an interesting conversation.
The Old Equation
Microsoft® Exchange® and Active Directory were a duo that went into every IT organization. There were very few macOS® devices and Linux® machines at this time. Microsoft Windows® was the standard. Applications were largely on-prem and the data center was either in the building or connected to it via VPN.
The concept of the ROI for Active Directory was pretty simple.
It connected all of your users to the devices and applications they needed. As the organization grew, the investment in AD paid off even more. It connected more users to IT resources automatically which otherwise would have been done manually. The IT overhead alone would have crushed even a relatively large IT organization. Of course, most organizations were lean on their IT staff which meant that management tools were critical – AD perhaps the most critical of all. The ROI of AD in this era was mostly just calculated by the hours saved, but the security aspect of Active Directory was also important.
Also, at that time there were no real alternatives.
OpenLDAP™, the open source directory service leveraging LDAP, could have been used, but time and effort required to make that work with a Windows-centric environment made it a non-starter. So, the effort of purchasing, installing, configuring, and managing Active Directory was just a cost of doing business. The only way to judge whether it was helpful or not was to guess on the hours saved and the increased security.
The New ROI of Active Directory
The modern IT organization is virtually unrecognizable from what I describe above.
Windows is hardly the dominant platform. In fact, only one of five devices is Windows-based [Forbes]. The data center is effectively at AWS and is most likely Linux-based. Web applications abound and are used in all corners of the organization. There is no on-prem email server – it is either being delivered as a service by G Suite or Office 365. WiFi is the dominant network infrastructure and a domain controller may or may not exist.
Now, let’s calculate the ROI of Active Directory.
The situation now is completely different. Active Directory needs to be supplemented with a variety of solutions including third-party directory extenders to cover macOS and Linux. Web applications require an IDaaS solution. Security requires a multi-factor authentication platform. VPNs need to be built and managed to control access at AWS®. An on-prem RADIUS server helps secure WiFi and a Google Cloud Directory Sync machine is needed to connect to G Suite™.
Then include hosting, backup, security, and monitoring and you now have a sense for the costs of Active Directory.
This is exactly why modern, SaaS platforms such as Directory-as-a-Service® make such sense. By building a cloud hosted directory services that integrates multiple platforms, protocols, providers, and locations, Directory-as-a-Service collapses all of the different solutions that you need into one. It is also delivered as a service, so there are no servers to manage, software to update, and infrastructure tasks such as hosting, backup, security, and monitoring to address.
It turns out to be no comparison when you compare the ROI of Directory-as-a-Service vs. the ROI of Active Directory.
Want a Customized ROI Calculator?
If you would like to learn more about the ROI of Active Directory and how our IDaaS platform compares, ask our team to share our ROI calculator with you. You’ll be able to quickly customize it to your organization and see what the costs are for you with on-prem directory services or a cloud identity provider.