By Rajat Bhargava Posted April 29, 2016
Many different technologies have made the leap to being delivered ‘as-a-Service’. While numerous pundits point to Salesforce as the start of the SaaS revolution, an equal number have forgotten about the application service provider revolution of the late 1990s. Of course, those times were primitive relative to the advancements over the last fifteen years. One category has been conspicuously missing from making the leap to Software-as-a-Service: the core directory service. For a variety of factors, a SaaS identity provider didn’t exist. With the advent of Directory-as-a-Service®, however, the SaaS revolution in the identity management space has begun.
Defending User Identities
IT admins have been protective of their user identities, and understandably so, since placing them in the cloud has long been viewed as a security risk. Modern cloud directory services platforms take extensive precautions with user identities in the cloud, including one-way salting and hashing of user credentials. Another challenge IT organizations faced was that their existing directory service was often Microsoft Active Directory which lived on-premises. Why was it on-prem? The reason was simple: because the users and IT resources were there. Of course, with the growth of cloud computing, the challenge has shifted because resources and users are now all over the globe.
SaaS Identity Provider Grants Hard-Hitting Security
A modern SaaS identity provider needs to securely connect users to IT resources regardless of location, platform, or protocol. This is a tall order and a major change from existing on-prem directory services such as Active Directory, Apple Open Directory, and OpenLDAP. A Directory-as-a-Service platform needs to treat all system types – Windows, Mac, and Linux – as first-class citizens. Users are now able to connect to on-prem applications as well as web-based ones. Users are demanding a True Single Sign-On™ platform that not only reaches beyond web applications but also includes their on-prem ones. Additionally, IT admins are integrating their WiFi networks with their directory service to increase security. To that end, modern SaaS-based identity providers are delivering RADIUS-as-a-Service functionality. The collective benefit of this platform is to shift the work of a directory service to a third-party provider while providing users with easier access to their IT resources. As an added bonus, IT admins also get increased security.
Safeguard Identities with Jumpcloud’s Directory-as-a-Service
If you would like to learn more about how JumpCloud’s Directory-as-a-Service platform can support your organization as its SaaS identity provider, drop us a note. We’d be happy to discuss the pros and cons of moving to the cloud as well as the key security considerations. Or, if you would like to try DaaS for yourself, please sign-up for a free account. Your first 10 users are free forever.