By Rajat Bhargava Posted December 16, 2015
A core part of what IT organizations do is connect users to the IT resources that they need. Resources can include systems, applications, or networks. The systems could be comprised of a variety of different platforms, including Windows, Mac, or Linux, and they may be located on-premises, remote, or in the cloud. While applications are on-premises and in the cloud, networks can be local WiFi or wired. Given that all of the various IT systems require secure logins from users, IT organizations are striving to build secure single sign-on approaches.
The Demands of a Rapidly Changing Landscape
There’s now a way around it: IT infrastructure has changed. No longer is the network just Microsoft Windows based and hosted locally. Today’s modern IT network is much more complex. Cloud infrastructure is hosted at AWS, Azure, or Google Compute Engine among many others. Applications are scattered internally and in the cloud. Key applications, such as Jira or Git, are hosted internally, while cloud applications, such as Salesforce and Slack, are based in the cloud. Nowadays, Mac and Linux devices are almost as prevalent as Windows machines. Networks have converted and are now WiFibased which not only increases flexibility and agility, but also dramatically changes the security environment. This poses quite a challenge for IT organizations. How can they stitch together various IT resources into one set of secure credentials that can be used by their employees and contractors?
Historically, solutions have largely focused on two different areas. One is the core directory services. Organizations have used the legacy applications Microsoft Active Directory and OpenLDAP as their core user store. The other key solution has been single sign-on but largely only for web applications, since SSO providers have not generally focused on local applications, devices, or networks. This creates some challenges for IT admins because it increases the number of moving parts, creates on-premises equipment when moving to the cloud, and decreases security.
Directory-as-a-Service Rises to the Challenge
Recently, a new category of Identity-as-a-Service platforms called Directory-as-a-Service has emerged to provide secure True Single Sign-On™. DaaS integrates all of the different IT resources, such as systems, applications, and networks, and provides a secure single sign-on experience. The beauty of this approach is that it spans different platforms, locations, and protocols. The challenges faced by IT admins have been fulfilled through DaaS. IT admins can now deliver a secure single sign-on experience for their users. They can also provision and deprovision access centrally which increases security. And, end users can leverage one set of credentials to login to all the resources they need.