By Rajat Bhargava Posted April 1, 2016
True Single Sign-On™ is the holy grail in identity management. For employees, having one set of credentials that can be used to login to whatever IT resources they need is a huge ease-of-use enhancement. On the IT admin side, having central control over user access for all of the organization’s IT resources is a major step-up. Not only does it save time, but it also increases security. So, what’s the biggest challenge here? SSO access governance solutions have primarily focused on web applications instead of the whole IT environment. Modern Identity-as-a-Service solutions, such as Directory-as-a-Service®, are changing this model by building complete identity and access management platforms.
When Networks Are Off Key
IT networks were once relatively simple. A couple of decades ago, the environments were largely Microsoft Windows based and behind the firewall. Microsoft specifically created their directory service solution called Active Directory to fit within this construct. As web applications began to appear, a new set of web application SSO solutions materialized on the market, and they were all built on top of AD. Additionally, when Mac and Linux machines started to penetrate the corporate network, directory extension technology was built leveraging the core credentials from Active Directory. Cloud servers continued to complicate the picture and were largely managed separately from the core directory service. The identity management infrastructure was now a collection of solutions tied together rather than one solution that was capable of managing everything.
Keeping Rhythm with SSO Access Governance
The cloud era definitely changed a great deal of the IT environment. Unfortunately, the identity management platforms born ten to twenty years ago struggled to keep pace. Like many things in technology, change was inevitable. A new generation of cloud-based Identity-as-a-Service platforms emerged to solve the problem of providing True SSO access and governance. These cloud directory services are broader than the traditional notion of directory.
Directory-as-a-Service integrates the centralized user management system with web and on-prem application SSO, device management, WiFi authentication, and multi-factor authentication, among other capabilities. The goal is to provide a single sign-on experience for the end user to their devices, applications, and WiFi networks.
For IT, the benefits of this approach are significant. Their ability to control access to a wide variety of resources increases. Further, the ability to log data and understand patterns of usage are critical. Overall, having identity governance in the compliance era is critical to smoothly sailing through major audits. Cloud identity management platforms are the next generation of controlling user access.
Sing a New Tune with Directory-as-a-Service
If you would like to learn more about how SSO access governance can support your identity management goals, drop us a note. We’d be happy to talk you to you about the market landscape and what might work for your organization. Or, you should feel free to sign-up for a free JumpCloud Directory-as-a-Service account to check it out for yourself.