TCO of Identity and Access Management (IAM)

Written by Ryan Squires on December 18, 2018

Share This Article

As IT organizations continue to come under scrutiny for spending, it is always good to quantify the total cost of ownership (TCO) of particular programs and solutions. For IT organizations, it is important to assess the costs associated with the foundational aspects of your IT environment. For example, the TCO of your identity and access management can be calculated through the costs to run the IAM infrastructure against the tangible and intangible value it provides.

The TCO of IAM (Unfortunately) Starts with Active Directory®

For most organizations, the (TCO) calculation for identity management has long worked against organizations; i.e. the costs of running an identity and access management program can get quite expensive. What this generally boils down to is the fact that most organizations have historically been tied to Microsoft® Active Directory® (MAD or AD). AD is an expensive product to implement. Costs associated with it stem from the need for on-prem hardware, CALs, configuration and maintenance overhead, data centerspace, and more.  

identity management done for less money

Another problem that IT organizations are running into stems from the fact IT organizations are not homogeneous computing environments; not every resource is Windows®-based. So, in order to accommodate non-Windows resources, IT admins have to employ identity bridges, web application single sign-on (SSO), multi-factor authentication (MFA), and more. These add-on tools are necessary because shifts in the IT environment necessitate stacking solutions onto AD, because AD is a tool primarily created to manage Windows systems and users.

In essence, the cost side of the equation continues to increase while the value side dwindles. Each individual solution tacked on to AD comes with increased management requirements, integration needs, and friction for end users. These increasing needs and requirements each make sense when you consider that the overall approach to solving IAM requirements has continuously morphed and changed to adapt to rapidly evolving IT environments. With new IT additions like Mac® and Linux® systems, web applications like Slack, and Salesforce®, and cloud infrastructure from AWS® and Digital Ocean, AD struggles because these tools are not Windows-based. So, IT admins have to create workarounds and add-ons.

Identity and Access Management From A Distance

Sometimes, when thinking about the most efficient and effective way to solve a problem, it is good to step back and rethink the problem completely. Erase preconceptions and reevaluate what you may have considered to be bedrock aspects of your IT environment. Instead of taking an on-prem Active Directory-centric approach to identity management, many IT organizations are starting with a cloud identity provider that is platform neutral, multi-protocol, mixed provider, and location agnostic. An innovative approach such as this centralizes identity management from the cloud for the cloud, on-prem, and remote resources without worrying about add-ons, platform limitations, and more.

IAM from a distance

By utilizing a modern approach to cloud IAM, the TCO equation can shift back and rebalance. A cloud directory service combines centralized users management capabilities such as cloud LDAP, hosted RADIUS, multi-factor authentication, True Single Sign-On™, and more all for one monthly fee. IT organizations don’t need to manage infrastructure, purchase hardware, and hire specialized IT/security experts. Along with these improvements, this new approach to identity management boosts intangible benefits as well. These benefits include: increased productivity, freedom of choice, enhanced security, remote management, and more.

Try JumpCloud® Today

Directory-as-a-Service cloud solution

If you want to flip the TCO for identity and access management equation for your environment dramatically in your favor, take a look at moving to a cloud directory service. Sign up today for a free JumpCloud® Directory-as-a-Service® account and evaluate the platform for yourself. Our free account is full-featured and enables you to manage up to 10 users for free, forever. No credit card required. We have a bunch of helpful resources to help you regain control of your TCO equation like our blog, Knowledge Base, and YouTube channel.

Ryan Squires

Ryan Squires is a content writer at JumpCloud, a company dedicated to connecting users to the IT resources they need securely and efficiently. He has a degree in Journalism and Media Communication from Colorado State University.

Continue Learning with our Newsletter