By Kayla Coco-Stotts Posted October 19, 2019
As the rise of cloud directory services have aided IT admins in a multitude of ways, there begs the question: what is the top cloud directory service? Here we’ll dive into key requirements for the top cloud directory services to aid you in finding the best IdP (identity provider) to fit your IT infrastructure.
What is a Directory Service?
Before we anoint the top cloud directory service, let’s dive into understanding what role this important component plays within your IT infrastructure.
At its most basic, directory services, also often referred to as identity providers, connect users to important IT resources (like files, servers, networks, and applications) that they need to access. Directory services also store information about users, groups, systems, networks, applications, etc. (often called “attributes”), so that admins can more holistically control and manage users, key information about those users, and their access to an organization’s infrastructure.
The Cloud-based Directory Service
For years, Microsoft® Active Directory® (AD) was the dominant directory service used throughout the IT landscape. However, more recently IT admins have begun to shift away from typical, on-prem directory services that could not cater to the growing need for a unified, yet heterogeneous, computing environment. With the adoption of the cloud in the IT scene, vendors began to introduce cloud directory services, bringing forth the ability to manage disparate identities from one centralized location. But what qualifies a cloud directory service to be better than all the rest?
Connect to a Wide Range of IT Resources
The top cloud directory service should be able to connect a user to a variety of IT resources, both on-prem and in the cloud. The center of a cloud-based directory service should be the user’s identity, and that directory should be able to connect that user to all systems (like macOS® and Linux®), web and on-prem applications, physical and virtual file servers, on-prem and cloud infrastructure, and VPN and WiFi networks among other IT resources.
A cloud-based directory needs to be flexible in its approach, allowing for effectively True Single Sign-On – one secure identity to access just about everything a user may need. This broad connection between user and IT resources must be easy to configure for IT admins, allowing users to navigate their resources with ease and security and for admins to manage users efficiently.
Easy to Migrate From On-Prem
Moving away from legacy directory solutions like Active Directory is no easy feat. When transitioning to a cloud-based directory service, it is important that this directory works as the core of your network, allowing for user accounts to be imported through an easy to use, straightforward process.
Does an organization also leverage G Suite™ or Microsoft Office 365? The top cloud-based directory service should manage all of these disparate identities under one core user management platform, making the transition from legacy, on-prem solutions smoother.
Automation Techniques for Scalability
The best cloud-based directory service should leverage a wide range of authentication protocols and APIs for automating the management of user access in a growing organization. This directory service should be able to manage systems, users, and networks across multiple locations without additional equipment/setup, meaning that it is scalable and user-friendly.
A directory service that is scalable can remotely manages users through REST APIs, command line interfaces such as PowerShell, and other programmatic means. This cloud-based directory should also cover a variety of critical areas including managing systems which are the conduit to accessing critical IT resources.
A 2019 Google Security Blog reported that device-based MFA can effectively block 100% of automated bot attacks, as well as 99% of bulk phishing attacks and 66% of targeted attacks.
Compromised credentials are the #1 attack vendor for an organization, and with only 45% of businesses implementing multi-factor authentication (MFA) by 2018, it becomes a question of when, not if, an organization may be hacked.
The top cloud-based directory service should be the greatest defense against hackers. It should provide IT admins with a user-friendly interface that implements built-in MFA across users, servers, and networks so that users can initiate MFA in a way that doesn’t disrupt workflow.
Viable cost model
The top cloud identity and access management (IAM) protocol should leverage a cost-effective pricing model enabling IT organizations to pay for what they want to use while also enabling a bundled price for those that want to maximize their use of the cloud directory service. Further, with a pay as you go SaaS model, the best cloud directory service will be highly efficient with an organization’s dollars.
So What is the Top Cloud-Based Directory?
Well, that’s actually a tough one to answer, as no two IT environments are the same. The best one for you may be different than for somebody else. The key is to deeply understand your requirements and environment to see what fits best in your organization. The issues above are a start, but you may have other requirements as well – list all of them and really understand why those are important to you and then talk with the vendors you are considering.
If your current needs aren’t being met, or you’d like to save money by ditching on-prem hardware and/or third-party applications, our Directory-as-a-Service (DaaS) platform can serve as a one-stop shop for an IT admin’s cloud-based needs. DaaS keeps things simple, scalable, and secure for both users and IT professionals. You can try our cloud directory service for free with 10 users being free forever.