By Jon Griffin Posted March 20, 2018
The identity management space is filled with different terms and acronyms. A new one that is emerging is unified access management. It’s a term that is being driven by vendors and adopted by analysts, so it’s important for IT organizations to understand what it means. Once understood, it becomes much easier for admins to evaluate solutions that fit under this umbrella category of unified access management and determine which solution fits their needs best. To help with that understanding, this post will examine what unified access management really is.
Why New IAM Terms Keep Appearing
Before we dive into what this new identity and access management term means, we should examine why these new terms or categories are even necessary. The simple answer is because the IT landscape is changing and evolving. New solutions are being introduced at a rapid pace, and in order to keep everything working together new identity management solutions are appearing as well. Where did all of it begin?
The modern era of IAM kicked off over twenty-five years ago with the advent of the LDAP protocol. Created by our advisor Tim Howes and his colleagues at the University of Michigan, the LDAP authentication protocol enabled two major solutions: OpenLDAP™ and Microsoft® Active Directory®. These two solutions became known as directory services, or identity providers, and they were two of the most critical solutions for the modern era of identity management. Microsoft AD went on to become the market leader in the commercial market, and OpenLDAP soon became the most popular open-source alternative.
With these tools, IT organizations were able to centrally control access to systems, applications, and, in the case of Microsoft AD and the domain controller, the network as well. When choosing between the two directories, there was a rather common route companies took. If your organization was driven by Microsoft solutions, you’d opt for Active Directory. If you were based on Unix/Linux solutions, you might leverage OpenLDAP. Some IT organizations would even leverage both, where one would work with end users and the other would work with the data center. The downside to this approach, however, was that it either created massive complications with the integration between AD and OpenLDAP, or it presented two silo’d directories that needed to be maintained. Neither were ideal, but they were the options available. Whether Active Directory or OpenLDAP were chosen, IT organizations proceeded to center their approach to access management around the identity management platform. And for a while, everything in the IT space made sense.
Significant Changes in Access Management
Fast forward to modern times, and the IT landscape is vastly different. Some major changes have occured, and they are driving the IT world to a more heterogeneous and cloud-forward setup. For example, Windows® systems are no longer as dominant as they once were. The rise of Mac® and Linux® machines has caused Microsoft’s ownership of the device market to drop from 97% all the way down to just 20%. This is a major adjustment for admins to deal with. In addition, applications are no longer only hosted on-prem or in the data center near as much as they used to be. Today, approximately 71% of services in the average enterprise are cloud-based services, and these applications are accessible from anywhere. Another area of change is the data center. The data center is being shifted to cloud infrastructure providers such as AWS, Google Cloud Platform, and Azure, among many others. This is drastically reducing the on-prem weight of servers. If all of that wasn’t enough, the wired network is utilized much less as well. WiFi networks have taken over, and with internet access being available from virtually everywhere admins need to be prepared for wireless networks in their environment. And that’s just to name a few of the changes.
All of these fundamental changes in the IT environment are putting tremendous pressure on the directory services standard of yesterday. Active Directory and OpenLDAP just weren’t built for these modern environments, and it is causing them to need a lot of help to stay functional. As a result, a next generation identity and access management platform is emerging. This new solution is driven from the cloud, but can service users located virtually anywhere in the world or on any network. Further, the IT resources that these mobile users are leveraging can be located anywhere – on-prem, in the cloud, remote, or in their hands. The legacy identity management solutions like AD and OpenLDAP weren’t envisioned for this modern era of cloud computing. But, the innovative cloud identity management solution, JumpCloud® Directory-as-a-Service®, is.
Unified Access Management Provider
This new approach to unified access management is securely managing and connecting users to IT resources such as systems, applications, files, and networks, regardless of the platform, protocol, provider, or location. Essentially, unified access management is what we often call a True Single Sign-On™ solution where an end user can leverage One Identity to Rule Them All®. It’s truly the cloud directory built for the modern IT environment.
If you would like to learn more about unified access management, drop us a note. Or, feel free to try out our Directory-as-a-Service platform to see if it can unify access for you across your user base and IT resources. Then, you can see what a complete solution with unified access management actually looks like. Sign up today!