By Greg Keller Posted July 11, 2016
IT organizations are struggling with their identity management strategy. Just look at all the new resources that IT is expected to manage at a modern organization:
- Cloud infrastructure
- SaaS applications
- New device platforms
This is not an exhaustive list, but add increased security challenges and a heap of traditional infrastructure and it’s no wonder that IT admins are having trouble figuring out what is the best path for their IAM (Identity and Access Management) platforms.
At the core of this problem is the central directory service, or actually, the lack of a central identity provider.
The Problem with the Conventional Directory
Today’s IT infrastructure is littered with any number of “mini-directories” – user databases that are silo’d to a particular application or device. That challenge is being addressed by a new generation of unified cloud directory services called Directory-as-a-Service®.
Over the last decade, the IT environment has grown dramatically more complex.
Prior to the cloud explosion, IT admins would setup Microsoft Active Directory behind the firewall. Just about all of the devices in the organization were Windows-based. They were likely all located on-premises or they were at the data center which was usually connected via a VPN to the main headquarters location.
The applications were largely built on top of Windows and the network was all hard wired. Microsoft Exchange was the dominant email provider. AD and the domain controller would create a ‘domain’ to enable users to login easily to everything they needed to access.
In short, the environment was homogeneous and as a result far more straightforward to address.
What Must be Unified by the Modern Directory?
Organizations such as Apple, AWS, and Google have dramatically changed the game.
Each one of these innovative companies has impacted how organizations operate – and the result is a much more heterogeneous identity management landscape that requires a more versatile directory to effectively manage it.
No longer is Windows the dominant OS. Mac OS X, Linux, iOS, and Android have forever altered the complexion of an IT environment.
Data centers are no longer required – in fact, there’s very little reason to own your own infrastructure. Infrastructure-as-a-Service providers are better at it than most organizations could ever be.
Productivity platforms such as Google Apps and Microsoft Office 365 are shifting the way that an organization’s employees work. They can collaborate better, work remotely, and spend more time on their jobs and less time on their IT infrastructure.
All of these changes have made organizations more nimble, more efficient, and more productive. But there are two sides to every coin – and keeping up with all of the change and the radical decentralization has given IT a bit of an “identity crisis”, if you will.
The Directory is the Core of the Problem – and the Solution
The directory is the foundation of the IAM pyramid. So businesses that build their entire identity strategy around an outmoded directory system are building on a crumbling foundation.
Legacy solutions like Active Directory and OpenLDAP have not been able to keep pace with the shift to the cloud. Try as Microsoft might with Azure Active Directory and acquisitions in the space, the core user directory for an organization is fragmented. There are too many silos where user identities live. That creates extra work and is a massive security risk.
This is why admins have been seeking a way to rein in and centralize all of these identities and resources.
Manage Identities Better with a Unified Cloud Directory
“We must adjust to changing times and still hold to unchanging principles.”
– Jimmy Carter
If you want to manage cloud resources, then you’re going to want a cloud-based directory.
If you want to manage Mac and Linux devices, then you don’t want to go with a Microsoft product.
To truly unify your identities and resources, you need a directory that’s vendor neutral, that works natively with SaaS-apps like Google Apps and Microsoft Office 365, and that can communicate in the wide variety of protocols at use in the enterprise today. Of course, you must also hold true to the unchanging principles that underpin user management, especially maintaining the highest security standards.
Modern Identity-as-a-Service providers such as JumpCloud are offering just that. Through a unified cloud directory, IT admins can centralize their user identities while managing and connecting them to the systems, applications, and networks that those users need to access.
JumpCloud’s cloud-based directory platform called Directory-as-a-Service® centralizes user management, is a True Single Sign-On™ platform, manages Windows, Mac, and Linux devices, increases security with RADIUS-as-a-Service and 2FA, and connects remote users to whatever they need to access.