By Vince Lujan Posted January 24, 2018
Web based identity management solutions have caught the attention of IT admins all over the world. This is because the ability to manage user identities is critical, but has traditionally been delivered by on-prem identity providers (IdPs) like Microsoft® Active Directory® (AD) or OpenLDAP™. While these solutions have been great for on-prem IT networks and homogeneous system environments, the shift to the cloud has presented new challenges and legacy identity management solutions are no longer the best tools for the job.
For that reason, IT organizations are interested in a next generation web based identity management alternative called JumpCloud Directory-as-a-Service®. This cloud IdP offers a number of advantages for IT organizations, but first, we should discuss why traditional identity management solutions are no longer a viable option.
On-prem Identity Management
The story of modern identity management began with the advent of the Lightweight Directory Access Protocol (LDAP). This innovation was created by Tim Howes, our advisor, and his colleagues at the University of Michigan in 1993. Howes told us in an interview that LDAP was created as a means to secure decentralized IT environments.
What Howes didn’t know was that two fundamental identity management solutions would emerge from LDAP a few years later. The first was OpenLDAP, an open source implementation of the LDAP protocol. The other combined LDAP with the Kerberos protocol to create the most dominant directory service platform to date, otherwise known as Active Directory. Nevertheless, both solutions have served IT admins well for almost two decades and have LDAP to thank for their success.
However, the introduction of web applications and heterogeneous system environments (e.g., Windows, Mac, Linux) in the mid-2000’s presented new challenges. AD and OpenLDAP were both designed for on-prem IT networks and homogeneous system environments (primarily Windows®). Web applications lived in the cloud and, for all intents and purposes, macOS and Linux are not Windows. So it is no surprise that management with AD or OpenLDAP began to struggle as these new resources were introduced. The simple fact is that on-prem IdPs were not designed to support them.
Of course, IT admins know that a wide array of add-on solutions are available with the purpose of extending on-prem identities to the cloud or unsupported resources. However, IT admins also know this approach is not sustainable given that a growing number of add-ons are required as IT networks continue to shift to the cloud and diversify – and there is plenty more where that came from.
IT organizations cannot layer add-on solutions on top of their on-prem identity management solution indefinitely. Add to the fact that modern IT organizations seek to eliminate on-prem infrastructure altogether, and it becomes clear why admins are interested in a comprehensive web based identity management platform such as JumpCloud Directory-as-a-Service.
Web Based Identity Management with Directory-as-a-Service
JumpCloud Directory-as-a-Service securely manages and connects users to their systems, applications, files, and networks. As the definitive and secure directory for employee access to cloud or on prem apps via SAML-based SSO, to WiFi via RADIUS and to network-based file shares and storage, IT admins need no other solution. While we do provide an alternative to Microsoft Active Directory, we can also coexist with it, addressing the use cases AD does not: Mac, Linux and Windows endpoint management, systems management, and native cloud directory services, to name a few. In essence, we are the next generation of directory services.
Beyond identity management, a significant benefit to this approach is a step up in security. With identities that are one-way hashed and salted, control over password complexity, and the ability to add multi-factor authentication, this modern IDaaS platform is delivering outsourced identity management and increased security without the heavy lifting of legacy directory services.
Learn More about Web Based Identity Management
Check out our whiteboard presentation to learn more about cloud IAM protocols and architecture. You can also contact the JumpCloud team, or sign up for a Directory-as-a-Service account to see a web based identity management platform in action. Your first ten users are free forever to help you discover the full functionality of our platform – risk free.