A user directory is where an organization populates its employees and other users to create and control access to IT resources. It can be very similar to a company directory that keeps data such as phone numbers, locations, job titles, etc. In fact, some organizations use their IT user directories to store this information. This is happening less frequently with modern HR solutions, though.
Understanding What a User Directory Is
To explain what a user directory is, let’s use the metaphor of a simple excel table. The table represents the people in the organization and the resources he or she might need.
Across the top, naming each row, are the various IT resources within an organization. It could be devices, internal applications, web applications, cloud servers, networks, file servers, or any number of other IT items. Down the left hand column would be the individual users. You could then go across each row, which represents a user, and simply check off what access they need.
Much like the chart below:
Ongoing and accurate management of this metaphoric table is crucial to the success of a business. With users coming and going, IT resources being added and deleted, and with daily security threats, a cloud-based directory service is critical to securely managing users and resources. An out-of-date table risks down time for business or too much access to data for certain workers. In practice, the table can require much more complexity than a simple two-dimensional spreadsheet because each cell can contain much more substantial data.
For example, users may have differing levels of access. Therefore, a particular IT resource, say an application, may have admins, read-only users, and read/write users. Further, each cell in the table may contain additional data such as the complexity of the password, whether multi-factor authentication is needed, and how often the passwords need to be rotated. As organizations add more complexity to their business, their “table” increases in size and depth as well.
How Does a User Directory Function?
A real user directory functions in a similar way to the table. It stores employee names, email addresses, and individual credentials inside the identity provider.
There may be certain individuals within the organization that need unrestricted access to all resources. Perhaps this is your executive team and legal team. However, other parts of the organization don’t need access to things like legal documents to do their jobs. The sales team might not need to know about your office lease documents. By NOT providing the sales team members access to your legal applications, you reduce the risk of a problem occurring with that level of authority. However, you still allow your employees to be as effective as possible.
Connect Identities to Devices, Apps & Networks With JumpCloud®
A user directory service connects two different major categories of items — users and IT resources. As an organization grows in complexity, so does the user database. A best-in-class Identity-as-a-Service platform helps to manage this growth, secure connections, and provide visibility to IT admins while eliminating manually management of those IT connections. This is quite a time-saving measure.