An open directory is a modern, cloud-forward directory of identities, devices, resources, connections, and events that is built to centralize management of any resource in your IT environment seamlessly. It is intentionally designed to support the different protocols, operating systems, applications, identity providers, and other foundations of IT management and security, such that an organization can manage their environment no matter what technologies exist.
To understand the importance of, and the need for, an open directory, some context is needed. The modern workplace has evolved substantially from only brick and mortar offices (no remote or gig work), on-premises infrastructure and resources, and homogeneous IT environments solely centered around Windows devices and Microsoft products.
Today, many offices are hybrid, or even fully remote, and employees use a wide variety of resources (cloud-based and on-prem) to get work done. The issue is, organizations struggle to keep track of and justify the costs for all of those disparate tools, and many IT professionals have found that the problem is actually rooted within their traditional directory. This is because traditional directories aren’t able to take the load off of the IT department and the budget sufficiently anymore due to the diversity of technology, devices, and resources found in modern IT environments.
Open Directories vs Traditional Directories
Traditionally, Microsoft Active Directory (AD), an on-prem directory, sat at the center of most organizations’ IT environments. It was built around Microsoft products and was meant to be used solely with Windows devices and other Microsoft resources, which were all dominant and essentially the only IT infrastructure and device options at that point in time. Because of these limitations, AD is not considered to be an open directory, but it’s still widely used and has locked many organizations into a very inflexible system and infrastructure setup.
While this setup does still work for some, for many others, especially cloud-forward, modern organizations, and those that aspire to get there, AD is not a viable solution. This is the case for a handful of reasons. Many organizations make use of non-Windows devices (often Mac and Linux) as well as cloud-based applications and other cloud-forward resources. Plus, many allow hybrid or fully remote work, which means that they need to manage and secure workers all over the world. And, for many, the costs associated with AD and on-prem infrastructure remove it from their consideration set altogether, leaving organizations feeling lost and looking for a better directory solution.
The Need for an Open Directory
The IT resources used in the modern workplace need to connect well with other tools without bias, empower employees to be productive regardless of their location or device choice, while ultimately remaining cost-effective.
The idea of an open directory then sprouted to satisfy these needs. An open directory does not lock organizations into a single provider, platform, location, device-type, or anything else. Instead, it allows organizations to choose their preferred tools and operating systems, and connect them together through a core directory. Rather than having a closed off, on-prem directory sitting at the center of your infrastructure that forces you into a box in terms of what other IT tools and devices you can use, an open directory can sit at the center of your infrastructure on its own or in conjunction with existing directories, depending on your current setup.
The former option allows you to create a modern cloud-based foundation that your IT infrastructure can be built upon. The latter option is more suited for organizations with existing IT infrastructure, including existing directories in AD or Google, for example. With the latter option, adding an open directory into the mix will allow you to choose the source of truth for identities (the existing directory or the new, open directory), and then the identities will flow through the open directory to all other connected resources.
This future-proofs your IT infrastructure and makes it more adaptable, because the open directory will evolve with your other resources, whereas traditional directories will not.
Open Directory Requirements
To truly understand what an open directory is and how it works, let’s go over the main requirements for a directory to be considered ‘open’.
Flexible and Open-Ended
First and foremost, an open directory needs to be extremely flexible and open-ended. Here are some examples of what this means – an open directory needs to support and/or allow the use of:
- A variety of protocols (think LDAP, SAML, OIDC, and more).
- Mixed resource providers (AWS, Google Workspace, Microsoft 365, and more).
- Cross-OS and personal devices (Windows, Mac, Linux, Android, and more).
- Remote/hybrid work.
- All identities, regardless of where they were created or stored.
This list is not exhaustive, but it does include some of the most important aspects of an open directory. An open directory needs to be flexible in every way imaginable, so that it will meet your needs, no matter how or where your organization works or what resources and devices you choose to use now or in the future.
Past that, an open directory also needs to be able to secure the identities, access, and devices managed within it, while centralizing and simplifying the IT department’s day-to-day activities. Security and the user experience can’t be sacrificed in the name of flexibility, rather, they should both be enhanced with the use of a modern, open directory.
Vast, Built-In Capabilities
Another requirement for an open directory is a wide array of native capabilities that go beyond basic identity, access, and device management. These capabilities should provide advanced identity lifecycle management and automation features as well as touch on areas such as security, reporting, compliance, and more.
This reduces the number of disparate tools your organization needs to use, which lowers your total cost of ownership (TCO), unifies IT management which makes IT admins’ lives easier, and ensures that your organization remains secure and compliant no matter how your infrastructure is set up. This is an important aspect of an open directory, because although an open directory can integrate with all of your resources, its built-in capabilities help you avoid IT sprawl, which can become a big security issue and time-sink for IT over time.
Lastly, the third requirement for an open directory is that it’s cloud-forward; 60% of the world’s corporate data is stored in the cloud. The cloud isn’t going away, and an open directory needs to embrace and support both cloud and on-prem resources in order to work effectively, without requiring any on-prem infrastructure to work properly. A directory cannot be considered ‘open’ if it isn’t cloud-forward, because there are many cloud-based resources that will need to connect to your directory to enable comprehensive IT control.
The Benefits of an Open Directory
An open directory comes with a significant number of benefits, including ones we’ve discussed already. This includes the flexibility to connect to any technology and work with any device, vast, built-in capabilities which reduce the need for numerous, disjointed point solutions, and the fact that it’s cloud-forward immediately modernizes your IT infrastructure.
These are all incredibly important, but there are far more benefits of an open directory that are less apparent. An open directory creates a future-proofed IT foundation, is more cost-effective than a traditional directory, simplifies IT management, and unifies security and compliance under one pane of glass. Let’s dive into each of these to learn more.
An open directory is as future-proof as it gets. If the directory that sits at the center of your IT ecosystem is built to connect to and work with any other resource, device, or network of your choice, you’re set up for success no matter what tools or operating systems you choose to add to your organization in the future.
Rather than getting locked in to the on-prem Microsoft ecosystem with AD, an open directory empowers organizations to use the tools that are right for them, without fear of creating a messy IT environment with tools that don’t work well together or connect. It’s important to make sure this is not a worry your IT team has to deal with, as each new wave of technology hits the market going forward.
Another benefit of an open directory is that it’s far more cost-effective than a traditional directory like AD. This is true for a few reasons – the needs for on-prem infrastructure and numerous point solutions are eliminated with a cloud-forward open directory solution that includes a variety of native identity, access, and device management capabilities.
So, with a modern directory solution, you eliminate the cost of purchasing and maintaining the hardware needed for an on-prem directory service, as well as the costs associated with maintenance, energy, redundancy, resiliency, and upgrades, which adds up quickly.
On top of all of this, the add-ons that are needed on top of Active Directory to create a more complete IT management solution, such as identity bridges, web app single sign-on (SSO) providers, and more, aren’t needed with the implementation of an open directory – they’re built-in.
Simplified IT Management
Another key benefit to the open directory model is that it allows you to keep your IT department lean, because managing your IT environment within a single pane of glass that has comprehensive identity and access management (IAM) capabilities means there’s less manual work on IT’s plate. Not only does this lower costs associated with hiring and training more staff, but it makes your existing IT admins’ day-to-day lives easier and more productive.
For example, rather than IT and HR having to go back and forth when a new employee is hired, with an open directory that’s easily connected to HR’s preferred HRIS, onboarding is simplified and more secure for all parties involved. This remains true as employees change roles or leave the organization – with well-integrated tools, identity and access changes made in one platform will be reflected across the open directory, as well as all other connected resources, ensuring all users have the right access, all the time.
With an open directory, IT can monitor, manage, and control virtually everything from a single tool, greatly simplifying their day-to-day activities compared to using a traditional closed-off directory with many disjointed tools layered on top.
Unified Security and Compliance
The last benefit of an open directory we want to highlight is how it unifies security and compliance. This is because of the vast capabilities that are native to the directory itself, such as multi-factor authentication (MFA), SSO, reports, and more along with centralized and complete control over all identities, access, and devices across your organization.
With an open directory, IT can hone in their focus on a single pane of glass where they can view and manage everything they need to keep the organization’s resources and the IT environment safe. The granular control associated with an open directory greatly simplifies compliance monitoring as well, when IT can find and save virtually all of the information they need to achieve, prove, and maintain compliance across a variety of standards.
JumpCloud’s Open Directory
Leading the open directory charge, is the JumpCloud Directory Platform. JumpCloud’s open directory platform makes it possible to unify your technology stack across identity, access, and device management, in a cost-effective manner that doesn’t sacrifice security or functionality.