User management describes the ability for administrators to manage user access to various IT resources like systems, devices, applications, storage systems, networks, SaaS services, and more. User management is a core part to any identity and access management (IAM) solution, in particular directory services tools. Controlling and managing user access to IT resources is a fundamental security essential for any organization. User management enables admins to control user access and on-board and off-board users to and from IT resources. Subsequently a directory service will then authenticate, authorize, and audit user access to IT resources based on what the IT admin had dictated.
Traditionally, user management and authentication services have been grounded with Windows-based on-prem servers, databases, and closed virtual private networks (VPN) through an on-prem identity provider (IdP) such as Microsoft Active Directory. However, recent trends are seeing a shift towards cloud-based identity and access management (IAM), granting administrators even greater control over digital assets. These solutions enable user management over web applications, cloud infrastructure, non-Windows devices, and more leveraging modern protocols such as SAML JIT and SCIM (among others).
User Management and the Internet Have Coexisted From The Beginning
Developers have always recognized the need for user access management since the initial development of digital networks. Prior to the public internet, networks of computers were connected solely on a proprietary basis and largely between universities. As you may imagine, IT admins and developers did not want unauthorized parties to have access to proprietary digital assets. Rather, they wanted to limit access to only those approved for use. Thus, user management was born.
As the TCP/IP networks and subsequently the internet began to mature, this notion of limiting access persisted and was the primary driving force behind various authentication protocols like LDAP and RADIUS. Microsoft took it a step further when they created Active Directory (AD), a product designed to compile user data and provision access to various Windows-based IT resources based on need. In a Windows dominated ecosystem, AD remained the primary user management, authentication, and authorization platform for decades.
A Necessary Shift In Managing Users Due to the Cloud
Currently, a new wave of cloud innovation has again changed the game in user management. JumpCloud Directory Platform, the first cloud directory platform, is a great example of a modern take on user management for the cloud era. As a user management platform, the cloud directory can provision and deprovision access to virtually all IT resources including Mac, Windows, and Linux systems, web and on-prem applications via LDAM, SCIM, and SAML JIT, WiFi and VPN networks through RADIUS, physical file servers with Samba, and more. Further, JumpCloud’s directory-as-a-service goes beyond just user management by authenticating and authorizing access through a variety of techniques, including multi-factor authentication, for increased security.
Why Do We Need User Management?
Simply put, user management solves the problem of managing user access to various resources. For example, the marketing team generally requires access to different resources than the accounting team. Further, an employee on the marketing team likely doesn’t need access to internal financial systems and vice versa, a finance employee isn’t requiring access to Salesforce or Marketo. User management enables IT administrators to manage resources and provision users based on need and role while keeping their digital assets secure. For end users, the tasks of user management are often invisible to them, but the results are not. End users want secure, frictionless access to their IT resources so that they can get their jobs done.
Active Directory made this straightforward and simple for an on-prem Windows network. But, recent innovations in cloud technology have sparked a revolution in cloud Infrastructure-as-a-Service (IaaS) such as AWS, Azure, and Google Cloud Platform among others. Coupled with web applications, users have more IT resources available at their fingertips than ever before, which is why user management has never been more essential – and complicated.
While there are various approaches to user management, one thing is certain – managing user identities is the foundation of identity access management. And, with identities being the number one path to a security breach, IT admins are more invested than ever in making sure that only the right people utilize their IT resources.
Directory Services for Everyone
At the most basic level, JumpCloud was created for just this purpose — to manage user identities and to form secure relationships with the IT resources end users need in order to get their jobs done. User identities are the seed from which roots grow deep to reach IT resources critical for an employee to grow and flourish, and fed by information like rain from the cloud. With JumpCloud, users can leverage the core directory services platform as the authoritative source of truth for their digital identities. One Identity to Rule Them All, always on and ready, delivered securely from the cloud.
Automated User Account Management Challenges
The resources of yesterday are not as widely used today, though. Now, IT environments are mixed platform environments comprised of Mac® and Linux® systems in addition to the Windows machines that have been in most organizations for so long. Infrastructure has moved off site with AWS® cloud servers and Google Compute Engine™ remote servers.
Even productivity platforms have moved to the cloud with G Suite™ and Office 365™ shifting to the web browser. Web applications such as Slack, Salesforce®, and GitHub exemplify tools many organizations cannot work without and need to authenticate into every day.
With each new addition, IT organizations had to effectively manage a number of mini-directories. And users had to remember a multitude of usernames and passwords. Of course, a manual approach such as this was time consuming and represented a security risk.
That’s because users tend to experience password fatigue from identity sprawl which forces them to resort to recycling passwords, utilizing weak passwords, or writing passwords down on sticky notes and hiding them underneath their monitors. It is no surprise that 76% of employees report challenges relating to their password management.
Thankfully, a solution has emerged that can centralize identities and securely connect users to their IT resources. It’s called JumpCloud® Directory-as-a-Service®, and it can help you get a hold of your identity sprawl challenges and automate your user management. With True Single Sign-On, users get one identity to access virtually all of their resources.
So, with one set of credentials users can access their system (Mac, Linux, Windows), cloud infrastructure via SSH keys (AWS, GCE), productivity platforms (G Suite™ and Office 365™), file servers (Box™, DropBox, NAS/Samba devices) on-prem applications (Jira®, OpenVPN™), and much more. Further, JumpCloud users can reset their own passwords via the user console, or if they’re on a Mac system, via the System App that’s built directly into the menu bar. It is another way JumpCloud takes some of the burden of user management off IT admins and can help you increase productivity.
Learn more about JumpCloud’s User Management
Sign up for a JumpCloud Free account to start growing your directory today. Your first ten users and ten devices are free! If you have any questions, leverage our 24×7 Premium in-app chat for the first 10 days to get you started. You can also check out our blog, knowledge base, or JumpCloud University for more information on user management and other cloud identity management topics or contact a member of our team for any product inquiries.