By Ryan Squires Posted March 1, 2019
It isn’t a slam dunk for modern IT environments to continue using the leading legacy software solutions. The previous statement is particularly true when it comes to identity and access management, where major changes in the IT infrastructure are having significant downstream consequences. That’s why IT organizations worldwide are all asking the same question, “Why use Active Directory®?”
Active Directory Ruled the Past
Historically, the concept of using Active Directory (AD) made a great deal of sense for the majority of IT organizations. In fact, it was often the default choice for on-prem Windows® networks, which virtually all were. AD and the concept of the domain controller would create an on-prem domain where end users could simply log in to their Windows laptop or desktop and instantly have access to virtually everything that they needed to complete their work. Behind the scenes this was done via the magic of Kerberos and the domain controller itself, and the result for end users was a relatively painless experience. For IT admins, AD and the domain controller provided them with deep control over the network. But, the state of affairs in IT rarely stay static.
AD Struggled When Non-Windows Tools Emerged
The IT networks of old started to change quite rapidly when web applications like Salesforce® and Google Apps™ (now called G Suite™) were introduced. IT environments generally populated by Windows systems were now being filled by Mac® and Linux® machines. Cloud infrastructure from Amazon Web Services® (AWS®) moved colocation and data centers off-prem. These changes, and many more, signaled the shift from a Microsoft-dominated IT infrastructure to one where there were many players and no unifying directory. No longer were users able to log in to their machine and instantly be granted access to all their IT resources, so friction ensued.
For IT admins, the overhead of managing the variety of different types of IT resources began to take its toll. As a result, IT admins started to acquire additional solutions to bolt on to Active Directory in order to accommodate all of these new resources. They bolted web application single sign-on (SSO) solutions, identity bridges, multi-factor authentication (MFA) solutions, and much more on to AD. The result was increased cost and substantial management overhead required to integrate all of these solutions into Active Directory.
AD Plus Add-Ons Works for Some, but Not Most
For some, this approach of adding on solutions to Active Directory made sense. That’s because some organizations have a requirement to control their identity management infrastructure on-prem and by themselves. Other organizations didn’t experience many pain points because they were Windows-based and hadn’t made the shift to the cloud. For them, too, the AD and on-prem domain approach made sense.
For the vast majority of organizations however, that approach did not make much sense. For example, those that had adopted Linux and macOS devices and any number of cloud innovations experienced more than a few pain points. To help alleviate those pains, there is a next generation approach to identity and access management that helps organizations two-fold. First, end users can finally get back to the days of a frictionless authentication and authorization process. They no longer need to remember upwards of 191 passwords, and they can simply log in and get to work. Second, IT admins benefit from leveling up their security using a Zero Trust Security model. Called Directory-as-a-Service®, this reimagination of Active Directory is securely managing and connecting users to the IT resources they need including systems, files, and networks regardless of platform, protocol, provider, or location.
Learn More About Directory-as-a-Service
If you’re one of the countless number of organizations existing in a heterogeneous IT environment, the question may be more, “why not use Directory-as-a-Service?” and less “Why use Active Directory?” If that’s how you’re approaching it, sign up for a free JumpCloud account today. JumpCloud enables you to manage up to 10 users free forever with the full-featured version of the product when you sign up. You can also schedule a demo to see how Directory-as-a-Service may work for you. If you need some technical information to assist your evaluation, feel free to consult our Knowledge Base or drop a line to one of our product experts.