Identity and access management (IAM) is a cornerstone of IT as a whole. For many organizations, IAM is accomplished through directory services, most often the legacy on-prem solution, Microsoft® Active Directory® (MAD or AD). As more and more parts of IT move to the cloud, however, AD is struggling to keep up. To match the pace of the industry, AD requires the assistance of single sign-on (SSO) software to bridge the gap between the on-prem directory and web applications in the cloud. But, why not eliminate this need altogether with a cloud directory service? With this question in mind, many analysts are pondering: why choose cloud directory services over SSO?
A Deep Dive
One such analyst is the firm, Stack Analysis. In their white paper, Stack Analysis dives directly into the question of why choose cloud directory services over SSO. A main portion of their analysis breaks down the gulf between the two solutions, and how they affect modern IT organizations.
According to Stack Analysis, a driving factor in the decision is one of efficiency and control. Regarding efficiency, having multiple solutions that are doing the same job that one can do seems pretty inefficient. By leveraging AD with an SSO, an IT organization can connect their end users to the web-application resources they need, but it comes at a cost. To do so, IT admins need both an AD license for their entire organization, but also a per user priced SSO solution. On top of that, the leg work required to institute an SSO solution and integrate it with Active Directory in an organization is extensive. With a cloud directory service, both the functionality of AD and the SSO are combined in one solution, meaning only one solution to pay for. Also, a cloud-based directory service can be leveraged via a web browser console with no on-prem hardware or software to install, manage, and maintain.
A Matter of Control
Stack Analysis also addressed both solutions’ ability to control an IT network. AD is designed to primarily manage Windows-based environments. In order to manage other platforms, like Mac® and Linux®, additional SSO bridging solutions are required. An ideal cloud directory service is platform-agnostic, and controls systems regardless of their operating system. Control is also measured by the ability to authorize user access to web applications and the rest of the Internet via WiFi. While SSO solutions are optimized for connecting users to their web apps, they aren’t focused on connecting to on-prem systems and infrastructure as well as cloud servers, among other IT resources. Cloud directory services can do both with relative ease.
Thanks to Stack Analysis research, it is easy to see why you should choose cloud directory services over SSO. A cloud directory service that Stack Analysis points to as being a great potential option is JumpCloud® Directory-as-a-Service®.
A Cloud Directory Service for the Future
JumpCloud Directory-as-a-Service is a completely cloud-based directory, and provides control over identities, regardless of platform, protocol, or location. A key differentiator for a cloud directory service is the ability to manage users and systems (think cross-platform GPOs) via a lightweight Agent. With one cloud identity from JumpCloud, admins can federate access to all of a user’s IT resources with one identity via a variety of protocols including LDAP, SAML, RADIUS, REST, SSH, TOTP, and more including native APIs for Windows, macOS®, and Linux. This concept of One Identity to Rule Them All® is called True Single Sign-on™.
To see a cloud directory system with True SSO in action, try JumpCloud today. Signing up is free, doesn’t require a credit card, and includes a complimentary ten users forever. You can also schedule a demo to see if JumpCloud is the right solution for your organization. Questions? Contact our support team for more information, or check out our Knowledge Base or Youtube channel.