As organizations think about the IT infrastructure solutions they need, some have come to wonder, “Why use directory services?” Directory services have been a core part of IT networks for a few decades now, but (until recently) they haven’t adapted to the cloud-forward, heterogeneous IT landscape most IT organizations are equipped with. So, it makes sense to question whether or not they should still be used. To provide a complete answer, it’s important that we take a step back and understand what is a directory service, and the history behind this core IT management tool.
What is a Directory Service?
A directory service is a piece of technology used to store information about employees like usernames, passwords, contact information, and a lot more. Not only does a directory service store this user information, but it also maps out the relationship users have with the digital assets used in the company. For instance, a directory service will map that employees in the finance department have access to accounting applications, but they don’t have access to code repositories. So if an employee from the finance department tried to gain access to a code repository, they wouldn’t be able to because they don’t have the right to access that resource. Having these kinds of access controls in place helps maintain a strong security foundation.
Ideally, a directory service is able to integrate with all of the IT resources used in an organization, so that IT admins can centrally manage what users have access to and what they don’t need access to. This setup is preferred because IT admins gain more control, security, and efficiency in managing their environment while employees benefit from having an easier time accessing everything they need to get their work done. In the past, a centralized environment was easily attainable thanks to the IT landscape at the time (mainly Windows-based) and the long-time leading on-prem identity provider—Microsoft® Active Directory® (MAD).
Microsoft Active Directory was released in 1999 to solve the user and system management needs of the 1990’s and early 2000’s. You see, most workplaces were already filled to the brim with other Microsoft products. Microsoft didn’t expect for this to change, so MAD was built with the purpose to solely manage users and systems in an on-prem, Windows®-centric IT ecosystem. Microsoft also decided to bundle Active Directory with the purchase of Windows Server licenses (called CALs), so organizations felt like they were getting it for free. Plus, not only was it “free” but it worked really well. Organizations were able to provision and control user access to all of their Windows-based IT resources such as the network, servers, applications, and, of course, a user’s laptop or desktop computer. With this one central location for all IT resources, an organization could enroll users for access and disable them across the entire network with ease and efficiency.
Then It Slowly Turned into MAD(ness)
Microsoft’s directory service worked well until the IT landscape started to change. As organizations started to leverage web applications, cloud infrastructure, Mac® and Linux® machines, and WiFi networks, user access control started to break down. AD couldn’t easily manage and control access to these non-Windows resources. That spawned the requirement for organizations to purchase a number of add-on solutions to AD such as identity bridges, web application single sign-on, MFA, and more. However, this new setup left a lot to be desired from what many were used to with directory services. Not only did IT admins find themselves having to manage users in a variety of solutions, but it was also more expensive, didn’t do a whole lot for security, and created havoc for end users. It was borderline madness, so it makes sense that IT admins are questioning whether to even use directory services nowadays.
The truth is if your IT environment leverages a lot of cloud solutions and isn’t solely Microsoft-based, a traditional directory service like MAD simply won’t cut it. The good news is that there is a next generation directory service that can. It’s called JumpCloud® Directory-as-a-Service®.
Why Use Directory Services with JumpCloud
JumpCloud Directory-as-a-Service has emerged to solve the critical issues many have faced including connecting users to what they need regardless of platform, provider, protocol, and location. The benefit of this cloud directory services approach is increased security, less cost, and streamlined processes and infrastructure. Over 50,000 organizations have implemented our cloud identity provider, and they couldn’t be happier that they did. As Iain Argent from Doublestruck put it:
“I can’t think of any organization that wouldn’t benefit from JumpCloud.”
Need help explaining to your higher ups why it’s important to use directory services? Consider reading and sharing this article “Quantifying the Value of Directory Services”. If you’re ready to talk to a JumpCloud product expert, drop us a note, and someone will promptly get back to you. In the meantime, we hope you’ll sign up for a free account to start testing our cloud based directory service. You can explore the full platform, and it comes with ten users free forever.