The Identity Management field is a broad IT category that encompasses everything from the management of access, to IT resources.
The field started with the earliest computers where an individual was granted access to a singular computer. At that time, identity management was simple because the privileges and access any one person had was limited by the scope of the lack of Internet and software providers. As a result, most identity management was granted and reviewed manually.
Over time, however, as the number of people needing access and the number and type of IT resources increased, managing access became a complicated task. Complex organization charts foster dynamic and complex user-access rules, privileges, and permissions, and software systems have become more prolific and complex, too.
But while the complexity of identity management has increased, the principles have largely stayed the same: the right access needs to be granted to the right users.
Whether it’s one person looking to login to one platform, or a global enterprise needing thousands of permutations of user access, IT needs to provide users with the correct access for their business needs.
Additionally, with the advent of compliancy standards, businesses in many industries must audit and review their access definitions regularly and on a widespread basis to meet regulations.
To do this, businesses today leverage a variety of make-as-you-go solutions to manage their entire Identity Management infrastructure, composed of myriad software solutions each answering one part of the equation. JumpCloud is looking to change this splintered process. We believe a singular, reliable Identify Management infrastructure is made up of five key parts:
At the core of the market is directory services. The directory serves as the Identity Provider which can be federated to other identity consumers including other categories on this list. The core directory is the point of authentication and authorization for a variety of IT resources, and can also include device management capabilities. Modern directory services are cloud-based and work seamlessly with cloud infrastructure. These directories called Directory-as-a-Service® solutions also leverage a variety of authentication protocols, self-service tools for end users and modern security techniques.
Extensions to the Directory
As many legacy directories are not able to cover all of the different platforms and geographies, a category of extenders emerged. Primarily these extensions were built for Microsoft Active Directory and to manage Linux and Mac devices. These extensions generally replicated the user store within Active Directory and then granted access to the appropriate users. This category gained significant traction post the introduction of Active Directory and prior to the emergence of the SSO category.
Privileged Identity Managers
This category of solutions focused on privileged accounts to critical infrastructure components such as routers, switches, databases, and others. This category within the Identity Management space is focused on granular access and deep reporting. This category has thrived because of the critical nature of the IT assets that it manages and the fact the historically directories such as AD and LDAP didn’t cover this area.
Web Single Sign-On / Password Management
Perhaps the most active category in the Identity Management market recently, the Web single sign-on (SSO) market is focused on enabling access to SaaS-based Web applications. SSO solutions leverage the core directory and extend those users, credentials, and access to Web applications. The benefits of this area include greater control over access to applications outside of the corporate network, greater security, and data control.
Multi-Factor Authentication / Biometrics
Another critical category in the Identity Management space is the multi-factor authentication or alternate authentication mechanisms. With the increase in identity theft and corporate hacking, organizations are leveraging multiple mechanisms to authenticate users. Traditional username and passwords authenticate users through something they know. Additional mechanisms include something a user has, for example, a code on a smartphone, a fingerprint, or retinal print.
Identity Management is an exploding field. With the core IT landscape shifting and changing, so too must the Identity Management market. Couple that with an increased focus on security, and this sector will continue to grow and thrive.