Origins of IAM<\/h2>\n\n\n\n
You may (or may not) recall the brick-and-mortar environment your network and all the connectivity your company\u2019s resources operated from back in 2000.<\/p>\n\n\n\n
Remember walking into that facility, sitting down in front of your desktop, and running Windows\u00ae XP\u00ae or Windows 2000? (And by desktop, I mean an immobile, truly-tethered-to-your-desk desktop, of course). Most of the machines were physically tethered together through Ethernet wiring and switches\/hubs and managed through a server somewhere around the corner in the same building in a closet or data center. This was called the LAN \u2013 the local area network. With the addition of remote sites and the Internet, the term WAN \u2013 wide area network \u2013 was introduced.<\/p>\n\n\n\n
The LAN of yesteryear was brought to you almost exclusively by Microsoft Windows and its associated components. Through the magic of Kerberos for authentication, Active Directory\u00ae<\/a> (AD) domain services, and Windows Server, Microsoft\u00ae was working behind the scenes and quietly running the network.<\/p>\n\n\n\n All the machines tethered to this Active Directory domain worked together. Your one set of credentials granted you access to basically everything:<\/p>\n\n\n\n But this couldn\u2019t last forever.<\/p>\n\n\n\n Microsoft was beginning to establish a vision for managing a more mobile, operative workforce, but they still kept one foot firmly rooted in the on-prem world of the past. Laptops loaded with Virtual Private Network (VPN) software enabled you to be authenticated to Active Directory, and connect to the corporate network outside of the office, but the technological climate began changing faster than Microsoft could keep up with. Their pristine model of a domain-bound network was being stretched thin by new devices and progressive applications. The sunlight of the infrastructure Active Directory had been providing was beginning to cast a shadow around something called the cloud. But, where was the cloud coming from?<\/p>\n\n\n\n Companies like Salesforce\u00ae <\/sup>were among the first to take advantage of the benefits of cloud computing. Founded in 1999, Salesforce introduced a cloud-based Customer Relationship Marketing (CRM) system that flew in the face of traditional business software \u2013 and traditional IT management.<\/p>\n\n\n\n For IT admins, this came as a bit of a shock. Suddenly, their complete control over user data and IT systems \u2013 their \u201cdomain\u201d \u2013 was being disrupted by independent solutions outside of their control (and walls). New user accounts and credentials were flowing in from rogue sales and\/or marketing teams who were subscribing to services with credit cards. In the process, users were completely bypassing normal IT purchasing models and methods.<\/p>\n\n\n\n This problem got a name (\u201cShadow IT\u201d) and a host of new solutions sprung up to try to solve it. We started to see the first tethers of Active Directory branching up towards the cloud through web application single sign-on solutions, using protocols like SAML. These SSO solutions allowed IT administrators to return to management as usual (albeit managing multiple IT management systems), but only for the time being. The dam of Active Directory had sprung a leak.<\/p>\n\n\n\n The central question only became more pressing: \u201cHow can IT securely manage and authenticate<\/a> all of these various identity streams?\u201d<\/strong><\/p>\n<\/div>\n\n\n\n By the late 2000s, the pattern of tethering cloud-based utilities to Active Directory had spread to solutions like G Suite\u2122 (formerly known as Google Apps), which had in many cases replaced Exchange as an email mechanism and productivity platform. But this required still more utilities, like Google Apps Directory Sync\u00ae<\/a> (GADS), now called Google Cloud Directory Sync (GCDS), in order to do so. The spectre of Shadow IT continued to spread as new cloud-based mechanisms and devices emerged with one-off utilities to tether them back down to Active Directory.<\/p>\n\n\n\n Then, Apple pulled a Steve Jobs and changed their whole image with the iPhone\u00ae and iMac\u00ae, reinventing the consumer wheel in the process. Suddenly, admins saw people walking into the office with these sleek devices, totally unmanaged, but nevertheless accessing corporate networks and data. One recent survey on the matter<\/a> found that 75% of users today prefer Mac over Windows. Simultaneously, Linux increased in popularity, especially among developers and engineers as Linux now runs 90%<\/a> of the public cloud workload.<\/p>\n\n\n\n So, the massive ecosystem of vendors expanded rapidly, yet again, and system admins were reaching a breaking point. Bring your own device (BYOD) programs emerged as the influx of employees\u2019 personal devices became too much of a security risk too ignore. But these BYOD programs required IT organizations to manage all types of disparate systems, and made environments difficult to secure. Some system admins opted instead for policies requiring their users to stick with Windows and Microsoft exclusively. Others migrated to Mac, while many embraced Linux.<\/p>\n\n\n\n What they all had in common is a need to securely tether all pathways to a centralized identity store<\/a>. But they didn\u2019t have that. Instead, they had a convoluted knot of siloed identity management systems.<\/p>\n\n\n\n As a key aspect of these IAM silos, protocols were flying in from all sides to support specific devices and specific applications and specific networks, causing IT admins to lose sleep and probably lose hair as well. Updating and adapting IAM solutions to this multi-protocol environment<\/a> was a nightmare:<\/p>\n\n\n\n The result of all this diversification? Security gaps. Inefficiencies. Broken onboarding\/offboarding processes for scaling enterprises. Wasted time and resources. IT admins at their wits\u2019 ends.<\/p>\n\n\n\n With Active Directory at the center, IT organizations were weighed down by all they had to manage, and were struggling to stay above water. As the disarray mounted, the IT landscape reached a breaking point. Whether patchy security or disparate resources or simply the mounting stress on IT admins, organizations at large were on the verge of being pulled apart.<\/p>\n\n\n\n From this chaos, the vision of JumpCloud was formed.<\/p>\n\n\n\n JumpCloud emerged out of a need that was being felt industry-wide. This was simply the need to help people access resources for work, and enable them to be productive.<\/p>\n\n\n\n While SSO solutions, identity bridges, and privileged identity management encourage layering point solution add-ons on top of flawed, legacy directory services, JumpCloud felt the mounting disarray and started there\u2014at the core of the problem.<\/p>\n\n\n\n Reimagining the centralized identity management<\/a> of the past, JumpCloud saw an opportunity to pull it all back together. But this time, unification would begin with the cloud.<\/p>\n\n\n\n We wanted to build the world\u2019s first, and best, 100% cloud-based directory\u2014one capable of securely managing desktops, laptops, applications, files, WiFi networks, and more regardless of platform, protocol, provider, and location.<\/p>\n\n\n\n Today, we are well on our way to achieving that vision, no matter the vested industry interests in opposition to our efforts. we can say that we\u2019ve achieved that vision. We call it Directory-as-a-Service\u00ae (DaaS). These are the principles that have guided us:<\/p>\n\n\n\n The JumpCloud platform doesn\u2019t require any on-prem hardware. We are built on the cloud, for the cloud and on-prem and remote IT resources\u2014so, from the cloud, but for wherever your IT resources are. So, DaaS works seamlessly with SaaS apps, cloud server environments, and remote user management. But while we know that the future is in the cloud, we haven\u2019t forgotten the past: JumpCloud can manage your legacy, on-prem apps and hardware too.<\/p>\n\n\n\n We believe that users should have a choice in everything they use\u2014and that admins should have control over those systems regardless of platform. By providing a vendor-agnostic identity management tool that caters to a wide variety of heterogeneous environments, everyone wins (except for the guys that want to lock you into strictly their platforms).<\/p>\n\n\n\n This emphasis on independence extends to networks, protocols, and apps as well. Simply put, we don\u2019t care what you want to connect to us. We use a wide variety of protocols<\/a> and directly support SAML integration<\/a> with hundreds of applications.<\/p>\n\n\n\n We believe IT admins should be able to enforce security settings and take actions on groups of users and systems, in a centralized, automated fashion. Setting policies, executing commands, running scripts, and controlling systems across whole fleets of machines should be encouraged\u2014not restricted.<\/p>\n\n\n\n The system is at the center of the user\u2019s work life. With JumpCloud, the system is the gateway of authentication to access resources securely. When a user logs into a workstation, only that single identity can be used across everything from apps to infrastructure. Reset passwords straight from the OS through the JumpCloud Mac App<\/a>. JumpCloud is where identity security meets user convenience.<\/p>\n\n\n\n \u201cParanoia is not retroactive\u201d is a common saying at JumpCloud. Once a security breach occurs, there\u2019s no way to reverse the damage. That\u2019s why we\u2019re dead serious about security. By employing a private PKI infrastructure, unique key generation per agent, multi-factor authentication, and independent audits from a qualified third-party assessor three times a year, you can trust our security practices<\/a> are proactive, fortified, and meticulously monitored.<\/p>\n\n\n\n We don\u2019t do it all, and we don\u2019t propose to. But what we do propose is through highly scalable protocols, a feature-rich platform, and the hard work of our engineering team, we\u2019ve delivered the first true, cloud-based directory.<\/p>\n\n\n\n And that\u2019s only just the beginning.<\/p>\n\n\n\n With the rapid adoption of cloud apps, infrastructure, heterogeneous resources, and with IT services expected to grow by 4.7% in 2018<\/a> (~$44 billion dollars), it\u2019s the dawn of a new age.<\/p>\n\n\n\n We\u2019re at the forefront of this revolution, unifying and simplifying directory services, and we hope you see that vision with us. With JumpCloud, you\u2019re returning to the simplicity of a secure, centralized, singular<\/a> source of truth. Pick and choose what you want, leverage the protocols you need, and do it all from a single browser-based console.<\/p>\n\n\n\n In a way, we\u2019re realizing the initial idea of unified IT management put forward by AD in the early 2000s, and taking it much further. Unlike AD, our Directory-as-a-Service is in the cloud, platform independent, hyper-secure, with no on-prem servers to configure or maintain.<\/p>\n\n\n\n Our long-term vision isn\u2019t just to be the world\u2019s best, most secure cloud directory. We want to be the world\u2019s best directory\u2014bar none.<\/p>\n\n\n\n As IT admins continue to contact us with questions on how JumpCloud can be the right fit for their environment, we understand firsthand the needs of organizations are never exactly the same. If you haven\u2019t reached out<\/a> already, we encourage you to do so to see how JumpCloud can streamline your identity management process.<\/p>\n\n\n\n A few other options are also available for getting to know the Directory-as-a-Service platform:<\/p>\n\n\n\n We hope you now have a sense for what we\u2019re really excited about at JumpCloud as we continue to build together on the promise of comprehensive, foundational IT infrastructure for the modern era.<\/p>\n\n\n Explore the case studies above to see how JumpCloud is improving organizations around the world. As mentioned previously, if you\u2019d like to see the identity management platform in action for yourself, you can sign up for a free account below, or send us an email for further details.<\/a><\/strong><\/p>\n\n\n\n\n
Directory Services, Disrupted<\/h2>\n\n\n\n
Software-as-a-Service (SaaS) Takes Hold<\/h3>\n\n\n\n
Macs, Linux, and the Heterogeneous System Environment<\/h3>\n\n\n\n
IAM in Disarray<\/h3>\n\n\n\n
\n
Ramifications for Active Directory<\/h3>\n\n\n\n
![\"Is](\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2018\/07\/active-directory-challenges-1030x401.png\")
<\/figure>\n\n\n\nCloud Directory Services and The Return of The Unified Identity<\/h2>\n\n\n\n
Cloud-Forward<\/h3>\n\n\n\n
Platform Independent<\/h3>\n\n\n\n
Multi-Protocol<\/h3>\n\n\n\n
Centralized<\/h3>\n\n\n\n
System is the Gateway<\/h3>\n\n\n\n
Hyper-Secure<\/h3>\n\n\n\n
A Single Pane of Glass for IAM<\/h2>\n\n\n
![\"MSPs\"](\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2019\/02\/jumpcloud_mockup_cropped-1030x500.png\")
<\/figure><\/div>\n\n\nDo You Share Our Vision for the Modern Directory?<\/h2>\n\n\n\n
\n
![\"Learn](\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2017\/11\/4-Spoke-Diagram-for-lightbackgrounds-1-1030x1030.png\")
<\/figure><\/div>\n\n\nDiscover More About JumpCloud In These Case Studies<\/h2>\n\n\n\n