The concept of a cloud identity bridge is changing the identity and access management (IAM) world, especially for organizations that still want to keep one foot on-prem while gaining control over their cloud-based apps and infrastructure. Like many categories within the IAM space, the cloud identity bridge is being offered as a SaaS based service. So what does a cloud identity bridge as a service mean for IAM?
To answer that question, let’s take a look at how the IAM industry has evolved overtime.
The Evolution of IAM
As most people in IT know, LDAP started the modern era of identity management in the early 90’s, and then Microsoft Active Directory® took on the mantle a few years later. Microsoft was able to establish quite the empire with Active Directory because, at this time, IT environments consisted of mostly Windows systems, and on-prem networks, applications, and data centers.
Within this ecosystem, Active Directory was excellent, and a lot of that had to do with the domain controller. On-prem resources within an IT environment were bound to the domain controller, and this created a central point for authenticating to on-prem resources. This made it possible for users to login with one set of credentials into their Windows system and easily gain access to their apps, networks, files, and servers. All the while, IT was able to have excellent control over their users, systems, and other IT resources.
Changes to the Core IT Landscape Altered IAM
But, as the core IT landscape started to change, the IAM space started to shift as well. Many of the changes in the core IT landscape included shifting away from Microsoft resources. Users started using Mac and Linux systems, web-based apps like G Suite, and cloud-based servers hosted by AWS. Microsoft wanted to hang on to their monopoly, so they made it difficult to integrate these new resources with Active Directory.
However, these new resources have spurred a new category of identity management called cloud identity and access management that has started to chip away at Microsoft’s grasp on IT organizations. It also has became apparent that a new IAM category needed to be created. With Microsoft Active Directory as the most dominant identity provider, there needed to be a bridge from the on-prem AD server to non-Windows related IT resources.
Introducing Cloud Identity Bridge-as-a-Service
So, the cloud identity bridge category was born. As an AD extension, cloud identity bridge as-a-service connects AD identities to cloud servers (e.g. AWS, GCP), web and on-prem applications (via SAML and LDAP), physical and virtual data storage, and WiFi networks via RADIUS. The good news is that the cloud identity bridge is being delivered as a SaaS-based service which means that IT admins don’t need to deal with the hassle of installing hardware, procuring software, configuring systems, and maintaining them. They can quickly and easily extend AD credentials to non-Windows resources without additional infrastructure. And, IT organizations only pay for what they use.
So, how quick is it to set up cloud identity bridge as-a-service? First, a lightweight agent is installed on all of the domain controllers that are part of the IT environment. Then, IT selects the users and groups that need to access resources like Linux servers, a Mac system, or cloud infrastructure in AWS. Once users and groups are identified, a JumpCloud group is created within the Active Directory console. As users and groups are added to the security group, those identities are federated to the cloud directory service via the cloud identity bridge. From there, IT has the pleasure of taking advantage of our multi-protocol approach and easily connecting users to the resources they need access to.
Learn more about Cloud Identity Bridge-as-a-Service
For a more in depth explanation on implementing the cloud identity bridge, consider watching this whiteboard video, which can also be found below. You can also find more information about our virtual identity bridge by signing up for a free demo or dropping us a note. If you’re interested in trying out cloud identity bridge as a service, sign up for a free account. Your first ten users are free forever.
This is a Security Bloggers Network syndicated blog post authored by Natalie Bluhm. Read the original post at: JumpCloud