Securing identities is one of the most critical tasks for an IT organization. With breaches occurring regularly, many companies have a heightened awareness and concern for protecting their identities. But identity security isn’t what it used to be. Historically, user identities and IT resources existed on-premises. But today cloud-based resources, including SaaS apps and IaaS infrastructure, have brought the issues of identity management and identity security to the cloud. This post will detail how to achieve SaaS identity security.
The Progression of Identity Security Needs
The modern era of identity management kicked off when Tim Howes, and his colleagues at the University of Michigan, created the authentication protocol LDAP. This protocol revolutionized how people could authenticate and manage user access. From that protocol, two major identity provider solutions were born. The open source option OpenLDAP™, and the commercial option Microsoft Active Directory®. These solutions both housed identities on-prem.
In this model, identities were protected within the on-prem directory service, which was in turn protected by being behind the firewall. A significant number of security technologies protected the perimeter of the network and that supported the security of identities within the on-prem, legacy directory service. This model worked very well for a while. But the success of this model was predicated on all of the IT infrastructure staying on-prem. As we know, the IT world moved in the opposite direction.
Moving Off of On-Prem IT
The cloud changed IT from the inside out. Instead of buying hardware and hosting and maintaining it themselves, an IT organization could simply hire Amazon to do it at scale. Software transformed almost overnight from something that came in a box to something that was accessed within your browser – with no need to download or install. It was easy to implement these as-a-Service solutions and often cost-effective as well. Scaling was no longer a concern.
Simultaneously, the device landscape changed as well. Windows no longer was the standard system, and macOS and Linux machines became a major part of the network. This meant that all of those “by Microsoft for Microsoft” solutions became (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Jon Griffin. Read the original post at: https://jumpcloud.com/blog/saas-identity-security/