Securing identities is one of the most critical tasks for an IT organization. With breaches occurring regularly, many companies have a heightened awareness and concern for protecting their identities. But identity security isn’t what it used to be. Historically, user identities and IT resources existed on-premises. But today cloud-based resources, including SaaS apps and IaaS infrastructure, have brought the issues of identity management and identity security to the cloud. This post will detail how to achieve SaaS identity security.
The Progression of Identity Security Needs
The modern era of identity management kicked off when Tim Howes, and his colleagues at the University of Michigan, created the authentication protocol LDAP. This protocol revolutionized how people could authenticate and manage user access. From that protocol, two major identity provider solutions were born. The open source option OpenLDAP™, and the commercial option Microsoft Active Directory®. These solutions both housed identities on-prem.
In this model, identities were protected within the on-prem directory service, which was in turn protected by being behind the firewall. A significant number of security technologies protected the perimeter of the network and that supported the security of identities within the on-prem, legacy directory service. This model worked very well for a while. But the success of this model was predicated on all of the IT infrastructure staying on-prem. As we know, the IT world moved in the opposite direction.
Moving Off of On-Prem IT
The cloud changed IT from the inside out. Instead of buying hardware and hosting and maintaining it themselves, an IT organization could simply hire Amazon to do it at scale. Software transformed almost overnight from something that came in a box to something that was accessed within your browser – with no need to download or install. It was easy to implement these as-a-Service solutions and often cost-effective as well. Scaling was no longer a concern.
Simultaneously, the device landscape changed as well. Windows no longer was the standard system, and macOS and Linux machines became a major part of the network. This meant that all of those “by Microsoft for Microsoft” solutions became much more difficult to use and manage.
At the core of each of these changes was the user identity itself. To continue on this path, the identity could no longer remain purely on-prem. The modern identity is used to access cloud infrastructure, web applications, virtual storage systems, and much more. But without proper management, SaaS identities are at risk of compromise.
Solution Through SaaS Identity Security
The good news is that there is a better, cloud-forward approach to identity security through SaaS identity management. Instead of having a number of mini-directories all across the IT infrastructure, this modern cloud identity management platform is changing the approach to identity security. Now, a user’s identity can be securely connected to systems (Windows, Mac, Linux), cloud and on-prem servers (AWS, GCP, Azure, and more), web and on-prem applications (via LDAP and SAML), physical and virtual storage (such as Samba file servers and NAS appliances), and wired and WiFi networks through RADIUS. Identities are centralized and secured.
By controlling access to a wide range of IT resources through a central identity provider, IT admins have more control and security. If you would like to learn more about how SaaS identity security can help you keep your identities protected, drop us a note. We would be happy to explain how our Directory-as-a-Service® platform works. Alternatively, if you would like to see the cloud-based directory in action for yourself, sign up for a free account. Your first 10 users are free forever, so you can test the platform out and make sure it works for you. You don’t even need to enter a credit card. Check it out today!
This is a Security Bloggers Network syndicated blog post authored by Jon Griffin. Read the original post at: JumpCloud