The “as-a-service” model has transformed the IT market with its ease in scalability and lower upfront costs. While the Infrastructure-as-a-Service and Software-as-a-Service markets have grown in development and maturity, IT admins can’t help but ask if there is such a thing as an Identity Provider as a Service? The good news is that there is. Called Directory-as-a-Service®, the cloud identity management platform is a cloud identity provider.
But first, in order to fully understand the benefit of an Identity Provider as a Service, let’s take a quick look at the history surrounding identity providers.
Identity Providers and The Last Two Decades
Identity providers have been hosted on-prem for two decades. The modern era of identity and access management kicked off in the early 1990s with the advent of LDAP. That spawned the creation of two major identity providers: OpenLDAP™ and Microsoft Active Directory®. Of course, Active Directory would go on to be the monopoly in the space.
The IT landscape at the time was primarily Microsoft Windows based and hosted on-prem. So of course the identity provider would be Windows-based and on-prem as well. Active Directory took the model of direct connect, which means that a system or application couldn’t authenticate unless there was a direct path between the IT resource and the identity provider. At the time, these requirements made a great deal of sense. It also made IT admins feel more secure with the identity provider behind their firewall and within their control.
Modern IT Needed an Identity Provider as a Service
Then, the IT network started to change. Microsoft Exchange morphed to hosted email solutions such as Google Apps (now G Suite) and Office 365. Data centers turned into cloud infrastructure hosted at AWS and Google Cloud Platform. Web applications became more popular and the wired networks switched to WiFi. All of these changes put tremendous pressure on the on-prem identity provider, Active Directory, but Microsoft wasn’t eager to integrate these new non-Microsoft resources with Active Directory. So, for a long time IT admins had to enlist insecure or expensive solutions to connect users to web-based applications (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Natalie Bluhm. Read the original post at: https://jumpcloud.com/blog/identity-provider-service/