IT admins often wonder what next generation Identity-as-a-Service (IDaaS) will look like. The answer is complicated by the fact that Identity-as-a-Service has come to mean different things to different people as more IT resources shift to the cloud. It used to be that the term IDaaS was limited to describing web application Single Sign-On (SSO) providers that offered identity management solutions from the cloud. The modern interpretation has expanded to include far more than just web-app SSO.
But before we explain what next generation Identity-as-a-Service means, it’s important to first outline the origins of the term. From there, we can speculate on what the next generation of IDaaS will look like – including some of the emerging solutions available today.
The Origin of Identity-as-a-Service
The term Identity-as-a-Service first appeared in the mid-2000’s as Software-as-a-Service (SaaS) applications like Salesforce were just beginning to gain a foothold in the IT market. At the time, the vast majority of the IT infrastructure in most organizations was still Windows-based, on-prem, and managed with Microsoft Active Directory® (AD).
AD was great at connecting on-prem user identities to Windows-based IT resources directly bound to the AD domain. The challenge was that SaaS apps didn’t work that way. They were not bound directly to the AD domain, nor were they on-prem, or even Windows-based in many cases.
In short, that meant that IT was unable to manage these new (at the time) cloud-based resources with AD alone. This limitation created an opportunity for web-application SSO providers to create solutions layered on top of AD that were designed to extend on-prem AD identities to the cloud – for a small fee, of course. Thus, the first generation of Identity-as-a-Service solutions was born.
Limitations of First Generation IDaaS Solutions
First generation IDaaS solutions have been highly successful. However, the trouble with these types of add-on solutions in the modern enterprise is that the added management capabilities are effectively siloed to the respective resource they were designed to support.
The result is that IT often finds they need multiple add-ons to manage the wide array of cloud and on-prem resources (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/next-generation-identity-service-idaas/