Identity and access management (IAM) is a trending topic within modern IT circles. IAM has historically been provided by complicated on-prem identity providers (IdPs) like Microsoft® Active Directory® (AD) or OpenLDAP™. Yet, the current trend is for IT organizations to eliminate the majority of their on-prem IT infrastructure in favor of outsourced alternatives. So it should come as no surprise that outsourced identity and access management would be a game changer.
The good news is that a powerful new directory service platform has emerged that can provide outsourced IAM. It’s called JumpCloud® Directory-as-a-Service®. However, before we dive into the benefits of outsourced IAM with JumpCloud, let’s discuss the development of IAM from a holistic perspective.
Old School IAM
The concept of identity and access management is nothing new for IT. In fact, the origin of the modern understanding can be traced back to the X.500 directory service protocol from the 1980’s. X.500 was created by the International Telecommunications Union (ITU) to help manage telephone directories. It laid the foundation for later directory service solutions, most notably, the Lightweight Directory Access Protocol (LDAP).
LDAP was developed in 1993 at the University of Michigan. It was created as a lightweight alternative to the X.500 directory service protocol. As we have come to find out, the introduction of LDAP would have long lasting effects, especially in regards to IAM. In fact, two of the most popular IAM platforms to date are based on LDAP. The first is called OpenLDAP. The other is called Active Directory.
Limitations of Old School IAM
The issue for modern IT organizations is that Active Directory and OpenLDAP were developed during a different era of IT. This era was characterized by on-prem networks and homogeneous system environments (primarily Windows). While this type of network is almost the complete opposite of what we see today, it did make IAM relatively straightforward.
However, the IT landscape started to change in the mid-2000s with the introduction of web applications like Salesforce and Google Docs. Then came macOS and Linux devices. Then came infrastructure-as-a-service like AWS, GCP, and more. These new categories of solutions were great for end users. The trouble was they all had one thing in common – it was difficult, if not impossible, to bind them to an on-prem domain. In other words, management of all these new types of IT resources with legacy tools was practically impossible.
Then came an entire generation of Identity-as-a-Service (IDaaS) solutions. These were effectively add-ons to the on-prem IAM platform. Their purpose was to extend on-prem identities to unsupported resources (i.e. web application single sign-on). However, any IT admin will tell you this approach is far from ideal because add-on solutions, while effective, futher decentralize IAM.
This is why the concept of unified, outsourced IAM is so enticing for modern IT admins – because the alternative is generally a mess of partial add-on solutions with an aging IT infrastructure on-prem. Fortunately, a new solution has emerged to centralize identity management by outsourcing it to a single cloud-based platform. It’s called JumpCloud Directory-as-a-Service.
Outsourced IAM with Directory-as-a-Service
JumpCloud offers a modern IAM platform that was borne from the cloud and is delivered as a service. That means that all of the maintenance and management details are handled by JumpCloud, while IT admins simply populate their users and connect them to the IT resources they need to access.
As an outsourced IAM platform, IT organizations save significant time and money by effectively eliminating the huge capital expenditure and management overhead required to implement and maintain a similar solution on-prem. End users and IT admins also benefit by having one identity across a wide range of IT resources.
Examples of these resources can include, but are not limited to, services from IaaS providers (e.g. AWS, GCP, IBM), productivity platforms (G Suite, Office 365), systems and servers (Windows, Mac, Linux), cloud applications (Zendesk, Box, Salesforce), on-prem applications (Jenkins, Docker, OpenVPN), wired and WiFi networks, Samba and NAS appliances (Synology, FreeNAS, QNAP), and a lot more.
In essence, JumpCloud puts the power back where it belongs – in the hands of IT. In doing so, IT admins can choose the best IT resources for the organization.
Learn More about Outsourced Identity and Access Management
Check out our whiteboard presentation to learn more about cloud IAM protocols and architecture. You can also contact the JumpCloud team to answer any questions about the what the JumpCloud platform has to offer, or sign up for a Directory-as-a-Service account today and see for yourself. Your first ten users are on us to help you test the full functionality of our product risk free.
This is a Security Bloggers Network syndicated blog post authored by Vince Lujan. Read the original post at: JumpCloud