Identity and access management is one of the most important capabilities in IT. In our increasingly connected world, controlling access to digital assets has never been more critical. The rate of breaches is accelerating – and one of the largest contributing factors is poorly managed identities. So how does IT go about securing and controlling access to digital assets in today’s modern IT world? One option is to take identity management and security to the next level with a new generation of SaaS identity and access management (IAM).
So let’s take a look at how changes in the IT landscape have had a significant impact on the IAM market.
IAM Market Started When LDAP Replaced the X.500
The IAM space really kicked off when Tim Howes and his colleagues at the University of Michigan created the LDAP protocol. As the internet and desktop computers became the norm, IT found that the X.500, LDAP’s counterpart, was too cumbersome for the bandwidth of these resources. So, Tim and his peers created the Lightweight Directory Access Protocol (LDAP), and LDAP ended up being the catalyst for two critical identity management tools – OpenLDAP and Microsoft Active Directory. Of course, AD would go on to be the most widely used IAM solution on the market.
Over time, the IT vendor community just assumed that the core identity provider in an organization would be Active Directory, so they turned their attention to solutions that were designed to be built on top of AD. These categories included directory extensions, web application single sign-on, privileged identity management, password management, multi-factor authentication, and others. None of these categories, though, would match the importance or size of the directory service or core identity provider.
AD Didn’t Adapt to Changes in the IT World
AD was the monopoly in the space because of their dominance with Windows and the fact that most IT resources were on-prem. Over the last decade, though, the IT landscape has been changing: Windows systems only make up one in five devices, web applications are extremely popular, the on-prem data center is being replaced by AWS, and a host of other critical changes. The legacy approach to identity and access management isn’t going to work in the modern IT environment. Microsoft wants to keep things the way they used to be because doing so keeps IT locked into Microsoft’s hardware and software ecosystem. So, Microsoft has made it challenging to connect these modern IT resources with Active Directory.
IAM Options for Today’s Modern IT World
So to maintain a secure, centralized environment IT has a few options. The first option is to remain locked in with Microsoft and to use only Microsoft technology. But there are downsides to doing this. One example is when given the option, 3 out of 4 employees choose Mac over Windows systems (Jamf). Additionally, when employees are able to use the system of their choice, they are 72% more productive (Jamf). So you could just stick to using Active Directory and remain within the Microsoft ecosystem, but that could cost you in productivity.
Another option is to use third-party vendors that sit on top of Active Directory to connect users to
Mac systems, web-based applications, and other modern resources. But, these can be pretty expensive. Also, they don’t solve the actual problem, which is really the identity provider itself.
A third option is to consider switching to a new generation of SaaS identity and access management solutions. This modern era of IDaaS is really a new generation of directory services built in the cloud for cloud and on-prem IT resources. As a cloud hosted identity provider, this new generation IAM solution is securely managing and connecting users to the IT resources they need regardless of platform, protocol, provider, or location.
SaaS Identity and Access Management with DaaS
The new SaaS identity and access management solution Directory-as-a-Service® (DaaS) is connecting users to systems (Windows, Mac, Linux), cloud and on-prem servers (AWS, Azure, GCP, on-prem), physical and virtual storage systems such as Samba files servers and NAS appliances, web and on-prem applications via LDAP and SAML, and wired and WiFi networks through RADIUS. This modern, comprehensive approach to SaaS identity and access management centralizes access to all of the resources your users need access to, and provides IT with the control and widespread visibility needed to protect their organization’s digital kingdom.
Learn more about replacing your legacy identity provider by reading how Ooyala centralized nine global offices or how Ace Payroll unified their national operation by switching to SaaS identity and access management. You are also more than welcome to drop us a note if you have any questions about our SaaS IAM platform. Ready to try it out for yourself? Sign up for a free account. All of our features are available and your first ten users are free forever.
This is a Security Bloggers Network syndicated blog post authored by Natalie Bluhm. Read the original post at: JumpCloud