Web application single sign-on (SSO) is an important category and a useful tool for IT organizations. This is especially true since the average small to mid-sized business uses 50+ SaaS products (Blissfully). However, as IT admins know, web app SSO only solves part of the problem in the modern office. Ideally, users would have a single sign-on not just to their apps, but also their systems, files, and networks. This has led to most organizations choosing solutions that go beyond SSO – endpoint-centric solutions that are based based in the cloud but more closely resemble a core identity provider (e.g., directory services).
The industry is moving beyond SSO, but are you ready to move with it? In order to understand the shifting IT environment, we need to step back through history.
When SSO was Only Apps
At its core, SSO is about identities and access. For years, identities were stored and managed on-premises, through tools such as OpenLDAP™ and Microsoft® Active Directory® (AD). Of course, with the world being virtually all Microsoft Windows®, AD quickly became the identity provider of choice.
But the IT world transformed throughout the 2000s as web-based applications started to flood the workplace. Active Directory wasn’t built to work with these cloud-based, non-Microsoft resources, so AD began to struggle. OpenLDAP had similar challenges with simplifying and securing app access. This created the opportunity for web application SSO providers to surface. They sat on top of AD and connected users to their web apps.
However, as we know, that hasn’t been enough. The IT landscape has continued to evolve. Mac and Linux machines are replacing Windows. Cloud servers from AWS are displacing on-prem data centers. Modern approaches to file storage such as NAS and Samba file servers are replacing Windows File Server. Traditional IDaaS solutions don’t connect users to these new tools. Rather, they merely extend AD identities to web-based applications.
Moving Beyond SSO
The bottom line: SSO shouldn’t mean a complicated set of group management tools that provide “unified” access to siloed groups of IT resources. Unless you (Read more...)