For the last decade, one of the hottest categories in the identity management space has been web application SSO (single sign-on). With the changes that have been occurring in the IT landscape, this makes a lot of sense. Users are doing more and more work in the cloud, and SSO to web applications is a big part of making that work easier. Interestingly, though, there are now many IT admins looking to the horizon to see what’s next. Is there a solution that goes beyond the traditional identity management category web application SSO solutions? The answer is True SSO™ – the integration of single sign-on across virtually all of a user’s IT resources.
Precursor to True SSO from Microsoft
In the past, the end user’s workflow was simple. All they needed to do was enter their username and password into their Windows® computer, and they would have access to just about everything they needed. This was because of Microsoft® Active Directory® and the domain controller. These IT tools enabled all of the Microsoft resources in the office to talk to each other, and as a result Microsoft effectively created the concept of single sign-on to all Windows resources without really articulating it that way.
This was a major feat. It made the end users life easy, and it made the IT admins life easy as well. This Microsoft approach worked so well because of the way enterprise technology looked at the time. Nearly the entire network was on-prem and Windows-based. From the systems to the applications, and the back office tools, just about all of it was from Microsoft. Active Directory and the domain controller required a homogenous local network to function as intended, and that’s exactly what the environment looked like then. In fact, that on-prem necessity is why companies with multiple locations would either have local domain controllers and AD servers, or would need to create VPNs to create the illusion of locality. This approach worked well for a number of years, and continues to work well in the enterprise environments that are Microsoft-based and only use on-prem resources. However, the amount of these organizations are few and far between today.
First Generation SSO Providers
The biggest issue with this Microsoft and on-prem centric approach is that when resources start moving to the web, the approach starts to break down quickly. Active Directory wasn’t designed for cloud environments, and it just doesn’t work well with remote non-Windows based IT solutions. This put IT admins in a bind, and with Microsoft failing to address the issue, a third party vendor decided to fill the gap. This resulted in the creation of the identity management category web application SSO.
IT admins could integrate their web app SSO platform (often called first generation IDaaS solutions) with their on-prem Active Directory instance. That integration would enable end users to effectively leverage their existing identity, and would extend it to web applications. The problem was solved, and all was right in the IT world again. However, similarly to Active Directory, the limitations became apparent quickly.
As the IT industry continued to innovate, the coverage of Active Directory and web app SSO providers began to falter. The IT environment became much more than just Windows devices and web applications. Mac® and Linux® systems rapidly grew in popularity. File storage wasn’t just based on Windows File Server, but now included cloud file servers (e.g. Box™, Google Drive, Dropbox™), Samba file servers, and NAS appliances. The networks employees use to reach applications changed as well. All of these different IT solutions need more than just Active Directory and web application SSO platforms.
More than Identity Management Category Web Application SSO
The solution to this IT connectivity issue is to implement an extension of the identity management category web application SSO approach. It’s a True Single Sign-On™ solution that securely manages and connect users to their IT resources, including systems, applications, files, and networks regardless of the platform, protocol, provider, and location. This True SSO solution goes by the name of JumpCloud® Directory-as-a-Service®, and this cloud-based directory provides the next generation SSO solution that IT admins are searching for.
Interested in learning more? We’re just a call away! Reach out to us, and find out why admins everywhere are implementing a cloud directory over the traditional on-prem approach. You can also sign up for a live demo of the platform here. Interested in a more hands-on approach? That’s an option too. Sign up for a free JumpCloud Directory-as-a-Service account and see for yourself what a True Single Sign-On approach in the cloud world looks like.
This is a Security Bloggers Network syndicated blog post authored by Jon Griffin. Read the original post at: JumpCloud