It’s no secret that, in the past, IT organizations have relied heavily on the legacy platform, Microsoft® Active Directory® (AD), for handling authentication services. For almost two decades, there’s been been very little reason for IT admins to question the all-inclusive, on-prem approach for managing Windows®-based IT resources. But with SaaS-based applications and cloud-based microservices popping up across the radar, is the idea of authentication as a microservice something worth considering?
Tethered to On-Premises Authentication
Historically, IT admins have been dependent on AD as it inherently requires regular on-prem management. Users are registered to the directory services platform and then connected to the appropriate Windows®-based systems, applications, networks, and files. These Windows-based IT resources are then validated and approved for use by the IT admin through the on-prem AD server, acting as the source of truth for authentication services. Pretty simple, right? Well, the challenge of this approach is the increasing level of upkeep required. IT admins need to regularly manage, update, and implement authentication infrastructure including servers, software, VPNs, backup systems, security, and more.
But, how do IT admins know what’s appropriate for each type of IT resource with protocols such as LDAP, SAML, RADIUS, OAuth, and many more available? Authentication—the process of confirming the user is actually who they say they are—is handled through a wide range of approaches these days. Ensuring the authentication process is airtight is vital to maintain security in IT infrastructure, and its importance can’t really be overstated. Each time an end user logs in and tries to access a resource, the authentication process should quickly and effectively reaffirm the user’s identity and process their credentials for security. And, most importantly it must be right – the user is who they say they are.
Growing out of this dependency on AD, dramatic changes in IT authentication delivery are being driven by a mass migration to the cloud. SaaS-based services, such as Salesforce® and G Suite™, enable the user’s internet browser to act as the application container, which has changed the game for how software can (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by George Lattimore. Read the original post at: https://jumpcloud.com/blog/authentication-as-a-microservice/