Over the last few years, web-based applications have flooded organizations. In fact, their adoption in the workplace has quadrupled over the last three years alone (Blissfully). With this statistic in mind, it makes sense that the web application single sign-on (SSO) market is one of the hottest categories in the identity and access management (IAM) space. This category has been dubbed Identity-as-a-Service (IDaaS) by analysts, and one of the first players in the IDaaS space was OneLogin™. However, web-based applications are no longer the only new IT resource making its way into the modern office. For example, now there are Mac systems, cloud servers, and more. As a result, not only is a OneLogin review in order, but a review of the first generation IDaaS space as a whole.
Before we get to the review though, we need to understand why SSO solutions like OneLogin were needed in the first place.
Web App SSO Filled a Void
Like we mentioned above, the SSO market emerged when web applications increased in popularity. At the time this occurred, most organizations had Microsoft® Active Directory® as their core identity provider. While AD worked well for on-prem Windows systems and applications, it struggled with non-Windows and cloud or web resources. Because of these limitations, web application SSO providers emerged to fill the gap. IT organizations would federate their Active Directory identities to the SSO provider, which would in turn connect users to their web applications. This approach worked well when web-based applications were the only new IT resource. However, the IT network has continued to morph.
End users are gravitating towards Mac and Linux systems. Cloud infrastructure providers such as AWS® have shifted the data center to the cloud. File servers have moved away from Windows Server and on to Samba file servers, NAS appliances, and cloud solutions such as Box and Dropbox. WiFi is now the preferred method to access the internet. All of these changes have placed a great deal of pressure on the AD plus web app SSO setup.
Why not just eliminate (Read more...)