Cloud-based directory services have drawn a lot of attention in recent years. The thought of a universal identity management solution that doesn’t require anything on-prem is certainly part of the appeal. Why is this approach advantageous? Let’s take a look at the development of traditional directory services to find out.
Overview of Directory Services
Historically, Microsoft® Active Directory® (AD) has been the go-to directory services platform in most IT organizations. Introduced in 1999, AD was built to help IT administer Windows® users and IT resources such as systems and applications. At the time, Windows-based IT resources made up the vast majority of enterprise networks and everything was on-prem. As a result, most IT administrators simply implemented AD and they could effectively manage all of the IT resources in their environment.
The IT landscape started to evolve as a wide variety of non-Windows IT resources gained popularity in the workplace. For example, Mac® and Linux® systems disrupted Microsoft’s monopoly in the enterprise system market. Then came web applications like Google Apps (now called G Suite™), which offered cloud-based alternatives for on-prem, Windows-based applications. Yet, perhaps the most significant change was the shift to cloud infrastructure providers such as AWS®, which enabled IT to shift their entire on-prem data center to the cloud.
Non-Windows IT resources such as these were difficult to manage directly with AD. Initially, this meant that IT admins had to manage non-Windows IT resources independently, if at all. This granular approach to managing users and their access to IT resources was a major headache for IT admins, not to mention it introduced a number of security risks. Fortunately, though, the IT landscape continued to evolve.
Add-On IAM Solutions Emerge
The next step in the evolution of directory services was the emergence of a variety of directory extension solutions. Solutions such as these were generally layered on top of AD, and served to federate on-prem AD identities to non-Windows systems such as Mac and Linux. Then came single sign-on (SSO) solutions for web applications, privileged account management, password managers, MFA, (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/cloud-based-directory-services/