The holy grail in the identity and access management (IAM) space is the ability to enable a user to easily and seamlessly access whatever IT resources they need. With this ability, an IT admin can simply provision, deprovision, and modify user access from a centralized console. Sounds too good to be true, right? Well the identity management capability True SSO (single sign-on) is on its way to achieving that goal.
The Beginnings of Modern Identity Management
In order to understand the current identity and access management landscape, we need to take a step back into history. The modern era of identity management started with the introduction of the LDAP protocol. Created by JumpCloud advisor, Tim Howes, and his colleagues at the University of Michigan in 1995, LDAP enables use of lightweight directory access and authorization. This authentication protocol would then spawn two major identity providers – Microsoft® Active Directory® (MAD or AD) and OpenLDAP™. Active Directory would go on to dominate the commercial sector, while OpenLDAP would lead the open source directory services category.
Although both had holds on their specific spaces, the reason MAD was so successful overall was due to how integrated it was with the Windows® platform. A user would simply login to their machine and then have access to virtually any on-prem Windows-based resource, including servers, applications, file servers, and the network itself. For IT admins, as long as the IT resource was Windows-based, they had relatively easy control. And, since most early IT environments were based in Windows, MAD was a choice identity management tool.
The Cloud Changes the IAM Space
The MAD approach to IAM was great while it lasted. Soon, however, a wide range of non-Windows IT resources emerged. Many of these were delivered from the cloud, which revolutionized the generally on-prem IT world. Not only that, systems such as Mac® and Linux® also hit the scene. These changes, of course, broke the easy login and management model.
IT admins leveraging AD were, at that moment, out of luck. To bolster AD for the cloud era, (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/identity-management-capability-true-sso/