IT admins have been searching for the holy grail in identity management: unified access management. The concept is simple – leverage one identity that connects users to all of their IT resources. Of course, we know that achieving unified access management can be a significant challenge, but is there a way to have unified access management for WiFi? The short answer is, yes, but let’s start with the basics.
What is Unified Access Management?
Recently, analysts and vendors have been throwing around the term, unified access management, in the IAM (Identity and Access Management) space. They are largely using the term to describe a new approach to application access management, which includes web and on-prem applications—rather than just web apps via single sign-on (SSO). Unfortunately, they are taking a considerably narrow view of the term, rather than the expansive approach that modern IT organizations need.
The trouble is that IT organizations need to securely manage and connect users to all of their IT resources living throughout the network, not just their on-prem or cloud apps. This more holistic approach could perhaps be described as true unified access management, or perhaps more accurately as True Single Sign-On™. Call it what you will, but the concept essentially describes the ability to leverage a single, core user identity to gain access to virtually any IT resource. And, for many IT organizations, that includes the concept of unified access management for WiFi.
Unified Access Management for WiFi Networks
Unfortunately, connecting a single user identity to WiFi has been challenging in the past. Historically, it generally requires IT organizations to integrate a FreeRADIUS server with both their WiFi infrastructure as well as the backend, on-prem identity provider, which is likely Microsoft® Active Directory® (AD). These integrations would often be brittle, and then there would be the challenge of educating end users on how to enter their credentials into their computer for WiFi access that is beyond the standard SSID and passphrase. As a result, most IT organizations skipped this level of effort because it was too time consuming (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/unified-access-management-wifi/