Directory Services or SSO First?

Gummy bear with Directory Services or SSO First written

Microsoft® Active Directory® (AD) is an IT industry standard when it comes to directory services. For many organizations, AD serves as the main source of identity and access management (IAM). In today’s increasingly cloud-based IT world, however, AD is struggling to connect users to the heterogeneous resources that most organizations leverage every day. The void in federating on-prem AD identities to cloud-based services traditionally fell to single sign-on (SSO) solutions. SSO solutions can remedy immediate pains but don’t deal with the root cause. Cloud-based directories are the next generation approach to AD, combined with SSO (and more) in one solution, leaving many to ask: directory services or SSO first?

First, Directory Services

Directory is the FoundationCloud directory services are the new generation of IAM for IT professionals. As opposed to traditional on-prem AD, cloud directory services leverage the cloud so the service can be implemented easily in almost any organization. Cloud directory services are considered Software-as-a-Service (SaaS). Unlike Microsoft AD, these solutions are not directly affiliated with any operating system and manage Windows®, Mac®, and Linux® systems equally. Cloud directory services enable access to a wide array of on-prem and cloud-based resources with one identity. Resources on-prem and in the cloud include: productivity platforms (G Suite, O365), file servers (Samba and NAS devices, Box) cloud infrastructure (AWS®, Azure®, GCP), web-based applications (Salesforce®, BlueJeans®, DocuSign®), WiFi and wired networks via RADIUS, legacy applications via LDAP (Atlassian® applications, MySQL, Jenkins), MFA (multi-factor authentication, two-factor authentication or 2FA), and many more.  

Second, SSO

single sign on alternativeWeb application SSO solutions, on the other hand, are focused on, you guessed it, web apps. Conventionally, SSO has worked as an add-on solution on top of an existing directory (e.g. Microsoft Active Directory). But this functionality can be accomplished more elegantly by cloud-based directory services. Hassle is reduced. Cloud directory services integrate the most commonly used protocols a user may need into a single authoritative solution that requires (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: https://jumpcloud.com/blog/directory-services-or-sso-first/