Microsoft® Active Directory® (AD) is an IT industry standard when it comes to directory services. For many organizations, AD serves as the main source of identity and access management (IAM). In today’s increasingly cloud-based IT world, however, AD is struggling to connect users to the heterogeneous resources that most organizations leverage every day. The void in federating on-prem AD identities to cloud-based services traditionally fell to single sign-on (SSO) solutions. SSO solutions can remedy immediate pains but don’t deal with the root cause. Cloud-based directories are the next generation approach to AD, combined with SSO (and more) in one solution, leaving many to ask: directory services or SSO first?
First, Directory Services
Cloud directory services are the new generation of IAM for IT professionals. As opposed to traditional on-prem AD, cloud directory services leverage the cloud so the service can be implemented easily in almost any organization. Cloud directory services are considered Software-as-a-Service (SaaS). Unlike Microsoft AD, these solutions are not directly affiliated with any operating system and manage Windows®, Mac®, and Linux® systems equally. Cloud directory services enable access to a wide array of on-prem and cloud-based resources with one identity. Resources on-prem and in the cloud include: productivity platforms (G Suite™, O365™), file servers (Samba and NAS devices, Box™) cloud infrastructure (AWS®, Azure®, GCP™), web-based applications (Salesforce®, BlueJeans®, DocuSign®), WiFi and wired networks via RADIUS, legacy applications via LDAP (Atlassian® applications, MySQL™, Jenkins), MFA (multi-factor authentication, two-factor authentication or 2FA), and many more.
Web application SSO solutions, on the other hand, are focused on, you guessed it, web apps. Conventionally, SSO has worked as an add-on solution on top of an existing directory (e.g. Microsoft Active Directory). But this functionality can be accomplished more elegantly by cloud-based directory services. Hassle is reduced. Cloud directory services integrate the most commonly used protocols a user may need into a single authoritative solution that requires (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: https://jumpcloud.com/blog/directory-services-or-sso-first/