While directory services are at the core of identity and access management (IAM), functioning as a full-fledged directory is not a capability of every IAM platform. At first glance, this statement may sound like a ridiculous one. If a directory service is at the core of IAM, why wouldn’t every platform in the space feature a directory? In today’s definition of IAM, the identity management capability of directory services can often be overlooked in the face of other solutions.
IAM, What IAM?
You could say that the concept of identity and access management dates all the way back to the first instance of computer passwords in the 1960s, but truly transformed into its own space in the 90s with the invention of LDAP and the subsequent arrival of Microsoft® Active Directory® (MAD). The inception of MAD, and the following rise of the directory service, is when enterprises really began to have robust IAM at scale. At the time, given that Windows® systems and resources were the norm, MAD could effortlessly connect users to their systems, resources, and more.
In the years since, the IAM needs of organizations only became more expansive and heterogeneous. This occurrence was mostly due to the rise of the cloud, as well as the uptick in the popularity of non-Windows systems. A variety of IAM micro-tools cropped up in response to the needs of IT admins, specializing in access to web apps or Mac®and Linux® devices. Using these micro-tools meant that admins could, more or less, patch their MAD instance to meet the demands of modern IT.
Today’s Definition of IAM
Some of these added-on solutions have gained a lot of traction in the IAM space, namely single sign-on (SSO) solutions. SSO makes an easier user experience by bridging the distance between cloud applications on the web and on-prem MAD. This functionality has given SSO solutions clout in the industry and, in turn, have even made them more popular than using a directory service in some cases.
Others view IAM as a way to corner their hold on the market. (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/identity-management-capability-directory-services/