As the IT network shifts to the cloud, one of the critical issues facing IT admins and DevOps engineers is how to control user access to a wide array of IT resources, both on-prem and in the cloud. Traditionally, this process has been handled by on-prem solutions such as OpenLDAP™ and Microsoft® Active Directory® (MAD or AD). But in the era of the cloud and SaaS-based solutions, is there a serverless authentication platform that can be utilized?
The Proper Authentication Tools
As previously mentioned, the traditional method of authenticating users has been to leverage on-prem tools like OpenLDAP or AD. This makes sense, of course, given that both of these solutions were introduced in the late 1990s, back when just about everything was based on-prem, and furthermore, centered around the Windows® OS. Just like using a hammer to drive a nail, leveraging a user authentication tool that is designed around the way an IT shop functions is a best practice.
The IT landscape, however, is changing, and the IT management tools that IT organizations leverage need to change with it. With the introduction of cloud infrastructure from AWS®, web applications such as Slack™, GitHub™, Salesforce™, and more, as well as Mac®/Linux® systems, the legacy approach to authentication started to break down. Many of these resources didn’t leverage Kerberos (one of AD’s native authentication protocols), or even LDAP for that matter. The result was that IT organizations needed to scramble and find add-on solutions for AD to manage these non-Windows solutions. Unfortunately, that just created a patch work of solutions to buy and manage.
Tied Down by Servers
Faced by the challenge of having the wrong tool to meet today’s authentication requirements, admins were left wanting something more. The server, as it was known, was becoming more of a hassle than it was worth as more and more IT resources were offloaded to the cloud. The costs of implementing and maintaining a server to both IT budgets and admins’ workdays began to overshadow the benefits it brought to organizations. Given that AD and (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/serverless-authentication/