IT management tools are moving over to the cloud. While this transition has been happening for a number of years, the identity and access management (IAM) space has largely stayed on-prem. But, now a new wave of serverless IAM solutions are emerging. As a result, IT organizations are becoming a great deal more comfortable with serverless user management.
Fading Microsoft® Dominance
Traditionally, the approach to identity management started with Microsoft® Active Directory® (MAD or AD). This made a great deal of sense since the IT network was largely Windows-based and on-prem. IT admins could manage user access to Windows® systems, servers, applications and the network itself. The aforementioned traditional approach has been at work for nearly two decades, but it’s effectiveness has started to wane with new, non-Windows introductions into the IT environment.
Now that IT environments are shifting to non-Windows resources based in the cloud, IT admins are faced with new challenges. The legacy user management path (AD) simply doesn’t work as well when trying to authenticate users to these resources. So, a whole ecosystem of add-on solutions has emerged to supplement Active Directory.
Here is a small sampling of Active Directory add-ons:
- Directory extensions or identity bridges to non-Windows systems, e.g. Mac® and Linux® endpoints
- Identity security improvement tools like multi-factor authentication (MFA, two-factor authentication, or 2FA)
- Web application single sign-on solutions (SSO) to push AD credentials to popular apps including Slack, Salesforce®, GitHub, G Suite™, and many more
- Governance tools related to event logging and more
- Network access / security solutions like RADIUS and dynamic VLAN assignment
How does this setup work exactly? Well, AD remains as the core identity provider and stores all the user credentials in one central location. The add-ons sit on top of Active Directory and extend those credentials out to non-Windows resources. While IT admins gain the ability to manage user access to Windows and non-Windows resources in AD, this setup is not only expensive but also a hassle to maintain.
Serverless User Management Possibilities
Now, think about shifting all (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: https://jumpcloud.com/blog/serverless-user-management/