By Megan Anderson Posted November 11, 2019
As an IT admin in today’s technologically-advanced world, you may be wondering if an on-prem directory service is still a good option for your company. You know that things are trending toward the cloud, ultimately rendering on-prem solutions obsolete. However, the top two directory services — Active Directory® and OpenLDAP™ — utilize on-prem servers. The question now becomes, why use a directory service?
You may be tempted to eschew directory services and do everything manually, but it’s important to acknowledge the vital role a directory service plays in the operation of your organization. It does the heavy lifting of controlling which users can access specific resources, allowing them to sign in automatically to the resources they’ve been provisioned, and can be used to audit your objects and attributes.
Without a directory service, you’re essentially doing twice as much work than you need to. So what is the alternative to on-prem directory services?
Outsource Your Directory Service
With regard to IT, outsourcing your directory service can be tricky as it involves trusting a third-party with the identities of your organization’s members. The idea of relinquishing that kind of sensitive information is enough to make anyone hesitate.
However, hosting your own directory service on-prem poses many security risks. Among them are:
- Infrequent updates: On-prem directories become outdated faster, meaning that bringing them up to date requires more work on your part.
- Low on-prem security: Anyone who has physical access to the server(s) can acquire the information stored there. Few small- to mid-sized organizations have enough resources to spare for security beyond a locked door, not to mention all of the virtual security needed to protect critical infrastructure.
- Human error: On-prem solutions are generally harder to implement, particularly in the absence of a specialist. This could lead to any number of potentially compromising human errors.
In any case, admins using on-prem directories already have limited control over users’ identities in today’s IT landscape. In fact, 96% of all organizations use the cloud in some capacity, according to CIO Magazine. Admins now have two choices: (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Megan Anderson. Read the original post at: https://jumpcloud.com/blog/build-directory-service/