Current events demonstrate that the IT industry needs a new framework for identity and access management (IAM).
We’re seeing a deluge of headlines about what this moment will mean for the future of work — everything from “We’re in the midst of a massive work-from-home experiment. What if it works?” to “Why you may still be working from home after the coronavirus crisis is over.” This moment will likely have far-reaching effects on how we work, how we commute, and where we’re located in relation to our work, and IT leaders will be called upon to facilitate the technical transformation securely for their organizations.
Traditional IT approaches and architectures will not continue to serve organizations adequately into the future, but new ways of securing users, devices, and organizational data will come to the forefront.
History of the Domain
Active Directory® and its associated domain ruled enterprise IT when employees were tethered to traditional offices, immobile workstations, and internal networks. It was dubbed the “moat and castle” or “perimeter” approach to IT security. However, the rise of SaaS applications, mobile devices and new operating systems, and ways to work outside the traditional office have each challenged the domain model.
Beyond that, high-profile cases have revealed that trusting all internal traffic by default can be a grave security threat to organizations with stolen or misused credentials.
AD now requires identity bridges and extensive vendor management to federate authoritative identities everywhere they’re needed, and it requires solutions like VPNs and RDP ports to shuttle users back to internal networks. Such options expose organizations to additional risks by introducing more vendors and unnecessary access points into their environments.
Future of IT: The Domainless Enterprise
Rather than establishing a secure perimeter around a brick-and-mortar office, IT admins need architectures to secure each user and their device(s) anywhere they go.
The “domainless enterprise” enables admins to establish a core digital identity for each user, paired with agent-based control of each device that accesses organizational data. Admins can (Read more...)