Posts

3 Reasons to Consider Replacing Active Directory

Identity ManagementActive Directory was designed for on-premise local and enterprise networks.  As the use of cloud continues to move forward, Active Directory has not adapted as quickly as needed to provided robust, unified, identity management.  Here are three (3) reasons to consider replacing (or augmenting) Active Directory.

1) Active Directory is not “Cloud Ready”

According to a survey by security firm BetterCloud, almost 50% of SMBs will be all cloud by 2020, up from 15% today. Even SMBs are using more than one cloud service.

Keeping Active Directory means setting up sync services and other tools across multiple cloud platforms — a complex and expensive solution.

2) Users are Mobile and Working Remotely

Global Workplace Statistics reports that between 20% and 25% of employees already work remotely on a semi-regular or regular basis. And, 50% of employees hold jobs that are compatible with remote work. Since 2005, remote work has grown 103% and continues to grow.

Keeping Active Directory means requiring employees to log into the corporate domain when working remotely, typically by VPN. This is slow and cumbersome for users, and expensive to setup and maintain.

3) The Windows-Only World is Gone

Macs are normal part of the ecosystem; Computerworld reports that 90% of Fortune 500 companies officially support Apple desktops, laptops, and tablets. Chrome devices are starting to move from education to the business market. And, most employees work at least some of their day on smartphones or tablets; iOS and Android are now business operation systems.

Keeping Active Directory means bridging identity management and policies between network operating systems or adding third party products to properly manage users and devices.

The good news is that you do not need to live with the cloud-related limitations of Active Directory. You can run directory services, manage identities, and control access to devices (even when off-network) with cloud-based directory services. These services simply administration and provide a single system of record for user identities.


Want to learn more or give it a try? Contact us and we will show you how.


 

Single Sign On Misses the Mark for SMBs

Directory as a Service
As you move your small or midsize enterprise into the cloud, you will face new challenges around identity management.  Historically, identity management was an operational issue that managed user logins to desktops and local area networks. As you move to the cloud, the network is no longer local. Your network includes the suite of applications and services run and hosted by others. Identity management is now a security issue that should control access to your cloud applications, data, and services as well as your computers and mobile devices.

Single Sign On for SMBs

Even with the proliferation of usernames and passwords, most SMBS are not investing in Single Sign On (SSO).  With many applications using federated or 0Auth login services from platforms like Google Apps or Office 365, SMBs expect users to adapt and manage their identities. The result is a mix of usernames, passwords, and connections without a clear system of record and no centralized management. And while Single Sign On can help eliminate this mess, most SMBs struggle to justify the value.  In addition, SSO solutions lack the ability to manage access to devices, WiFi services, and other resources.

With SSO in place, you still need to manage and maintain a directory service. Directory services, such as Microsoft’s Active Directory and the many LDAP solutions are, in theory, capable of managing more than on-premise systems. Actually integrating directory services, however, is complex, costly, and requires regular maintenance.

Directory-as-a-Service and Identity Management

Directory-as-a-Service® (DaaS) is a modern identity platform that centrally manages user connections to this new world of cloud and SaaS-based infrastructure. Features of a cloud-based directory service include:

  • Mac, Windows, and Linux devices are all treated as first-class citizens
  • Tight integration with Office 365 and Google Apps, centralizing control over the productivity platform and enabling single sign-on capabilities for end users
  • Single Sign On integration with other cloud applications and services
  • Improved WiFi security that connects the authentication request to the directory service
  • Multi-factor authentication at the system level
  • Hosted LDAP capabilities can eliminate the need to have an on-prem LDAP server

In short, Directory-as-a-Service covers what contemporary organizations need in a modern identity management platform.


Learn more about Directory-as-a-Service and JumpCloud (our preferred DaaS solution) at our 3T@3 Webcast on October 18th, or contact us for a free, no obligation Cloud Advisor Session.