As you move your small or midsize enterprise into the cloud, you will face new challenges around identity management. Historically, identity management was an operational issue that managed user logins to desktops and local area networks. As you move to the cloud, the network is no longer local. Your network includes the suite of applications and services run and hosted by others. Identity management is now a security issue that should control access to your cloud applications, data, and services as well as your computers and mobile devices.
Single Sign On for SMBs
Even with the proliferation of usernames and passwords, most SMBS are not investing in Single Sign On (SSO). With many applications using federated or 0Auth login services from platforms like Google Apps or Office 365, SMBs expect users to adapt and manage their identities. The result is a mix of usernames, passwords, and connections without a clear system of record and no centralized management. And while Single Sign On can help eliminate this mess, most SMBs struggle to justify the value. In addition, SSO solutions lack the ability to manage access to devices, WiFi services, and other resources.
With SSO in place, you still need to manage and maintain a directory service. Directory services, such as Microsoft’s Active Directory and the many LDAP solutions are, in theory, capable of managing more than on-premise systems. Actually integrating directory services, however, is complex, costly, and requires regular maintenance.
Directory-as-a-Service and Identity Management
Directory-as-a-Service® (DaaS) is a modern identity platform that centrally manages user connections to this new world of cloud and SaaS-based infrastructure. Features of a cloud-based directory service include:
- Mac, Windows, and Linux devices are all treated as first-class citizens
- Tight integration with Office 365 and Google Apps, centralizing control over the productivity platform and enabling single sign-on capabilities for end users
- Single Sign On integration with other cloud applications and services
- Improved WiFi security that connects the authentication request to the directory service
- Multi-factor authentication at the system level
- Hosted LDAP capabilities can eliminate the need to have an on-prem LDAP server
In short, Directory-as-a-Service covers what contemporary organizations need in a modern identity management platform.