For decades, the idea of identity management revolved around Microsoft® Active Directory®’s ability to govern on-prem, Windows®-centric IT infrastructure. Since the introduction and adoption of cloud resources (like web applications, productivity suites, file servers, Infrastructure-as-a-Service (IaaS) platforms, and more), IT admins have been struggling to consolidate the management of all their users’ resources into a single platform.
Admins thought the solution could be found in Microsoft’s Azure® Active Directory (Azure AD or AAD), which was designed to manage user access to pre-integrated web applications via single sign-on (SSO) and Azure infrastructure. As a tool included with an Office 365™ purchase or Azure license, admins employed AAD to manage users within both Azure and O365.
Though it’s useful for managing select resources, Azure AD’s tailored approach to cloud identity management meant that admins looking introduce a variety of cloud-based resources to their organizations had to utilize multiple platforms for managing user access to modern resources.
As a result, IT departments have come to accept that identity silos may emerge depending on the needs of their organization. Below, we’ll discuss the threat identity silos may have on organizations, and how admins can eliminate them through centralized identity management.
What Is an Identity Silo?
The idea of a siloed identity originated after organizations began implementing modern resources outside Active Directory’s domain. As a result, users had separate identities for their on-prem resources (such as their Windows systems), laptops, access to G Suite™, applications like Slack®, and so on. Web application SSO solutions were designed to combat this idea of siloed identities by providing users with a secure platform to authenticate their credentials to a variety of applications — like Salesforce®, Dropbox, and Slack.
The only problem with this approach to identity management is that tools like Azure AD, which manage user access to select web applications and more, struggle to authenticate user access to other IT resources, such as:
- Systems (including Windows® and macOS®)
- Networks (WiFi, VPNs, and on-prem)
- Linux® servers hosted in AWS®
IT organizations (Read more…)