There are few categories that have yet to be SaaS-ified and cloudified, and interestingly enough, the directory is one of them. Historically, directory services have been provided by on-premise systems such as Microsoft’s Active Directory (AD) or open source OpenLDAP – both about two decades old. These systems count on users and IT resources being local to the directory, which is something IT admins have been loath to change because of security concerns and risks inherent with the Internet. As a result, the directory has remained on-premise.
That is, until now.
IT has always been an evolving landscape, but now is a particularly critical time of change: cloud infrastructure is growing incredibly fast and companies claim there is no reason to build data centers; employees demand devices that enhance productivity; and IT organizations are moving corporate applications wholesale to the cloud and transitioning to the SaaS-model. As a result, cloud infrastructure, ‘Apple in the enterprise’ and Gmail for business will be the three major IT trends that drive the directory to the cloud.
As organizations leverage Infrastructure-as-a-Service providers such as AWS, Digital Ocean, and many others, system administrators are left holding the bag on how to manage user accounts. Admins know that implementing manual or scripted processes isn’t the right way to manage users, but the alternative – connecting cloud servers to their on-premise AD or LDAP – would have them jumping through networking and security hoops just to get the two talking. Add Linux to the mix (which is even harder for AD to handle) and forget about it. As a result, admins are opting for a “separate” user store rather than running their users off of the core corporate directory.
Apple in the Enterprise
Apple continues to infiltrate organizations with Mac desktops and laptops, which creates a challenge for IT admins who know these machines are largely unmanaged and therefore painful to connect to AD and/or LDAP systems. Further, managing Mac devices analogous to how AD manages Windows machines isn’t possible. As a result, admins are searching for solutions that can control and manage their OSX devices separate and distinct from the directory.
Gmail for Business
Google is breaking the Active Directory / Exchange duo in a significant way. Over a year ago, more than 5 million businesses had already moved to Google Apps and its enterprise Gmail service. Ideally – and somewhat expectedly – organizations would by now be able to move to the cloud completely and not have to manage on-premises equipment. Unfortunately that goal has not been achieved, and many AD users now have a core system in the cloud (email) and a core system on-premises (directory services). And for organizations using corporate Gmail in place of AD/Exchange, they face challenges of their own. For starters, Google’s corporate Gmail/Apps solution isn’t a directory; IT admins can’t control authentication to desktop, laptop, and servers, nor can they manage them. Let’s face it: one foot in the cloud and one foot on-prem is not a viable solution for modern enterprises and startups.
So, how will IT admins safely connect and manage employees to their devices and IT applications if AD and LDAP aren’t making the leap to the cloud era? The answer is the cloud-based Directory-as-a-Service (DaaS). A cloud-based directory serves as the central, authoritative source of users in the organization, enabling authentication, authorization, and management on any infrastructure.
Any type of user. Any type of device. Any type of application. Anywhere in the world. That’s DaaS. A category IT admins are going to aggressively leverage.
Disclaimer: This article was written by a guest contributor in his/her personal capacity. The opinions expressed in this article are the author’s own and do not necessarily reflect those of CloudWedge.com.