Breaking Your LDAP Sync
Updated: Mar 29, 2019
Sooner or later, your organisation may make the move to AWS or other third party hosting.
Sooner or later, your organisation may make the move to AWS or other third party hosting. Aside from the obvious savings in operational expenditure, elasticity and flexibility of operations, the scalability of computing resources are reason enough to migrate.
However, if your current deployment uses LDAP to authenticate and provision users, you may want to carefully consider your options.
Typically, security policy restricts using LDAP with third party and cloud hosting because the service provider needs access to your Active Directory's admin (?) credentials.
This poses unnecessary risk and exposure if the service provider or managed service provider is compromised. Even more so, if the credentials of end users are affected this can have a compounding effect because we all know employees are notorious for their lazy password habits.
Of course I may be fear mongering slightly, but how far fetch is it? In 2018 some of the world's largest companies had security breaches that effected users/customers in the billions. Yes, BILLIONS.
Easy enough our SAML SSO is the simple and effective replacement to LDAP for authenticating and provisioning users.
Just In Time (JIT) is a standard feature that provisions users dynamically when they log in based on SAML assertions sent by the identity provider. JIT provisioning has reduced admin costs, increased user adoption and better security. Alternatively, our SAML SSO has User Synchronisation, a feature that syncs your AD with cloud providers and customer specific directories automatically.
Migrating your organisation to cloud or third party hosting may be ______ but can be risqué if not configured(?) correctly. Save your company from having to send one of these emails with our SAML 2.0 Single Sign-On for your Atlassian applications.