As enterprises rely on more cloud resources, IT professionals should develop proficiency with identity management tools.
Not long ago, digital identities were relatively straightforward: Users would log in to an Active Directory forest, and the user's account acted as an identity and access control mechanism throughout the user's session. Today, things are more complex.
Windows Server still uses Active Directory forests, but users routinely access resources that exist beyond the forest boundaries. Examples of these resources are virtual machines in public clouds, file shares in a remote Active Directory forest, or even software-as-a-service apps served up by a cloud provider. No matter the scenario, the user's account no longer acts as a universal access control mechanism -- at least not by itself.
Windows Server administrators taking on additional cloud responsibilities should focus on how to use Microsoft's Azure Active Directory or similar identity management tools to enable identity federation and single sign-on capabilities for resources that are both within and outside of the IT department's control.