There is one last major bit once you have RMM and EDR in place - centralized identify. Until Okta, Ping, Azure, and Google all have a pam module that allows for remote identity management without depending on LDAP, enterprise endpoints are restricted to desktop/server machines (or orgs where you can get a waiver and only have local login).
Buelldozer@lemmy.today 12 hours ago
Yep but…
Here’s Microsoft - learn.microsoft.com/en-us/entra/…/sso-linux?tabs=…
Google has a variety of IDM methods including Ubuntu Authd and Secure Cloud LDAP. There’s also 3rd party tools like JumpCloud, ScaleOrange, etc.
Okta appears to have ASA and OPA although I’m not familiar with either of them. Ping has PingID and Ping Federate, although again I haven’t used either of them.
So depending on your cloud and needs it’s IdM / IAM is either available NOW or it will be very soon. 😀
SuperUserDO@piefed.ca 7 hours ago
Ohh that’s super exciting. I haven’t realized Microsoft made one.
Okta’s offering was garbage last I attempted to poke it. And 3rd party IAM tooling can be completely hit or miss (and let’s not even start about LDAP over the web…)