Microsoft Office and Active Directory (AD) once reigned on-premise, but there’s now fierce competition for primacy in today’s mobile and cloud-first world. Consequently, Microsoft has invested heavily into the cloud with Office 365™ (O365) and the Entra ID™ directory (formerly known as Azure Active Directory) to ensure its continued dominance. But it’s not alone. Google’s Workspace cloud productivity suite rivals Microsoft’s Office 365 services. This platform play extends into the identity and access management (IAM) space with Microsoft aggressively bundling Entra ID with O365, while Google opts for optionality for its users.
Microsoft uses Entra ID to promote software monoculture across all IT systems. Entra ID is an IAM platform that can displace Google identities in favor of its sign-in process via single sign-on (SSO). Google provides a directory called Cloud Identity to its customers, but there’s a key difference in its approach to gain a foothold in the marketplace. It leverages partners to offer customer choice and recommends JumpCloud for small to medium-size enterprises (SMEs) to manage users and devices.
JumpCloud is an open directory platform that combines IAM with unified endpoint management (UEM). It makes it possible to use one identity with both productivity platforms, so that no vendor will “own” your identity. This use case improves collaboration, internally or with external vendors and clients, and makes migrating to WorkSpace from Microsoft Office easier to accomplish.
Read on to learn about the benefits of unifying your stack with JumpCloud, a Google partner.
The Evolution of Cloud Productivity Suites
Microsoft Office™ is a staple at many organizations and has been for a long time. Traditionally, many IT organizations leveraged AD and Office on-prem. AD provided a simple way to manage user identities and allow access to the Windows-based resources users needed. However, that on-premises setup doesn’t always meet today’s IT requirements in key ways:
- SMEs use Android, Apple, and Linux devices — every endpoint should be managed
- It’s no longer uncommon to have remote workers
- SMEs don’t always have a dedicated IT staff
- On-premise Exchange mail servers are vulnerable to cybercriminals
- Office for Mac isn’t as robust a solution as it is on Windows®, and on-prem Office for Linux does not exist
Cloud productivity software solves those issues while cutting costs, improving productivity, interoperability, and manageability for SMEs. Workspace provides an efficient cloud-based architecture that enables secure, real-time collaboration. It’s designed to work seamlessly with Office 365 for effective collaboration (or a smoother transition from O365). O365 offers a diverse set of apps and services, with the inclusion of legacy programs, and access to Microsoft licensing. Microsoft’s 365 plans include O365 and extend its footprint within IT infrastructure.
The interconnectedness of O365 and Entra ID enables Microsoft to move horizontally throughout an SME’s IT infrastructure, and identity serves as the lynchpin of that strategy.
IAM and SSO
Google and Microsoft offer solutions that incorporate external identities into their systems or to serve as your identity provider (IdP). That means that your users will be able to log into Workspace with a Microsoft ID or vice versa. There are practical reasons for this such as sharing apps and resources without having to create dedicated accounts for external users.
Entra ID can incorporate external IDs in two main ways:
- Its B2B platform makes it possible for Gmail users or Workspace domains to consume Microsoft’s services as guests without having to set up Microsoft accounts for them. Admins may have to configure Google as an identity provider in Entra ID. This requires Premium 1 or Premium 2 licensing with additional monthly fees based upon usage.
- SSO and federation can be used to make Microsoft the default IdP for Google services for either a selected group of users or an entire organizational unit. That method involves using the Google Cloud/G Suite Connector by Microsoft. Users are redirected to Entra.
Configuring federation in Entra ID can be confusing and entwine you deeply into Microsoft. For example, Microsoft notes: “Google federation is designed specifically for Gmail users. To federate with Google Workspace domains, use SAML/WS-Fed identity provider federation.”
Google also supports user provisioning and SSO for O365, but it provides options beyond its platform such as JumpCloud.
- Cloud Identity and Entra ID can be set up for federation so that Microsoft is the IdP and source for identities.
- Cloud Identity can use SAML for SSO. Federation can be enabled in Entra ID and Microsoft’s Google Cloud/G Suite Connector supports service provider initiated SSO.
- As noted, Google can be configured as an identity provider within Entra ID.
JumpCloud is another option to sign into both Microsoft and Google services with one ID. Google makes this possible with Cloud Identity and partnerships with IdPs.
JumpCloud Connects to O365 and Google Workspace
With JumpCloud, you can authenticate against Azure AD with your Google ID. Also, you can create new Google identities straight from the JumpCloud user console. You can also create Google IDs via Google’s web services and utilize them in JumpCloud. This is useful if your organization is in the process of migrating away from Microsoft.
Further, users can access their Google services with Azure credentials via JumpCloud Single Sign-On. It allows users to access all their IT resources, whether they’re from Microsoft, Google, Amazon, or any other competing company on-prem or off.
JumpCloud’s open directory supports the following protocols:
- OIDC and SAML (including custom configurations) for web apps
- SCIM provisioning is included to streamline authorizations
- Optional conditional access policies
- Cloud LDAP and RADIUS for SSO into network devices
- SSH key management
The platform features environment-wide multi-factor authentication (MFA) with biometrics, push notifications, TOTP, and (coming soon) phishing-resistant modern authentication. JumpCloud offers a decentralized, (managed and auditable) password manager for apps where SSO isn’t an option. JumpCloud’s dynamic groups automate group memberships, and are complementary with Google.
JumpCloud integrates UEM into its platform at no additional charge for Android, Apple products, Linux, and Windows. The platform utilizes Enterprise Mobility Management (EMM), mobile device management (MDM), as well as agents to provide policies, commands, and telemetry.
Unifying cross-domain identity and device management with JumpCloud will enable you to reduce costs, improve operational efficiencies, and strengthen cybersecurity. A single identity can connect users to any of these resources regardless of the system they’re using. Users win with a simplified work routine, meaning less password juggling, and IT admins win by saving money and time. Feel free to schedule a demo to talk with a JumpCloud expert and see it in action.