In Blog, Device Management, Google Cloud Platform (GCP)

Google Identity-as-a-Service Device Management

In the last decade, Google® has played a crucial role in transforming the workplace. Today, over 5 million organizations are using G Suite™, and that number continues to grow. Given G Suite’s popularity, it’s not a surprise that Google Cloud is catching up to AWS® and Azure® in the cloud infrastructure market.

To support their growing customers, Google decided that they needed a cloud identity management platform. So, Google has emerged into the Identity and Access Management (IAM) market with their very own Google Identity-as-a-Service type of solution.

First, let’s take a brief look at the state of the IAM market.

IAM Used to be Simple

identity management active directory

In the past, managing user and device authentication and authorization was less complicated. Windows was the dominant system in offices, and users had maybe three or four resources they needed to access. In the mid 2000’s, a few advancements in technology changed everything: Mac® and Linux® systems grew in popularity, web based applications multiplied the number of resources users needed access to, and the cloud shifted the very foundation of IT infrastructure.

modern identity management

These changes have altered what a proper Identity and Access Management solution needs to offer for today’s modern office. Identities are used for daily access to devices, networks, apps, and infrastructure both on-prem and in the cloud. Conventional IAM tools generally only cover one or two of these resources. That means multiple identities, multiple logins, and a much more difficult time for IT admins in provisioning and revoking access.

A modern IAM service should centralize user access to their system, web and on-prem apps, storage systems, and WiFi networks. An ideal method to achieve would be to use your users’ existing Google (G Suite) identities as the core credentials for your organization. That way, the same identity employees used to login to their Gmail would be used to authenticate into their devices, networks, and apps.

Google Identity-as-a-Service and Device Authentication

G Suite Google Identity Management Challenges

Google Identity-as-a-Service is great for managing users and their access to Google services, and as an authentication source for a few select web applications. But, Google’s IDaaS is not a solution for authenticating users to on-prem systems such as Windows®, Mac, and Linux machines. Nor does it handle on-prem applications, storage systems, or WiFi networks.

Managing access to endpoints and networks is critical because it affects your visibility and security measures within your IT environment. Adding Microsoft® Active Directory® (AD) is an option, but it’s only fully functional when managing Windows users and machines. These days only 1 out of 5 devices are Windows (Forbes), so if you have a heterogeneous environment, only a portion of your infrastructure would end up being covered.

Centralized Device Authentication with Google is Possible

Directory-as-a-Service® is a fully featured cloud directory that can tightly integrate with your existing directory of Google identities. This approach essentially solves the issue of decentralized identity management.

Import existing Google accounts or provision new Google accounts within the JumpCloud admin console. From there, you can extend Google identities well past the conventional Google services and use them to authenticate user access to devices. That means leveraging Google credentials for access to Mac, Linux, or Windows machines, and even adding MFA to bolster security (Mac and Linux devices only). Your users can be located anywhere, and there is no longer a need for an on-prem AD. You can completely shift to the cloud with G Suite and Directory-as-a-Service®.

If you would like to learn more about how our cloud directory service can help you leverage Google identities for device authentication, we’d love to talk to you. You can also start testing our device management, MFA capabilities, and user management for yourself by signing up for a free account. Your first ten users are free forever.  

Recent Posts