By Greg Keller Posted May 29, 2017
There’s been a tech war brewing between Google and Microsoft for some time. As far as who is winning, it has been an ebb and flow over the last decade.
Now, a new front in their battle is opening up in the identity management field. A key weapon on the Google side is their views around cloud identity management. So, the question for many watching this space is “What is the future of Google Identity Management?” On top of that, “Does Google’s cloud identity become a replacement for Microsoft Active Directory® or Azure Active Directory?”
Identity Management: A Brief History
The modern identity management sector started in the early 1990s with the advent of LDAP, a key authentication protocol. Our advisor Tim Howes and his colleagues from the University of Michigan created the protocol, which went on to be a catalyst for the creation of the two leading IAM solutions, OpenLDAP™ and Active Directory. As we all know, AD would become the commercial market share leader, and with most IT networks being Microsoft Windows based and on-prem, it made a great deal of sense to leverage AD.
But, then the world started to change. In the mid-2000s a new wave of solutions began to emerge and these kicked off a cascade of issues for IT admins. The cloud Infrastructure-as-a-Service provider AWS changed the landscape of data centers. Google Apps started to shift their email, file server, and productivity suite to the cloud. The resurgence of Apple with their Mac platforms and the introduction of iOS devices changed the face of the internal network.
Challenging Microsoft Active Directory’s Monopoly?
All of these changes created an opening for Google to create their version of identity management. But, it wasn’t so simple. Microsoft had a virtual monopoly on the IAM space, so Google was not interested in fighting that battle along with their attack on Exchange and Office. Google was content to create Google Apps Directory (now called G Suite Directory) as an internal user management system and authentication source via SAML and OAuth to a few, select web applications. That vision of identity management is extended to Google’s Cloud IAM solution which deals with web access control to the Google Cloud platform.
The question that many IT admins ask is “Can Google Identity Management replace Active Directory?”
Unfortunately, the answer is “No,” and it will likely remain “No” for the foreseeable future. Active Directory is connecting users to their on-prem Windows systems, applications, and networks, and while Google has done a great job of managing their cloud users and applications, in a sense they are somewhat orthogonal solutions. The good news is that there is a new generation of cloud identity management platforms, called Directory-as-a-Service®, that is an alternative to Active Directory and bridging the cloud and on-prem identity management worlds.
Directory-as-a-Service is tightly integrated with Google’s G Suite and Cloud platforms and can easily manage on-prem Windows systems. In fact, the modern IDaaS platform securely connects and manages user identities to the IT resources they need including systems (Windows, Mac, Linux), cloud and on-prem servers (e.g. AWS, Google Cloud), web and on-prem applications via LDAP and SAML, and wired and WiFi networks via RADIUS. In a sense, Directory-as-a-Service is the future of Google Identity Management while also being the reimagination of Active Directory for the modern, cloud era.
Google Identity Management and Cloud IAM
If you would like to learn more about the future of Google Identity Management, and how our cloud IAM platform can tightly integrate with your existing on-prem and cloud infrastructure, drop us a note. Alternatively, sign-up for our cloud directory services account and give a modern IDaaS platform a try for yourself. The first 10 users are free forever.