By Greg Keller Posted December 14, 2016
As more organizations move to web applications, IT admins have choices on how to handle single sign-on into those applications. Traditionally, organizations have chosen an IDaaS solution that is really a web application SSO provider. With G Suite’s entry into the market of web application SSO, the conversation is more complex than ever. In fact, many organizations are wondering whether G Suite SSO vs Ping Identity SSO is the right solution for their organization. In addition to these web app IDaaS providers, a new solution called Directory-as-a-Service® is also complementing these solutions.
The Rise of G Suite
Google started with Google Apps; their focus was on building a replacement to Microsoft Exchange, Office, and Windows file server. They largely succeeded in creating a new, cloud-based productivity platform to rival Microsoft.
In fact, Microsoft had to scramble to cover for the mass movement to Google Apps because more than 5 million businesses have moved over. But when Google Apps was first created, their focus was not on replacing Active Directory or competing in the identity provider space.
G Suite, Ping, and the SSO Challenge
Over time, G Suite customers asked to use G Suite identities to connect to web applications. Since G Suite’s focus wasn’t on being a directory service, it integrated OAuth and SAML protocols to federate access to a few select web applications. It would leave the core directory service to a separate solution.
Ping Identity works much the same way in that it integrates with a directory service, for example, Active Directory, OpenLDAP, or Directory-as-a-Service. The benefit of Ping Identity is that it has integrated with thousands of web applications to provide SSO. Ping Identity is largely in competition with IDaaS providers, such as Okta, OneLogin, and others. With G Suite’s entry into the web SSO space, G Suite and Ping Identity are competitive.
Decisions, Decisions: G Suite SSO vs Ping Identity SSO
Of course, the choice of G Suite SSO vs. Ping Identity SSO depends on whether your web applications are in the G Suite catalog. If they are, then you may not need to extend to Ping Identity.
The challenge with both of these single sign-on providers is that they are not the core directory service. As organizations moved to G Suite, they were largely still stuck with Active Directory on-prem. One foot in the cloud and one on-prem made for an awkward IT infrastructure. As a result, IT admins began to look for a cloud identity management platform that functioned as a core identity provider.
Achieve True SSO with Directory-as-a-Service
Directory-as-a-Service is a companion solution to G Suite and functions as the Active Directory replacement in the equation. Directory-as-a-Service is an independent directory service connecting user identities to systems (Windows, macOS, Linux), applications (cloud and on-prem), and networks. Users can leverage one set of credentials to log into virtually any IT resource. IT admins have full control over user access in a cross-platform and cross-provider fashion. Directory-as-a-Service can integrate with either G Suite or Ping Identity.