JumpCloud Office Hours: Join our experts every Friday to talk shop. Register today

Can Google Apps be Your Identity Management Solution?



There is a lot of talk about Identity-as-a-Service in the market today. It’s a hot space and as organizations move to being more cloud-based, the natural inclination is to find a cloud-based identity management solution. Google Apps Directory has been a long-standing cloud-based “directory”. A common question that we are frequently asked is, can it serve as an organization’s IDaaS platform? The question is even more relevant seeing that Google recently announced support for SAML-based Single Sign-On. Google Apps Directory can now connect you to your Google applications and select cloud-based applications using SAML as well as their existing OAuth protocol support.

Identifying Your Identity Solution Needs

icon-event-logging-api-0a10bf3180a133183e0520ddc6d9e77b

Here’s the more important question to ask going forward: is that enough to serve as an organization’s central identity solution? The answer to that question depends upon your needs. Most organizations have to consider management and security well beyond just their cloud-based applications.

Assessing Your Organization’s Needs

Let’s review what a full Identity-as-a-Service solution should manage:

  • Secure cloud-based directory service – A core component of an IDaaS solution is a secure cloud-based user store. The user store must be able to withstand an attack, and it should store credentials securely.
  • Multi-protocol support – Modern IDaaS solutions aren’t singularly focused because providing cloud application authentication alone doesn’t completely satisfy an organization’s needs. That means that the directory must be surrounded by protocols that convert identities into different formats.
  • Device authentication – Most solutions that purport to be Identity-as-a-Service platforms miss the mark when it comes to device authentication. A core part of what IT admins need to manage is user access to devices. These devices include laptops, desktops, and servers. And, today’s heterogeneous IT landscape finds organizations leveraging Linux, Mac, and Windows systems. A strong Identity-as-a-Service platform manages user authentication on various devices and systems.
  • Device management – In addition to device authentication, many IT admins need control over the devices themselves. They need to be able to execute policies that help to configure and secure the devices, whether they are Windows, Mac, or Linux platforms.
  • Application access control – Historically, Identity-as-a-Service solutions were focused on web application single sign-on. As a result, providers are singularly focused on this area and can provide organizations with access to thousands of applications. While this area is critical, it is not sufficient in scope or capacity. Google Apps Directory has focused on this limited area of service.
  • WiFi authentication – A core identity management system should also help secure your network infrastructure. Today, companies are leveraging RADIUS integration to the directory, thus ensuring that every user that is logging in is connected to the directory. This substantially increases security while maintaining a seamless user experience.

If you are looking for a cloud-based identity management platform, perhaps Identity-as-a-Service is right for you. Whether Google Apps Directory is the right platform  depends upon the needs of your organization. If those needs are similar to the list above, then you’ll want to augment your Google Apps Directory service with additional identity management tools.

google apps directory

One area that complements Google Apps Directory is Directory-as-a-Service solutions. DaaS seamlessly integrates with Google Apps to provide a comprehensive Identity-as-a-Service implementation. If you would like to learn more about how to pair the two together, drop us a note.


Recent Posts
The MDM Custom Configuration Profile policy gives admins new device management controls that they can use fit to their organizations’ needs.

Blog

Deploying Custom Configuration Profiles to MDM-Enrolled macOS Systems using a JumpCloud Policy

The MDM Custom Configuration Profile policy gives admins new device management controls that they can use fit to their organizations’ needs.

OpenLDAP and Apache Directory Server are both popular solutions — but another alternative is cloud-hosted LDAP. Try JumpCloud free today.

Blog

Apache Directory Server vs. OpenLDAP

OpenLDAP and Apache Directory Server are both popular solutions — but another alternative is cloud-hosted LDAP. Try JumpCloud free today.

See all of the new features and updates available in Directory-as-a-Service in the July '20 edition of the JumpCloud Newsletter.

Blog

July ’20 Newsletter

See all of the new features and updates available in Directory-as-a-Service in the July '20 edition of the JumpCloud Newsletter.