There is a lot of talk about Identity-as-a-Service in the market today. It’s a hot space and as organizations move to being more cloud-based, the natural inclination is to find a cloud-based identity management solution. Google Apps Directory has been a long-standing cloud-based “directory”. A common question that we are frequently asked is, can it serve as an organization’s IDaaS platform? The question is even more relevant seeing that Google recently announced support for SAML-based Single Sign-On. Google Apps Directory can now connect you to your Google applications and select cloud-based applications using SAML as well as their existing OAuth protocol support.
Identifying Your Identity Solution Needs
Here’s the more important question to ask going forward: is that enough to serve as an organization’s central identity solution? The answer to that question depends upon your needs. Most organizations have to consider management and security well beyond just their cloud-based applications.
Assessing Your Organization’s Needs
Let’s review what a full Identity-as-a-Service solution should manage:
- Secure cloud-based directory service – A core component of an IDaaS solution is a secure cloud-based user store. The user store must be able to withstand an attack, and it should store credentials securely.
- Multi-protocol support – Modern IDaaS solutions aren’t singularly focused because providing cloud application authentication alone doesn’t completely satisfy an organization’s needs. That means that the directory must be surrounded by protocols that convert identities into different formats.
- Device authentication – Most solutions that purport to be Identity-as-a-Service platforms miss the mark when it comes to device authentication. A core part of what IT admins need to manage is user access to devices. These devices include laptops, desktops, and servers. And, today’s heterogeneous IT landscape finds organizations leveraging Linux, Mac, and Windows systems. A strong Identity-as-a-Service platform manages user authentication on various devices and systems.
- Device management – In addition to device authentication, many IT admins need control over the devices themselves. They need to be able to execute policies that help to configure and secure the devices, whether they are Windows, Mac, or Linux platforms.
- Application access control – Historically, Identity-as-a-Service solutions were focused on web application single sign-on. As a result, providers are singularly focused on this area and can provide organizations with access to thousands of applications. While this area is critical, it is not sufficient in scope or capacity. Google Apps Directory has focused on this limited area of service.
- WiFi authentication – A core identity management system should also help secure your network infrastructure. Today, companies are leveraging RADIUS integration to the directory, thus ensuring that every user that is logging in is connected to the directory. This substantially increases security while maintaining a seamless user experience.
If you are looking for a cloud-based identity management platform, perhaps Identity-as-a-Service is right for you. Whether Google Apps Directory is the right platform depends upon the needs of your organization. If those needs are similar to the list above, then you’ll want to augment your Google Apps Directory service with additional identity management tools.
One area that complements Google Apps Directory is Directory-as-a-Service solutions. DaaS seamlessly integrates with Google Apps to provide a comprehensive Identity-as-a-Service implementation. If you would like to learn more about how to pair the two together, drop us a note.