By Rajat Bhargava Posted January 21, 2015
This is a question we get a lot from IT admins. The answer isn’t exactly straight forward, as it depends first on what “directory services” means to your organization, and which specific IT resources you need to run your business. It’s also generally related to whether your organization is new (a startup, or launched in the past 7-10 years), or if it has been around for a while (anything longer than 10 years).
To gain a handle on deciding whether or not G Suite (formerly known as Google Apps) will suffice as your company’s directory service, follow these 3 steps
1 – Complete an ‘IT Audit”
It is important to get a baseline of what IT resources your company uses to understand the breadth of services your directory will need to provide.
First, take stock of which compute devices are used throughout your departments and teams. Ask questions like:
- Are we using one type of device, or are we using a mix? (i.e. Windows, macOS, etc.)
- Which teams are using Windows, which teams are using Macs, which teams are using Linux devices and why?
- Do we provide our employees with business mobile phones and tablets or do we subscribe to a BYOD (Bring Your Own Device) model?
Next, review your application infrastructure. This assesses which programs employees use, and sets the foundation for access rules. At this stage, ask questions like:
- Are most of your apps web-based solutions or hardwired?
- Do you have any on-premise, legacy apps?
- What percentage of my company’s resources are web-based today? How do we expect that to change within the next 5 years? 10 years?
Finally, audit how your server infrastructure works. Taking stock of your IT infrastructure is critical in deciding whether Google App Directory will suffice for your directory or whether you will need a different solution. Ask questions like:
- Do you have your own data center?
- Do you leverage Infrastructure-as-a-Service solutions such as AWS or Google Compute Engine?
2 – Plan Your Directory
No strategies are effective without proper planning. The next step to answering whether or not G Suite Directory is sufficient to operate your directory services is to think about what directory services means to you. Specifically, you are looking to clearly define the benefits you’re looking for in a directory service solution. To help guide you through this, here are some possible questions/scenarios:
- Are you looking to centrally manage your users? If so, you may want to think about having one central store for user management. G Suite may do this well enough if all you want to control is access to G Suite and some web applications. If you have more needs, Google’s directory won’t suffice.
- Are you looking to control device and application access for your employees? If so, you may find G Suite is limited. For companies with very few users, individual management works out just fine. But for complex companies that are already big (say 100+ users, or are expected to grow substantially within the next year) manual device management isn’t really possible.
- Do you have a BYOD culture? For companies that don’t issue business-based devices, a G Suite solution might not provide the best security. In today’s culture of increasingly diverse compute devices, a secure directory service must communicate fluidly across device types and locations to ensure accuracy of access and privileges.
- Does your organization have a high bar when it comes to security due to regulations or the fact that you store sensitive information? All of these areas are worth delving into deeper to understand what are your needs and what you can live without. In some cases G Suite may suffice, in many other instances a more powerful directory solution is advised.
3 – Execute on your directory services path
But these are just a sampling of the types of questions you might want to rhetorically ask your business. After you audit your IT needs and plan your IT footprint for the future, you’ll be able to assess the extent to which G Suite can meet those needs. As a general rule of thumb, we feel that for simple needs G Suite is a strong solution, but for more complex business infrastructures it could be quite limiting.
As an example, Google does not hold out their directory to be a full authentication, authorization, and management platform. Google’s directory is mainly aimed at controlling access to Google solutions as well as some web applications that can leverage OAuth for single sign on. Google Apps Directory (now known as Google Cloud Directory) is not aimed at authenticating devices or applications, controlling group membership on applications, or managing devices such as Windows, Macs, and Linux machines. Generally speaking, if you are a “born in the cloud” company mainly leveraging G Suite and some web-based services, Google Apps Directory could work for you in your early stages.
If your organization has been around for a while, is more diverse with your IT infrastructure, or is growing rapidly, Google Apps Directory (now known as Google Cloud Directory) will not give you the control you desire. For those situations, many organizations have turned to Directory-as-a-Service™ (DaaS) solutions. DaaS dovetails nicely with G Suite and the corporate Gmail solution. Further, DaaS enables IT admins to have the control they desire over devices, applications, cloud infrastructure, and SaaS solutions.
Learn More About DaaS and Google Apps Directory
To learn more about how the cloud-based directory DaaS can work with your G Suite infrastructure, drop us a line. Or, feel free to try out a free account. We provide a full directory with 10 users free forever.