By Greg Keller Posted February 23, 2017
User management across your IT infrastructure is one of the most critical IT tasks.
It can also be one of the most painful.
Controlling who has access to what IT resources is central to security, productivity, and compliance. Google IDaaS user management is aiming to solve this problem for IT admins.
What Is Google’s Approach To Identity Management?
Unfortunately, as with most things from major tech titans, Google’s approach to Identity-as-a-Service really only works with their Google Apps and services. It also will connect your users to a select few web applications through their SSO platform with OAuth and SAML. But beyond that, you are on your own.
Google’s approach to identity management services, which is really just G Suite Directory, is fundamentally a user management system for Google services.
The Full Scope of Modern User Management
If we step back, it is easier to see what is going on in the identity and access management market. The IT environment has changed over the past decade. What used to be virtually all Microsoft Windows-based networks and hosted on-prem has turned to a heterogeneous, cloud-based infrastructure.
- Only one in five devices is now Windows (Forbes).
- G Suite and Office 365 are the email and productivity platforms.
- AWS has turned the on-prem data center to be a cloud-hosted, pay-as-you-go cloud server platform.
- Wired networks with the domain controller at its heart are now simple WiFi-based networks, café style.
All of these changes are fundamentally altering how IT admins approach their identity management function.
Limitations of Google IDaaS User Management
Google has driven many of these dramatic shifts in IT, but their approach to cloud identity management is still in its infancy. This makes sense since they have deferred to the Microsoft monopoly of Active Directory. Google is reticent to compete with AD because of AD’s extreme penetration in the marketplace and their focus on the on-prem infrastructure. Google’s approach is to focus on the cloud and let the fundamental change in IT bring identity management to them.
That strategy may work for Google in the long-term. Unfortunately, what that strategy means for you today is that Google’s IDaaS isn’t going to work. It simply doesn’t solve enough of the needs that IT admins have. On-prem systems, applications, and networks are a critical part of what IT admins need to manage. Now – and indefinitely – Google’s “directory services” doesn’t have that functionality.
The good news is that there is a complementary IDaaS platform to G suite and Google services that replaces Active Directory in these environments.
How to Extend Google Users to Systems, Networks, & Servers
Google identities can be synced to a fully-featured cloud directory using JumpCloud’s Directory-as-a-Service®. Directory-as-a-Service is a cloud-hosted identity provider that is independent and connects user identities to whatever IT resources an IT organization is managing. That includes resources located on-prem and in the cloud. Windows, Mac, Linux, G Suite, Office 365, AWS, and many other platforms are all treated as first-class objects. This cloud identity management solution can leverage G Suite credentials throughout the IT infrastructure, thereby reducing friction for end users and increasing control for IT.
Google Identities Now Do More
If you would like to learn more about Google IDaaS user management and what that means for your IAM strategy, you can see it in action in the video above. We’re also happy to talk with you directly, so don’t hesitate to drop us a note.