By Rajat Bhargava Posted December 8, 2016
It’s no secret that Google wants to control your personal and professional identity. That’s exactly why they are putting effort into a variety of identity and access management areas. These solutions range from their control over consumer identities to their G Suite Directory.
They recently launched their web application single sign-on capabilities. Along with their OAuth capabilities, you could reasonably say that their approach to a solution, Google IDaaS, is aiming at the Identity-as-a-Service sub-market of the overall identity and access management space.
Let’s take a closer look at Google as an identity provider.
The G Suite Directory
The core of Google IDaaS is their G Suite Directory. It is the approach that they are taking to centralizing Google identities right now for corporate settings. The question for IT admins is this:
“How can Google’s Identity-as-a-Service
approach help their organization?”
Ideally, Google’s IDaaS would serve to centralize identity management. With a wide variety of IT resources, the challenge has become how to have a central identity be the core and authoritative source of credentials.
A Decentralized Identity Landscape
Today organizations are using Windows, Mac, Linux, AWS, G Suite, Office 365, Azure, Google Cloud, and many more platforms and providers.
All of these different IT resources are leveraging different types of authentication approaches. Some use native APIs while others may use SAML, RADIUS, LDAP, SSH, and others. Many of these IT resources are hosted in the cloud while others are on-prem.
So, how do you get a central identity provider to securely manage and connect these IT resources to your user’s identities?
The Solution: Google IDaaS?
Google would have you say use their IDaaS platform – their cloud directory service. Unfortunately, that’s not a viable solution for most IT organizations.
Google’s approach to identity management is more like user management within their platform. Users can be provisioned, deprovisioned, or modified on their platform. G Suite Directory can also help connect to a few select web applications via OAuth and SAML.
Other IT resources, though, are not part of the purview. G Suite Directory Sync which connects to an on-prem Microsoft Active Directory platform or OpenLDAP server is the method to go on-prem. But in that case, AD and LDAP is the central identity source and there are additional servers to be managed. That’s hardly an Identity-as-a-Service approach.
Cloud IDaaS Alternative
There is an alternate approach to having a centralized cloud identity management platform than Google IDaaS. Directory-as-a-Service® is an independent approach to a cloud identity provider. The cloud directory centralizes the identity and emits it via a variety of different protocols including LDAP, SAML, RADIUS, SSH, REST, and other native authentication approaches.
The benefit of this approach is that Directory-as-a-Service can enable IT admins to centrally control a mixed platform environment including Windows, Mac, and Linux machines, web and on-prem applications, AWS, G Suite / O365, and WiFi network access. In short, virtually any IT resource in a modern enterprise. The benefit of integrating Directory-as-a-Service with Google IDaaS is that the end user’s G Suite credentials can be leveraged to their entire IT universe.
If you would like to learn more about Google IDaaS and alternatives to their directory services approach, drop us a note. You’ll be able to build a central cloud identity management solution around Directory-as-a-Service which integrates seamlessly with G Suite. Feel free to try our Identity-as-a-Service platform for yourself. Your first 10 users are free forever.