Google recently introduced Google Cloud Identity. It is a self-proclaimed Identity-as-a-Service platform. But what does that term really? Given all of the confusion in the identity management market, it’s important to understand the actual features and functionality at play. So what is Google Cloud Identity, really? Is it a directory service, web application SSO platform, identity bridge, or other?
In order to understand what Google Cloud Identity is, we need to be able to answer that question – along with understanding Google’s long-term goals in the cloud.
Google’s Strategy in the Cloud
Google is highly interested in attacking Microsoft® Azure® with its cloud infrastructure services. For years they have been building up G Suite to slow down the runaway train that is Office 365. Now, Google is betting that their Cloud Platform can take on Azure.
Google’s strategy against Microsoft is not recent news though. Google has been challenging Microsoft since the mid 2000’s, and has led the path in loosening Microsoft’s grip on the enterprise market. Major changes in the IT landscape only assisted Google as users started to chose Mac and Linux over Windows systems, web-based applications in addition to Microsoft Office, and IT opted for cloud infrastructure over having it on-prem.
At first, Microsoft resisted integrating these new resources with Active Directory, but then they came up with a new strategy – Azure and Azure Active Directory. It should be noted that Azure AD is not a replacement for Active Directory. The two solutions work together to create on-prem and cloud identities that are in sync and can be used to access on-prem Windows solutions as well as Azure cloud services.
Google knows that trying to disrupt Active Directory® is not in the cards for them and they don’t believe that they need to. They believe that they can bridge Active Directory credentials to Google Cloud Identity rather than have IT organizations move to Azure.
Google’s End Game with Google Cloud Identity
By bridging Active Directory credentials with Google Cloud Identity, users would only need to have one identity across all Google services including G Suite and Google Cloud Platform. Google Cloud identities would be able to access Google Apps, Google Cloud IAM, and a few, select web applications via OAuth and SAML.
The key is to also understand what Google Cloud Identity isn’t. It’s not your core, authoritative directory service to authenticate access to systems (Windows, Mac, Linux), web and on-prem applications broadly (e.g. using LDAP or SAML across a wide range of sites), cloud and on-prem servers (AWS, on-prem data centers), physical and virtual storage, and wired and WiFi networks. It’s not meant to be a True Single Sign-On™ platform.
A Cloud Identity Bridge with True SSO
There’s no doubt that Google Cloud Identity has tremendous value for organizations that are focused on Google services. The good news is that with a third party platform called Directory-as-a-Service® you can extend those Google identities to a wide range of IT services. Integrating Google Cloud identity can easily be done by either creating Google identities natively within the G Suite directory or they can be imported into Google from our cloud identity bridge.
You can also leverage the DaaS cloud identity bridge to connect Active Directory to Google Cloud Identity. With a simple installation process, IT can centralize user access to G Suite, Mac, Linux, and Windows systems, remote servers, WiFi networks, and web-based and on-prem applications.
If you would like to find out more about leveraging our virtual identity bridge, drop us a note. We also encourage you to start testing our AD bridge or our Google Cloud Identity integration by signing up for a free account. Your first ten users are free forever.
This is a Security Bloggers Network syndicated blog post authored by Natalie Bluhm. Read the original post at: JumpCloud