With Google’s recent acquisition of Bitium, does that mean that Google is ready to pit their Identity-as-a-Service (IDaaS) platform against major players in the SSO space such as OneLogin? The Bitium acquisition is reason to speculate that Google identity management services may be prepping to be a full on competitor to Okta, OneLogin, and Ping Identity. While Google’s conventional approach to IDaaS has dabbled in web application single sign-on, with the acquisition of Bitium, they are signaling to the market that they are a fully fledged first generation IDaaS player for web SSO: Google vs OneLogin and the rest.
So, let’s take a look at how the IDaaS market has transformed into what it is today. Then we can best understand what the future of Google’s IDaaS strategy is and how it compares to OneLogin’s offering.
IDaaS Market comes back to LDAP and Active Directory
When did Identity-as-a-Service first come into existence? We would argue that the seeds for the IDaaS market first began about 20 years ago when Tim Howes and his colleagues at The University of Michigan created LDAP. At the time, new resources like the internet and computers had trouble supporting LDAP’s heavy counterpart – the X.500. So, Tim created the Lightweight Directory Access Protocol (LDAP), a protocol that computers and the internet’s bandwidth could support more easily. This prompted the creation of two widely used directory services – Microsoft Active Directory® and OpenLDAP™. As on-prem Microsoft resources like Microsoft Windows, Office and Exchange became a staple among enterprise organizations, Active Directory quickly became the preferred directory service because of how well Microsoft resources integrated with Active Directory.
Then in the mid 2000’s, IT environments experienced significant change. Web-based applications, cloud infrastructure, and cross-platform environments began to overturn traditional Microsoft workplaces, and Google had no small hand in many of these changes. Gmail allowed IT to get rid of their on-prem Exchange server, and G Suite has become a reputable alternative to Microsoft Office. But, Microsoft wasn’t ready to relinquish its hold on the enterprise market, so they made it difficult to connect Active Directory with these new IT assets. IT found themselves losing visibility and control over their environment, so web-app single sign-on providers like Okta and OneLogin stepped in. These first generation IDaaS platforms would sit on top of Active Directory and connect AD identities to web-based applications.
Google IDaaS vs OneLogin
As Microsoft worked to keep their hold on the enterprise market, Google’s suite of services from G Suite to Google Cloud Platform gained traction in the IT world, and Google IDaaS emerged. But, Google’s approach to identity management has largely been focused on user management for their Google products. A Google Cloud Identity could be leveraged for G Suite and Google Cloud Platform, and now that Google has acquired Bitium, a Google Cloud Identity can also be leveraged to access web applications via SAML and OAuth. This could have some pretty big implications on web-app SSO providers like OneLogin and Okta. OneLogin has been around in the IDaaS market for a while, and for the most part their main competitor has been Okta – the behemoth in the space. Now, OneLogin has an even larger competitor to worry about in Google IDaaS.
The good news for IT organizations that leverage G Suite is that they will likely benefit by not having to purchase an additional web SSO solution such as OneLogin or Okta. G Suite directory will now function much like Azure Active Directory which is essentially a user management platform for Azure and a web application SSO solution. The move by Google was less about competing with Okta and OneLogin, but more about competing with Azure AD. The byproduct for IT organizations is that they no longer need Okta or OneLogin. So, they can eliminate Okta or OneLogin, but is Google’s acquisition of Bitium enough for IT admins to eliminate Active Directory from their infrastructure? As IT organizations shift to the cloud and leverage solutions such as Google IDaaS, they end up finding out that Google IDaaS and Azure Active Directory aren’t a replacement to Active Directory. So still, these organizations have one foot in the cloud and one foot on-prem.
Move the Core Identity Provider to the Cloud
The solution to this issue is to leverage a third party cloud identity management platform called Directory-as-a-Service®. This cloud IAM is a core identity provider from the cloud. It replaces Active Directory, but seamlessly integrates and federates identities to G Suite directory, Office 365, AWS, and much more. It’s the perfect solution for securely connecting users to their Mac, Linux, and Windows systems, on-prem and remote servers, LDAP and SAML based applications, wired and WiFi networks, and physical and virtual storage. IT can finally move both feet into the cloud and achieve widespread visibility over their environment.
For more information on our G Suite integration, consider watching the whiteboard video below. Curious about how customers are using G Suite with JumpCloud? Read Eusoh’s customer story to discover how JumpCloud can elevate your use of Google IDaaS in your environment. If you have any questions about Google IDaaS vs OneLogin, we hope you’ll reach out to us. We also encourage you to start testing our G Suite integration by signing up for a free account. Your first ten users are free forever.
This is a Security Bloggers Network syndicated blog post authored by Natalie Bluhm. Read the original post at: JumpCloud