As more and more organizations leverage Google services like G Suite and Google Cloud Platform, a common question that arises is whether or not G Suite Directory is an identity and access management platform (IAM). This question is important to understand the answer to, because it defines what the true capabilities of the directory are.
Google and the Move Into the Enterprise
Google made their first move into the enterprise through the productivity suite named G Suite (formerly known as Google Apps). They leveraged hosted email as the wedge to get into organizations, and then provided a competing solution to Microsoft Office. By offering all of these services in the cloud, they were able to steal a huge percentage of the market share in this space, and have become one of the dominant platforms in the industry. Microsoft felt the pressure and responded with Azure® and Office 365®, but at that point G Suite was already established in the workplace. With over 5mm G Suite business customers, the solution is one of the biggest players in enterprise productivity platforms.
Through Google’s tool, IT admins were able to replace their on-prem Microsoft Exchange server. This was great, but many also wondered if they could also replace their Active Directory® instance with what Google was calling G Suite Directory. The idea of shifting the identity provider to the cloud is enticing for IT admins, and having it all be in one platform from Google would be convenient.
G Suite Directory Capabilities
Alas, G Suite directory can not function as a complete identity and access management platform. IT admins should think of Google’s identity management approach as a user management system for Google Apps and a few, select web applications – not a complete Active Directory replacement.
Google’s IDaaS aspirations really focus on being able to manage web and cloud solutions rather than being the complete identity provider for an organization. Their goal hasn’t been to replace Active Directory, but rather to be a complement to it. Essentially, Google’s approach is more of a variant of a cloud identity bridge – a bridge (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Jon Griffin. Read the original post at: https://jumpcloud.com/blog/g-suite-directory-identity-access-management/