Identity security is more critical now than ever before. With identity theft and breaches occurring daily, IT organizations want to know that the solutions they choose are secure. Google’s G Suite is no different. IT admins are interested in G Suite’s approach to identity security. They certainly should be, especially after Google recently released a study where they identified “788,000 credentials stolen via keyloggers, 12 million credentials stolen via phishing, and 3.3 billion credentials exposed by third-party breaches.” So what does identity security with G Suite look like?
Before diving deeply into Google’s approach to identity security, we need to think through the overall architecture most organizations have when it comes to their identities.
Google’s Approach to Identity Management
G Suite (formerly Google Apps) is a productivity platform that is used by millions of organizations. In fact, many of these organizations have leveraged G Suite as a replacement to Microsoft Exchange, Office 365, Windows Server, and more. Unfortunately, G Suite Directory, though, isn’t a replacement for Active Directory®.
G Suite’s identity strategy – now called Google Cloud Identity – is just one part of the overall approach for organizations when thinking about identity management and identity security. Most organizations are leveraging a directory service as the source of truth and connecting that identity provider to G Suite Directory. This approach makes a great deal of sense as G Suite identities are really focused on Google Apps and connecting to a few, select web applications. The result is that thinking about identity security with only G Suite isn’t enough. Identities aren’t just used for logging into G Suite or web-based applications. Typically, an identity is also used for gaining access to systems, remote servers, file servers, and the wireless network. Google Cloud Identity doesn’t connect with these additional resources, so the overall identity security picture needs to include the core directory service and other ancillary IAM solutions, if any are used.
Google and Identity Security
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Natalie Bluhm. Read the original post at: https://jumpcloud.com/blog/identity-security-g-suite/