Microsoft® Active Directory® is the most popular identity and access management (IAM) platform in the world. Introduced in 1999, it quickly became the standard identity provider (IdP) for organizations. With the shift to the cloud, IT admins are wondering if they can replace Active Directory with Google IdP.
If you are looking for a cloud IdP that still maintains a lot of the functions you are used to with Active Directory, Google IdP is not the solution you are looking for. In order to understand why, we need to take a closer look at what Google is doing and what it’s not doing.
Google has been on the front-end of the cloud transformation with their introduction of Google Apps (now called G Suite) and Google Cloud Platform (GCP). G Suite® has become one of the most popular SaaS solutions on the planet, and according to a report by Blissfully, G Suite even has the most market share compared to any other SaaS product. While Google challenged Microsoft Exchange, Windows File Server, and Office by creating G Suite, they were reticent to attack Active Directory. With the recent introduction of Google IdP, does that signal a change in their cloud identity management intentions? The short answer is no.
Can’t Replace Active Directory with Google IdP
You really can’t replace Active Directory with Google IdP because it can’t do the same things that AD can. Active Directory’s intent is to be the core identity provider for an organization and that includes their Windows systems, applications, file servers, and networks. Google’s G Suite Directory – which is effectively their IdP – is focused on being the user management platform for Google Apps and services along with a few, select web applications via SAML and OAuth.
In fact, Google actually works with Active Directory. Using Google Cloud Directory Sync (formerly called Google Apps Directory Sync) IT can bridge AD and Google IdP. Active Directory remains the core identity provider, while IT can manage user access to G Suite. However, this solution requires additional hardware, software, and integration. This is not ideal because 61% of IT teams that run G Suite are cloud-first (BetterCloud). They want to be able to completely shift their identity management infrastructure to the cloud and eliminate AD. Clearly, Google IdP is not the answer, but IT can replace Active Directory with JumpCloud Directory-as-a-Service®.
Replace Active Directory with a SaaS IdP
Tightly integrated with G Suite, this SaaS IdP is a comprehensive directory services solution from the cloud. Instead of replacing AD with Google IdP, you can make the leap to Directory-as-a-Service, while maintaining deep user management to G Suite and GCP. An OAuth based API integration provides IT admins with a single point of control to deprovision, provision, and manage G Suite users. Combined with our multi-protocol approach, this means IT admins can also manage user access to systems (Mac, Linux, and Windows), on-prem and remote servers (AWS, GCP), legacy and web-based applications, physical and virtual file storage, and wired and wireless networks. Additionally, JumpCloud’s SaaS IdP is completely cloud-based, so IT no longer has to spend time on maintaining uptime or managing hardware. By 2020, 50% of IT teams that leverage G Suite expect to run 100% of their IT infrastructure in the cloud, and now they can do that securely and efficiently with a cloud identity management solution.
Find Out More about How to Replace Active Directory
If you still have any questions about why you shouldn’t replace Active Directory with Google IdP, please reach out to us. We’d be happy to walk you through why our cloud IdP is an Active Directory alternative. You don’t have to just take our word for it though. Sign up for a free account, and test our cloud-based directory service for yourself. All of our features are available, and your first ten users are free forever.
This is a Security Bloggers Network syndicated blog post authored by Natalie Bluhm. Read the original post at: JumpCloud