IT admins often ask us, “Can I replace AD with Google Cloud Identity?” It’s a logical question, given that modern IT organizations would like to eliminate the majority of their on-prem infrastructure in favor of cloud alternatives like G Suite, Google Cloud Platform (GCP), and Google Identity-as-a-Service (IDaaS).
Well, we hate to be the bearers of bad news, but Google Cloud Identity is not a viable alternative to Microsoft® Active Directory® (AD). Fortunately, a new solution called JumpCloud® Directory-as-a-Service® has emerged that can function as an Active Directory as a service alternative.
Why Replace Active Directory?
Active Directory has been the core identity provider in IT organizations for almost two decades. First introduced in 1999, AD was designed to provide user and system management capabilities for on-prem networks of Windows® based IT resources, which were dominant at the time. Examples of the these Windows based IT resources include on-prem applications and services like Office®, Exchange®, Windows File Server®, and more.
Google Apps (now called G Suite) was a direct aim at replacing these types of on-prem Microsoft resources. However, interestingly, Google has not tried to replace Active Directory. In fact, Google has developed a number of tools, such as the Google Apps Directory Sync (GADS and now called Google Cloud Directory Sync), that are designed to complement AD.
So, with the introduction of Google Cloud Identity, IT admins want to know if Google is now attacking AD directly. As mentioned, the short answer is no. Instead, Google Cloud Identity is their approach to centralizing Google hosted identities across their services. Google took this approach because they haven’t had a user management system that cuts across all Google apps and services. With Google Cloud Identity, that is now possible.
Well, that’s all well and good for Google. The issue is that IT organizations are looking for a comprehensive cloud replacement to AD that cuts across virtually any IT resource, including Google services. They are not interested in another siloed management tool that must be managed in addition to managing (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/can-replace-ad-google-cloud-identity/