IT admins that are leveraging G Suite often ask a simple question: “Can Google Cloud Identity replace Microsoft Active Directory®?” As more IT organizations move to the cloud, the question around the shift from on-prem identity management to cloud IAM (identity and access management) has been coming up more and more frequently. Unfortunately, the Google Cloud Identity vs Active Directory question is not a simple one.
Google Cloud Identity
The question actually extends into “What does an organization need?” Google Cloud Identity isn’t really a product, it’s more of a concept on how Google views cloud identity management. Additionally, even this concept is limited to just Google services such as G Suite and Google Cloud. One feature Google Identity Services does have is the authentication of users to a few, select web applications via Google identities and the authentication protocols OAuth and SAML. That can work for your organization if you aren’t worried about controlling user access to your systems (Windows®, Mac®, Linux®), on-prem or cloud servers (e.g. AWS®, Azure®, your own data center), on-prem applications or those web applications not covered by Google authenticator, and your WiFi or wired networks.
Essentially, if you are just interested in user management for Google Apps and Cloud, then their concept of Google Identity Management could work well for you. If you are interested in using Google Identity Management as a cloud directory service, then that’s really outside of the scope of their cloud IAM solution.
The directory services area is where Active Directory has typically come in. Most organizations are looking for a central user management platform such as a directory service, and Active Directory has been playing that role for on-prem IT networks for almost two decades now. For Windows-based systems and applications, Active Directory can easily serve as the core directory.
The catch with AD is that as soon as you add the cloud and non-Windows platforms or applications, it becomes more of a struggle to integrate everything together. Now, organizations that made the shift to Google’s G Suite or Cloud (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Jon Griffin. Read the original post at: https://jumpcloud.com/blog/google-cloud-identity-vs-active-directory/