- Cloud Identity is an API for provisioning and managing identity resources.
- Is a unified identity, access, app, and endpoint management (IAM/EMM) platform that helps IT and security teams maximize end-user efficiency, protect company data, and transition to a digital workspace.
- Use a single admin console to manage user, access, app, and device policies.
- Monitor your security and compliance posture with reporting and auditing capabilities, and investigate threats with Security Center.
- Helps you enforce policies for personal and corporate devices.
- Give users one-click access to apps with Single Sign-On (SSO).
- Hybrid Identity Management
- Extend your on-premises directory to the cloud with Google Cloud Active Directory Sync.
- This will enable simpler access to traditional apps and infrastructure with secure LDAP.
- Integrates with hundreds of applications out of the box.
- Cloud Identity has free and premium editions.
- Premium edition charges your organization per month per user.
Validate Your Knowledge
Your company has hundreds of user identities in Microsoft Active Directory. Your company needs to retain the use of your Active Directory as your source of truth for user identities and authorization. Your company requires to have full control over the employees’ Google accounts for all Google services as well as your Google Cloud Platform (GCP) organization.
What should you do?
- Require each employee to set up a Google account using the self signup process. Mandate each employee to use their corporate email address and password.
- Write a custom script using the Cloud Identity APIs to synchronize users to Cloud Identity.
- Utilize Google Cloud Directory Sync (GCDS) to synchronize users into Google Cloud Identity.
- Export the company’s users from the Microsoft Active Directory as a CSV file. Import them into Google Cloud Identity via the Admin Console.