Cloud Identity Platform
With Cloud Identity, users get easier and secure access on their business application and devices while administrators will get the tools they need to manage everything from a single unified location.
What is Cloud Identity?
Cloud Identity is an Identity as a Service (IDaaS) and enterprise mobility management (EMM) product. It offers the identity services and endpoint administration that are available in G Suite as a stand-alone product. As an administrator, you can use Cloud Identity to manage your users, control access, apps, and devices from a central location—the Google Admin console. With Cloud Identity, employees or users get simple, secure access on their business apps and devices while administrators get the tools they need to manage it all from one unified location.
Cloud Identity editions :
Cloud Identity Premium edition offers a more robust set of identity services encompassing enterprise security, application management, device management, network management services, etc. These services include user provisioning in an automated process, application whitelisting and rules for monitoring mobile device management.
Cloud Identity Free edition includes basic mobile management, basic inventory etc. It provides free, managed Google Accounts to users who don’t need G Suite Services, such as Gmail or Google Drive. This free version of Google Cloud versions is applicable for up to 50 users. Beyond that this service has to be availed with charges.
Cloud Identity accounts could be used with other Google services, such as Google Cloud Platform (GCP), Chrome, Android enterprise, and a large catalog of third-party applications.
If you're a G Suite admin --
You need to note that using Cloud Identity G Suite licenses are not mandatory. An admin can only provide the G-Suite licenses to the required users only who needs G Suite services. To manage users who don't need G Suite, admin can create free Cloud Identity accounts for them.
In most cases, Cloud Identity Free edition users have the same identity services as G Suite users, such as single sign-on (SSO) and 2-Step Verification (2SV).
If you're a GCP admin --
This Cloud Identity is very much helpful for working with GCP. It gives an awesome integration of GCP with Cloud Identity Platform. If the developers in an organization use unmanaged accounts to use GCP resources, you can create Cloud Identity accounts to manage these users. Unmanaged accounts refer to the consumer accounts (like personal Gmail accounts or consumer accounts with work email IDs) are outside of your control of Gsuite.
You can create free Cloud Identity accounts for each user, separate from paid G Suite accounts. By doing so, users of your entire domain could be managed from G-Suite admin Console.
Administrator controls summary :
Here are the listed features of Cloud Identity that are implemented with various services of Admin Console :
Enforce screen locks or passcodes to secure devices.
Wipe devices remotely.
View and search for devices and export details to a CSV file.
Whitelist recommended applications and make them available for users to install.
Manage company-owned devices.
View events for mobile devices.
Define rules to automate mobile device management.
Create work profiles on Android devices to separate work and personal data.
Create and manage users.
Create and manage groups.
Create and manage Groups for Business.
Assign admin roles and privileges.
Custom admin tools can be built using the G Suite Admin SDK.
Sync Microsoft Active Directory and LDAP directories with Cloud Identity.
Apart from 2 step verification, other security keys are also implemented.
View and manage user security settings.
Session length can be set for domain and after which they will be signed out.
Monitor password strength.
Google security center.
Self-service password recovery.
Chrome browser management.
SSO and automated user provisioning
Set up SSO for cloud apps.
Automate user provisioning across cloud apps.
It helps to assess domain's overall exposure to data breach and discover which particular users tend to security risks.
Fetches all the data from the Security, Apps Usage Activity, and Highlights pages in a single master report.
View logs of admin activity.
See overviews of key metrics and trends in your G Suite domain.