Google Cloud launches Cloud Identity as standalone service

Cloud Identity is built on Google's BeyondCorp security model and previously sat within G Suite. The company is also moving to be more of an Okta competitor.
Written by Larry Dignan, Contributor

Google will offer its cloud identity tools--based on a security framework called BeyondCorp--as a standalone tool with one console and platform to manage users, devices, apps and access.

The technology behind Cloud Identity was used within G Suite, but is now being broken out on their own, said Karthik Lakshminarayanan, Product Management Director at Google Cloud Platform.

BeyondCorp is a security model that assumes that there is no perimeter to the enterprise. Tools like VPNs and trusted corporate networks worked for years, but once companies have to collaborate with customers and partners as well as contractors, the traditional model breaks down. Also: Google shuts down Google+ after API bug exposed details for over 500,000 users | Google sets new rules for third-party apps to access Gmail data

The BeyondCorp model, cooked up by Google in 2011, has the following tenants:

  • Trust no network;
  • Every request to applications or data must be encrypted, authenticated and authorized.
  • Every application and API is on the Internet.

Google's BeyondCorp approach is being used in Google Cloud Platform's Cloud Identity service, which was launched at Google Cloud Next in London. "We've had a lot of success internally with the model and what we've received good feedback from customers, but they wanted to use it (Cloud Identity and BeyondCorp) throughout the organization and as a standalone product," said Lakshminarayanan.


Lakshminarayanan also said that Google Cloud Platform will launch a beta of Cloud Identity for Customers and Partners (CICP) in a move that will manage identity and access management. Lakshminarayanan said the service will allow developers to focus on their apps by using a drop-in custom authentication service for apps.

VPN services 2018: The ultimate guide to protecting your data on the internet

To complement Cloud Identity, Google Cloud Platform is launching out LDAP-as-a-service to cover on-premises and cloud applications. The service will roll out in "coming weeks" and be aimed at traditional tools such as Microsoft's Active Directory as well as wares from Google partner Okta.


"We believe this is a federated world. We respect our partnership with Okta and customers can use Cloud Identity depending on whatever they want to use us for," said Lakshminarayanan.

Editorial standards