Google vs. Microsoft Workspace

Avocados are never perfectly ripe to eat, Nintendo games will never be released on other platforms and the way people do their daily work is changing. ‘Resistance is futile’. We have to accept the everlasting search for efficiency and convenience from end-users, employees and IT-vendors. We are at a point in time that employees and/or companies don’t want to buy and manage their own back-end hardware and vendors want to commit users and contracts to them. Insert concept: Cloud computing.

Every company that thinks about moving to the cloud automatically thinks about the obvious path to get started: Office365. But to elevate Office365 you will need Azure Active Directory. And to fully benefit from the tons of features that Microsoft has to offer, you need Windows 10 and Intune and…. Before you know it Microsoft has you in a tighter headlock then Hulk Hogan had his opponents in the good old days. Don’t get me wrong, I love the Microsoft365 product suite. Just don’t jump to conclusions without at least considering other solutions. A solution completely based on Google products for example. In this blog post I will lay down the basic principles of a Google Workspace by comparing the different elements to their Microsoft counterparts.

Products side by side:

Google Microsoft Description
Google Cloud Platform Microsoft Azure Cloud Provider
Cloud Identity Azure Active Directory Identity Provider
Chrome Enterprise Microsoft Intune Device Management
Chrome OS Windows 10 End point Operating system
G-Suite Office 365 Workspace applications

The products are not completely interchangeable of course. But the components described are needed to provide a similar service.

Cloud Provider

Both Google Cloud Platform (GCP) and Microsoft Azure (Azure) are key players as third party cloud providers. Both offer roughly the same services (like compute, applications, containers, SQL instances), but offer them under different names. There are differences between GCP and Azure. Azure provides more options for global working, high availability or disaster recovery because of its availability in 54 geographic regions and approximately 162 availability zones, where GCP has 20 regions and 61 zones. In terms of pricing Google Cloud provides more flexibility than Microsoft Azure.

In this blog we focus on a basic hybrid workspace environment where all data resides on premises. Apart from the identity providers that run on the public cloud we do not have any other dependencies with a cloud provider in this setting.

Identity Provider

Let’s face it, you have Microsoft Active Directory (AD) as the default identity provider in your on premises domain. It is an IT-infrastructure standard. Microsoft benefits from this default setup with Azure Active Directory. By syncing your on-premises AD to the cloud, with Azure AD Connect, the identities of your employees are immediately known within the complete Microsoft chain. This makes features like Single Sign On to Office 365 a piece of cake.
Google works with its own identity: Google accounts. But no need to get scared now. It is possible to link an on premises Active Directory account to a Google account. In fact, under the hood Microsoft does the exact same thing. Microsoft syncs a on-premises AD account with a standalone Azure AD account with the same name. Instead of the Azure AD Connect tooling that Microsoft uses, Google relies on Google Cloud Directory Sync (GCDS) to make AD users known with the Google services.

Device Management

You can run environments without any device management tools, but nowadays that is not recommended. If you want tight security and control over who and what enters your domain, device management is mandatory.

Chrome Enterprise allows you to set and enforce over 300 security and configuration policies on endpoint devices. This includes features like: Restricting sign-in, blocking applications based on permissions, remotely disabling devices, enroll devices, managing remote access and single sign-on, tracking devices and users, restricting or requiring web apps and browser extensions, and many more.
Microsoft Intune focuses primarily on enrollment, device compliancy and conditional access. All other setting (and many, many more) can be found in the Office365 admin portal or in Azure Active Directory. Just another example that to fully benefit from the services you have to use multiple components of the suite.
The key takeaway with device management is that both Microsoft and Google provide a form of conditional access. A feature that is essential in a modern workspace.

Workspace Applications

We focus on the Office suite and the G-Suite here assuming any other line of business application is SaaS or virtualized. It is the year 2020 after all.

Google G-Suite Microsoft Office 365 Description
Docs Word Word processing application
Sheets Excel Spreadsheet application
Slides PowerPoint Slideshow application
Gmail Outlook Mail application
Google Drive Onedrive Cloud storage
Hangouts Teams Collaboration application

The Office suite can be locally installed on a device. This is not the case with G-suite. G-suite is always presented to the end-user from a web browser. That is a component to consider when designing your workplace. G-suite documents can be read and edited offline though. You can turn on offline access to resources in the Google Admin Console which is recommended by Google. With this setting a document can be opened, edited and saved to the local hard drive. When the internet connection is restored the file be synchronized with the cloud again. Both suites are fine and hold the basic functionalities to let employees do their daily job for 90% of the time. Although Microsoft Office is seen as a industry standard by a majority of the companies. That is an excellent selling point for Office365. However I recommend checking your functional demands to the possibilities and functions of G-Suite. You might be surprised what you see.

Endpoint devices

The difference between Google and Microsoft from a device point of view is not made with mobile devices. Both support Android devices as well as Apple devices. But when we look at laptops, desktops and thin clients you have an important choice to make.

In a Microsoft scenario you are not limited in your device choice. As long as the latest release of Windows 10 is the operating system, a good user experience is guaranteed (to the maximum capacity of the device’s hardware). Google chooses to limit your device choice to Chromebooks (laptops) and Chromeboxes (small form-factor PC). These devices have Chrome OS as their operating system. The main difference between traditional end-points (Microsoft scenario) and Chrome OS devices is that Chrome OS devices primarily support web applications. About 99% of the work done on a Chrome OS device is browser based. It has his pros and cons. A Chrome OS device is often cheaper than a traditional endpoint device because it does not heavily rely on it’s hardware. The most important aspect of such a device is the connection to the internet. But then again, in use cases with a bad to no internet connection available a Chrome OS device is pretty much useless.

Conclusion

With an on premises Active Directory your IT-infrastructure for a workspace will roughly look like this:

Microsoft based:

Google based:

To create a perfect mix between security and usability you have to choose either the Microsoft or the Google way of working. Both suites are good at what they do, but only deliver a solid solution based on the use of their complete workspace suite. Having Active Directory on premises is not a deciding factor in the process of choosing your cloud based work space. The choice is based on applications and end-point devices. For example: The Google suite could work brilliantly on a school with focus on collaboration and cheaper hardware, where the Microsoft suite is better suited in a global financial environment where user heavily rely on Office365 products and a free choice of end-point hardware. It all depends on your organizations functional requirements for your ideal working environment.

2 thoughts on “Google vs. Microsoft Workspace

  1. I agree with you to some extent. If you look a Hardware, it is only a viable option when current hardware is out-dated/out of support. Google only uses their own pre-approved hardware vendors, but these aren’t always readily available. Besides hardware availability, what about data compliancy and Governance, can Google support a geo location and fallback location within e.g. Europe? This is most often a dealbreaker when looking at GDPR.
    A lot of companies rely on legacy software, can Google support these? e.g. Containers, Kubernetes etc? With M365 WVD you can run (to some extent) legacy software!

    1. It is just like I mentioned in the blog post. Microsoft has become a standard in the industry. And that’s fine. They totally earned it. But it doesn’t hurt to look beyond Microsoft. Google can meet customer requirements like custom locations to store data if desired in a GDPR strategy. And containerized VM’s and the Kubernetes engine in particular are highly developed features within GCP. Google services are just lesser known than their Microsoft counterparts. It’s fun to compare the two and see the similarities as well as the differences.

Leave a Reply

Your email address will not be published. Required fields are marked *