Veolia(Today’s post is Herve Dumas, Group Chief Technology Officer and Philippe Benoit, SATAWAD Project Manager for Veolia, Paris, a global residential, water, waste and energy management company) is using Google Chrome Enterprise, Chromebooks and G Suite to support its “anytime / anywhere” program and reduce security risks and IT management.
How do you empower nearly 170,000 employees across five continents? Provide them with tools that allow them to work when and where they need to get the job they need. That’s when we started transforming our end-user computing strategy in 2013.
By then, we were running 250 communication platforms all over the world. Workers were relying on tools to create documents, slides and spreadsheets, and were struggling to share files with other countries, or between departments, for example. Our IT teams spent 80 percent of their time managing technology infrastructure. And we were concerned about maintaining security for a wide variety of systems.
At the same time, we needed devices and applications that gave employees more flexibility. Many in the field work on water, waste management and energy projects to keep us close to our customers and operations. Others go to regional offices or Paris headquarters. They needed all the tools that allowed them to work wherever they were working, without being attached to a desk or device.
As a result, we launched SATAWAD, our “secure job, anytime, anywhere, on any device,” to empower our employees to be cloud staff. Our first step was to replace most of our 250 systems with the G Suite for the entire workforce and start rolling out Chromebooks to all our employees. We immediately saw the benefits. Sharing and cohesion have become new normal, which is great because teamwork is a huge priority for Veolia. Now, a Brazilian engineer can send a spreadsheet to a project manager in Paris, without having to worry about version control or the software its partners use. Entire global teams can now collaborate on documents.
Hangouts Meet also broke down barriers that hindered collaboration. Before G Suite, video conferencing was almost never done at Veolia, we didn’t have the technology people could use without asking for information. Now with Hangouts Meet, it only takes a few clicks for colleagues to collaborate face-to-face. The culture of Veolia has been amazing, bringing our global organization closer together. We currently have an average of more than 80,000 video Hangouts per month.
But switching to cloud-based productivity applications was only part of the solution for us. If we want to really embrace our employees working in the cloud, we should give them devices that were native and flexible. That’s why we accepted Chromebooks. They integrate with the G Suite, so employees can use favorite apps like Google Drive or Hangouts Meet and give employees the flexibility to work anywhere and safely.
Unlike our previous laptops, Chromebooks launch quickly and run updates transparently in the background. They also include many layers of security outside of security, including virus protection, to reduce risk and remove additional end-protection software.
Safe browsing is maintained through sandboxing and native encryption by design is required with zero effort required by our staff. In addition, we have the only console to safely manage all of our company profiles worldwide. As a result, our IT teams spend many hours managing their devices and updating their software.
With nearly 3,000 employees deploying our Chromebooks and gathering their feedback, we are nearing the end of 2019 for our nearly 170,
The biggest thing is that our employee is really connected. Currently, Ecuadorian water systems engineers can work with financial managers in Paris, though thousands of miles and several hours are separated by site. Our staff is increasingly looking forward to working with colleagues from around the world, not just some tables.
Get more out of Google Identities
When you use Google’s tools for all your needs, when they decide to remove a popular feature, you have no choice but to look for another remedy. If you have to find many alternatives, it will be difficult to manage your users and their many identities.
The trick is to try and use Google identities more than Google. This means using resources such as web and legacy applications, macOS devices, VPNs and more. Unfortunately, there is not much power to make this happen. All you can do is end up protecting your choices in IT resources unless you find a vendor-neutral alternative. AWS® and Azure® both allow access to their services with Google Cloud Identities, but there are restrictions that limit their functionality. Ultimately, every business wants to lock you in, so creating a seamless identity that works across each vendor remains the dream of finding the right solution.
For a combination of the above reasons, an organization may decide that this is the last time to move from the Google Cloud Ecosystem. But Google hasn’t been that easy. In many cases, cloud providers do not easily transfer their solutions; they want to be in their ecosystem.
Google Cloud Can’t Be Your Individual Platform
When you use Google Cloud Services, you manage identities with Cloud Identity. The problem is, Google Cloud Identity does the same. If you need to manage systems such as Windows®, macOS®, and Linux®, you are required to add another solution. That said, Google Cloud Identity Premium does offer some mobile device management (MDM) capabilities, but it also provides systems, users, and in-depth management for Windows, MacOS, and Linux.
Keeps You On-Prem
Sounds contradictory, doesn’t it? As a cloud platform, you believe that you will be left with the tools and solutions you need. But what if you are syncing your identities from Active Directory (AD) to Google Cloud? It is likely that Google Cloud will provide all the features you need if you do not associate with AD. Syncing identities between AD and Google Cloud also requires an additional server.
Don’t get stuck
As mentioned before, the trick is to use a unique identity to get as many resources as possible. Instead of locking in one vendor, use a solution that is able to extend your identities to all the resources in your environment:
- Systems (Windows, Mac, Linux)
- Apps face-to-face or in the cloud
- File servers and other infrastructure
- Networks via RADIUS
- In addition, the same solution should allow you to:
- Manage your system security settings
- Manage SSH keys
- Apply MFA to as many resources as possible
Streamline packing / offboarding
For organizations eager to implement a comprehensive solution for all vendors who want to use it, check out JumpCloud® Directory-as-a-Service®. JumpCloud provides IT administrators with a single location for any user management resource, and do so without collecting or redistributing your data. Additionally, you can import all of your G Suite users to JumpCloud, and you can dump these identities into almost any resource in your environment.
If you’re worried about being locked out of JumpCloud, using any service that you think may be of benefit to your organization is free. Having an identity with JumpCloud “locked” is not a thing locked in Google. JumpCloud can use this identity for all your resources and infrastructure now and in the future. JumpCloud centralizes your entire identity management approach, silencing Google.