I guess one way to protect yourself from this would be to use another IAM solution for SSO login to Google Workspace, but is there any reasonable choice for small businesses other than Entra ID or Okta?
I guess one way to protect yourself from this would be to use another IAM solution for SSO login to Google Workspace, but is there any reasonable choice for small businesses other than Entra ID or Okta?
There's always keycloak you can rollout yourself. It's not trivial but it's quite doable.
Instead of Keycloak, I would recommend giving Kanidm a try: It's much more lightweight and covers most of what you usually need (one notable exception being SAML).
https://github.com/kanidm/kanidm
Thanks for the pointer, https://news.ycombinator.com/item?id=47649354
edit: looks like there are affordable managed hosting providers for keycloak.
I was a long time k8s skeptical, but I think it's solid now. If there's good support for keycloak for k8s with support for backups I wouldn't think twice.
Not sure the state of keycloak now, but it was a lot of work to manage keycloak configs with the IaC pipeline. That could have gotten better now, but I think having access to the data is important because migration might not be trivial if for instance a provider starts acting up.