Setup and user management
There's a setup guide to get you started on Google Apps which walks you through things like verifying the domain you're using , creating user accounts and changing your MX records to point to Gmail (you need your own domain to use Google Apps). It's mostly clear and simple, but the duplicated instructions and sometimes circuitous inteface make setup a very fragmented experience. Setting up the Postini spam service tells you it may take up to an hour and again you have to change the MX records to redirect mail to the Postini service and configure some settings in Google Apps email by hand - all of which should be far more automated and suggests that Google has still not fully integrated the Postini acquisition with its platform.
Office 365's Forefront Online Protection for Exchange, SharePoint and Lync Online are running by default so all you have to do is create or migrate users. You only need to configure settings if you want to use an optional vanity domain, to get finer control or if you're integrating with on-premise servers. Thankfully the guides to doing this are clear and detailed.
You can create Office 365 users individually assigning admin rights and turning on services for them at the same time - or by importing a CSV file. You can also connect to an existing on-premise Exchange server and migrate users and mailboxes, or synchronise with your Active Directory to manage Office 365 users with roles and policies the same way you manage existing users (so you can delete a user in AD and they're removed from Exchange Online). You even get PowerShell cmdlets that let you configure Office 365 from the command line.
The Forefront rules and filters are very powerful but the interface is more complex.
To create Google Apps users you can set them up one by one in the control panel or import a CSV file - but most enterprises will use the Google Apps Directory Sync to get user details from AD or Lotus Domino, which the setup guide doesn't cover. This is a one-way sync and you have to leave the tool running on your local server and make changes to users in AD and propagate them up to Google Apps. To migrate mailboxes you have to run an Outlook sync utility individually and you can't migrate distribution lists, so you have to recreate them. It's initially confusing which tools you need for synchronising and migrating different information and settings to Google Apps, especially as the help pages often refer to old tools that have been replaced.
What Google Apps calls 'groups' are merely mailing lists. To control who gets which Google services you need to set up organization units. These cover both the core offerings like Gmail and the wide range of other Google tools whose terms and conditions your business will be deemed to have accepted if users from your business sign in with their Google Apps account - so this is mainly useful for disabling access to Picasa or YouTube if you don't want to accept those terms.
If business users sign into other Google services with their Google Apps account, the business is bound by the terms and conditions, so you can block this.
There's a separate option for whether users get access to functions and features from Google Labs, which could be a new option in Gmail or a tool like Google Moderator for managing a question and answer session at a company meeting (it's unclear what happens to these tools as Google recently announced that it is shutting down Google Labs). You can also use organization units to restrict which domains users can send email to, but you can't use them to control any other settings so it's nothing like as powerful as AD groups. You can't delete an organization without moving or deleting the users first, and deleting a user gives you the choice of deleting their documents or moving them to another user.
Both Microsoft and Google promise single sign-on. If you have Active Directory and AFDS 2, Office 365 users can use their Windows login to sign on to the local network (including any business apps you've integrated with that login) and to Office 365 services. Your Google Apps sign in gives you access to all the online Google services (including services that aren't part of Google Apps if the administrator allows this). It's possible to use a SAML bridge and the provisioning API to make that work with your in-house LDAP directory and local apps, but this is far from trivial to set up and it won't work with Google desktop applications.
Winner: Office 365. Microsoft's product is easier to set up and integrate into your company's existing infrastructure.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.
Mary is a freelance business technology journalist who has written for the likes of ITPro, CIO, ZDNet, TechRepublic, The New Stack, The Register, and many other online titles, as well as national publications like the Guardian and Financial Times. She has also held editor positions at AOL’s online technology channel, PC Plus, IT Expert, and Program Now. In her career spanning more than three decades, the Oxford University-educated journalist has seen and covered the development of the technology industry through many of its most significant stages.
Mary has experience in almost all areas of technology but specialises in all things Microsoft and has written two books on Windows 8. She also has extensive expertise in consumer hardware and cloud services - mobile phones to mainframes. Aside from reporting on the latest technology news and trends, and developing whitepapers for a range of industry clients, Mary also writes short technology mysteries and publishes them through Amazon.