All Research
Leadership Compass

Why don't you like this?

I like this
I don't like this

Identity Governance & Administration 2021

Richard Hill
Please note that a newer version of this paper is available, published on November 25, 2022. You might want to check it out instead.
The Identity Governance and Administration (IGA) market is continuing to evolve through more integrated Identity Lifecycle Management and Access Governance solutions that are now increasingly aided by intelligent features. This Leadership Compass will give an overview and insights into the IGA market, providing you a compass to help you find the products that can meet the criteria necessary for successful IGA deployments.

1 Introduction / Executive Summary

Identity Governance and Administration (IGA) combines the traditional User Access Provisioning (UAP) and Identity and Access Governance (IAG) markets. While many vendors today offer combined capabilities to qualify as IGA vendors, a few, especially the new entrants, provide either Identity Lifecycle Management (ILM) or Access Governance capabilities to cater to specific needs of the organizations.

The IGA vendors differ in the depth and breadth of functionalities offered and thus can be classified as either provisioning or governance focused. This KuppingerCole Leadership Compass provides an overview of the IGA market with notable vendors and their products or service offerings in the market.

From our interaction with organizations of varied IAM maturity across the industry verticals, we note that while some are still looking for an Identity Lifecycle Management solution with limited or no Access Governance capabilities, many others demand a strong Access Governance solution. The latter is mostly the case when organizations already have Identity Lifecycle Management in place or when their starting point is Access Governance. One of the adoption patterns we have observed in the market is where fulfilment through Identity Lifecycle Management is achieved via a managed service, and Access Governance is run by and within the organization itself to retain absolute control over governance functions. There are several other adoption patterns witnessed in the market where customer's immediate requirements are limited to either Identity Lifecycle Management or Access Governance but do not demand an IGA solution. In most other cases where there is a need for both, IGA products are preferred over provisioning or governance 'only' solutions to achieve the desired mix of capabilities. This is generally true for greenfield IAM implementations that have a need for both Identity Lifecycle Management and Access Governance capabilities. It is important that organizations scope their IGA requirements well before starting to evaluate IGA products that differ in the strength of IGA functionalities making most of them better aligned for either provisioning or governance focused deployments.

Based on the adoption trends, changing customer priorities, and deployment patterns, we decided to center on Identity Governance and Administration holistically to help security leaders identify relevant IAM market segments and subsequently shortlist the most appropriate technology vendors based on their immediate IAM priorities. In this Identity Governance and Administration Leadership Compass, the primary focus is on the vendors that offer both Identity Lifecycle Management and Access Governance capabilities, either as a common product or separate but integrable product components to deliver capabilities across the IGA spectrum.

This IGA Leadership Compass is complemented by two other Leadership Compass documents - LC IGA for SMBs (small and midsize businesses) that identifies and focuses on functional and operational IGA requirements of SMBs that are different in both objective and magnitude than large organizations. The other Leadership Compass is LC IAM Suites that focuses on comprehensive IAM suites and evaluates vendors for their completeness and functional depth of IAM portfolios to include core and even adjacent IAM capabilities such as Privilege Management, Enterprise SSO, Identity Federation, Web Access Management, API Gateways, Fraud Detection and Prevention etc. in addition to IGA as an integrated offering.

With these various LCs, we aim to provide CISOs and security leaders responsible for IAM the most practical and relevant information that they need to evaluate technology vendors based on the specific use-case requirements, whether these are IGA-driven, provisioning focused, governance focused, focused on comprehensive IAM suites or a combination of these.

1.1 Highlights

  • This Leadership Compass evaluates over 20% more IGA product vendors over the previous year.
  • The IGA market is growing, and although maturing it continues to evolve.
  • IGA is essential to business as a strategic approach to ensure overall IT security and regulatory compliance.
  • The level of identity and access intelligence has become a key differentiator between IGA product solutions.
  • Automation is a key trend in IGA to reduce management workload by automating tasks and providing process workflows.
  • Leading IGA vendors are increasingly focusing on supporting interoperability with other products and services through the provision of secure APIs.
  • The Overall Leaders are (in alphabetical order) Avatier, Broadcom, EmpowerID, ForgeRock, Hitachi ID, IBM, Ilantus, Micro Focus, One Identity, Oracle, SailPoint, Saviynt, SecurID, and Simeio.
  • The Product Leaders (in alphabetical order) are Avatier, Beta Systems, Broadcom, EmpowerID, Atos (Evidian), ForgeRock, Hitachi ID, IBM, Ilantus, Micro Focus, Omada, One Identity, Oracle, SailPoint, Saviynt, SecurID, and Simeio.
  • The Innovation Leaders (in alphabetical order) are Avatier, EmpowerID, ForgeRock, IBM, Ilantus, Micro Focus, One Identity, Oracle, SailPoint, Saviynt, SecurID, and Simeio.
  • Leading vendors in innovation and market (a.k.a. the "Big Ones") in the IGA market are (in alphabetical order) EmpowerID, ForgeRock, IBM, Ilantus, Micro Focus, One Identity, Oracle, SailPoint, Saviynt, and SecurID.
Full article is available for registered users with free trial access or a paid subscription.
Log in
Become a Member and read on!
Create an account and buy a Membership package or use our 7-days free trial period to access this and 600+ other in-depth and up-to-date insights.
Register and request your 7-day free trial
Register
Already convinced? Check out our packages
Choose a package
Table of Contents
1 Introduction / Executive Summary
2 Leadership
3 Correlated View
4 Products and Vendors at a Glance
5 Product/Vendor evaluation
6 Vendors to Watch
7 Related Research
8 Methodology
9 Copyright

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use