1 Introduction / Executive Summary
Identity Governance and Administration (IGA) combines the traditional User Access Provisioning (UAP) and Identity and Access Governance (IAG) markets. While many vendors today offer combined capabilities to qualify as IGA vendors, a few, especially the new entrants, provide either Identity Lifecycle Management (ILM) or Access Governance capabilities to cater to specific needs of the organizations.
The IGA vendors differ in the depth and breadth of functionalities offered and thus can be classified as either provisioning or governance focused. This KuppingerCole Leadership Compass provides an overview of the IGA market with notable vendors and their products or service offerings in the market.
From our interaction with organizations of varied IAM maturity across the industry verticals, we note that while some are still looking for an Identity Lifecycle Management solution with limited or no Access Governance capabilities, many others demand a strong Access Governance solution. The latter is mostly the case when organizations already have Identity Lifecycle Management in place or when their starting point is Access Governance. Some organizations are either looking at replacements of UAP and ILM or a IAG only solution. However, most of them want a comprehensive IGA solution, and this increasingly as-a-service. This development is the reason for combining IDaaS IGA and on-premises IGA into this one report. Following this Leadership Compass will be a separate report focussed on Access Governance/IAG, which is the only market where we, in the field, observe some companies looking for specialized governance solutions.
One of the adoption patterns we have observed in the market is a managed service achieving fulfilment through Identity Lifecycle Management, and Access Governance is run by and within the organization itself to retain absolute control over governance functions. There are several other adoption patterns witnessed in the market where customer's immediate requirements are limited to either Identity Lifecycle Management or Access Governance but do not demand an IGA solution. In most other cases where there is a need for both, IGA products are preferred over provisioning or governance 'only' solutions to achieve the desired mix of ILM and Access Governance capabilities such as for greenfield IAM implementations. It is important that organizations scope their IGA requirements well before starting to evaluate products that differ in the strength of functionalities making most of them better aligned for either provisioning or governance focused deployments.
Based on these adoption trends, changing customer priorities, and deployment patterns, we decided to center on Identity Governance and Administration holistically in this leadership compass to help security leaders identify relevant IAM market segments and subsequently shortlist the most appropriate technology vendors based on their immediate IAM priorities. In this Identity Governance and Administration Leadership Compass, the primary focus is on the vendors that offer both Identity Lifecycle Management and Access Governance capabilities, either as a common product or separate but integrable product components to deliver capabilities across the IGA spectrum.
This IGA Leadership Compass will be followed by an upcoming Leadership Compass for Access Governance. LC IGA for SMBs (small and midsize businesses) that identifies and focuses on functional and operational IGA requirements of SMBs that are different in both objective and magnitude than large organizations. The other Leadership Compass on Access Governance will be a specialized version which will evaluate vendors based on core access governance capabilities. It will not include vendors who have strong ILM capabilities. A Market Compass (MC) on IAM solutions for mid-sized organizations is in development, while a leadership compass on Identity Fabrics replaces LC IAM Suites.
With these various LCs and MCs, we aim to provide CISOs and security leaders responsible for IAM the most practical and relevant information that they need to evaluate technology vendors based on the specific use-case requirements, whether these are IGA-driven, provisioning focused, governance focused, focused on comprehensive IAM suites or a combination of these.
1.1 Highlights
- This Leadership Compass evaluates 25 IGA product vendors and over 12% new vendors compared to the previous year.
- The IGA market is growing, and although maturing it continues to evolve.
- IGA is essential to business as a strategic approach to ensure overall IT security and regulatory compliance.
- The level of identity and access intelligence has become a key differentiator between IGA product solutions.
- Automation is a key trend in IGA to reduce management workload by automating tasks and providing process workflows.
- Leading IGA vendors are increasingly focusing on supporting interoperability with other products and services through the provision of secure APIs.
- The Overall Leaders are (in alphabetical order) Avatier, Broadcom, Bravura Security, EmpowerID, Evidian, IBM, Micro Focus, Microsoft, Netwrix Corporation, Omada, One Identity, Oracle, RSA, SAP, SailPoint, Saviynt, Simeio
- The Product Leaders (in alphabetical order) are Avatier, Beta Systems, Bravura Security, Broadcom, EmpowerID, Evidian (Atos), IBM, Micro Focus, Microsoft, Netwrix Corporation, Omada, One Identity, Oracle, RSA, SailPoint, Saviynt, Simeio, ZertID
- The Innovation Leaders (in alphabetical order) are Avatier, Bravura Security, Broadcom, EmpowerID, Evidian (Atos), IBM, Micro Focus, Microsoft, Netwrix Corporation, Omada, One Identity, Oracle, RSA, SAP, SailPoint, Saviynt, Simeio
- Leading vendors in innovation and market (a.k.a. the "Big Ones") in the IGA market are (in alphabetical order) Bravura Security, Broadcom, EmpowerID, Evidian, IBM, Micro Focus, Microsoft, Netwrix Corporation, One Identity, Oracle, RSA, SAP, SailPoint, and Saviynt,