Major shifts in IAM/IAG (Identity Access Management/Governance) have been underway for some time now. The Computing Troika of Cloud, Mobile, and Social Computing creates new challenges. Different deployment models, new devices and mobile users, and more groups of users to deal with more closely are fundamentally changing the business demand for IAM/IAG. The good thing: There finally is strong demand not only from IT, Information Security, and Audit for IAM/IAG, but also from business.
However, there are also new challenges and new types of demand. The need for quickly on- and off-boarding business partners, giving access to business partner applications, managing access to the Cloud, integration of customers using various types of logins, etc. – all these are new challenges that extend the scope of IAM and IAG.
Cloud-based IAM has gone from being an emerging market offering innovative solutions, with concerns from some larger customers about the capabilities and maturity of these offers, to being an established market which now competes directly with the traditional IAM vendors. For example, in the area of federation and Web Access Management (WAM), cloud vendors offered solutions with strong capabilities for enabling single sign-on (SSO) to cloud application providers, but did not provide the same breadth of capabilities that traditional WAM products offered to protect and control access to on-premise web applications. Ping is a major player in the cloud IAM market, and its PingAccess product is clearly positioned as a replacement for legacy web access management (WAM) products.
From the KuppingerCole perspective, Cloud IAM must be complementary to existing on-premises IAM, enabling organizations to seamlessly extend the reach of their IAM to new groups of external users. Some organizations will rely fully on Cloud IAM solutions, but for most of them, it is about enhancing their existing infrastructures.
Ping Identity is an established pioneer in the market for Identity Federation and Cloud IAM. The company is highly engaged in standards initiatives, driving the development of standards in the field of IAM. Ping Identity provides three products: PingOne as a Cloud IAM solution; PingFederate as an on-premises Identity Federation product; and PingAccess as a Web Access Management solution with full support for managing Web and API-based access that is common in machine-to-machine communication such as access via mobile apps or the IoEE (Internet of Everything and Everyone).
PingAccess is a solution that specifically focuses next-generation, multi-channel access management for web-based resources, be they browser based or not. This means that it can provide seamless access control to either on-premise browser-based application such as an employee portal, or control federated access to a cloud-hosted application-as-a-service, a mobile application which uses REST APIs, or any type of resource which makes use of REST-based APIs. PingAccess is an Access Management solution which integrates with PingFederate as its authentication engine. Together with PingFederate, PingAccess provides an enterprise-grade Web Access Management solution that provides a lightweight approach for supporting more complex use cases, policies and integrations.