1 Introduction / Executive Summary
Identity Governance and Administration (IGA) combines the traditional User Access Provisioning (UAP) and Identity and Access Governance (IAG) markets. While many vendors today offer combined capabilities to qualify as IGA vendors, a few, especially the new entrants, provide either Identity Lifecycle Management (ILM) or Access Governance capabilities to cater to specific needs of the organizations.
The IGA vendors differ in the depth and breadth of functionalities offered and thus can be classified as either provisioning or governance focused. This KuppingerCole Leadership Compass provides an overview of the IGA market with notable vendors and their products or service offerings in the market.
From our interaction with organizations of varied IAM maturity across the industry verticals, we note that while some are still looking for an Identity Lifecycle Management solution with limited or no Access Governance capabilities, many others demand a strong Access Governance solution. The latter is mostly the case when organizations already have Identity Lifecycle Management in place or when their starting point is Access Governance. One of the adoption patterns we have observed in the market is where fulfilment through Identity Lifecycle Management is achieved via a managed service, and Access Governance is run by and within the organization itself to retain absolute control over governance functions. There are several other adoption patterns witnessed in the market where customer's immediate requirements are limited to either Identity Lifecycle Management or Access Governance but do not demand an IGA solution. In most other cases where there is a need for both, IGA products are preferred over provisioning or governance 'only' solutions to achieve the desired mix of capabilities. This is generally true for greenfield IAM implementations that have a need for both Identity Lifecycle Management and Access Governance capabilities. It is important that organizations scope their IGA requirements well before starting to evaluate IGA products that differ in the strength of IGA functionalities making most of them better aligned for either provisioning or governance focused deployments.
Based on the adoption trends, changing customer priorities, and deployment patterns, we decided to center on Identity Governance and Administration holistically to help security leaders identify relevant IAM market segments and subsequently shortlist the most appropriate technology vendors based on their immediate IAM priorities. In this Identity Governance and Administration Leadership Compass, the primary focus is on the vendors that offer both Identity Lifecycle Management and Access Governance capabilities, either as a common product or separate but integrable product components to deliver capabilities across the IGA spectrum.
This IGA Leadership Compass is complemented by two other Leadership Compass documents - LC IGA for SMBs (small and midsize businesses) that identifies and focuses on functional and operational IGA requirements of SMBs that are different in both objective and magnitude than large organizations. The other Leadership Compass is LC IAM Suites that focuses on comprehensive IAM suites and evaluates vendors for their completeness and functional depth of IAM portfolios to include core and even adjacent IAM capabilities such as Privilege Management, Enterprise SSO, Identity Federation, Web Access Management, API Gateways, Fraud Detection and Prevention etc. in addition to IGA as an integrated offering.
With these various LCs, we aim to provide CISOs and security leaders responsible for IAM the most practical and relevant information that they need to evaluate technology vendors based on the specific use-case requirements, whether these are IGA-driven, provisioning focused, governance focused, focused on comprehensive IAM suites or a combination of these.
- This Leadership Compass evaluates over 20% more IGA product vendors over the previous year.
- The IGA market is growing, and although maturing it continues to evolve.
- IGA is essential to business as a strategic approach to ensure overall IT security and regulatory compliance.
- The level of identity and access intelligence has become a key differentiator between IGA product solutions.
- Automation is a key trend in IGA to reduce management workload by automating tasks and providing process workflows.
- Leading IGA vendors are increasingly focusing on supporting interoperability with other products and services through the provision of secure APIs.
- The Overall Leaders are (in alphabetical order) Avatier, Broadcom, EmpowerID, ForgeRock, Hitachi ID, IBM, Ilantus, Micro Focus, One Identity, Oracle, SailPoint, Saviynt, SecurID, and Simeio.
- The Product Leaders (in alphabetical order) are Avatier, Beta Systems, Broadcom, EmpowerID, Atos (Evidian), ForgeRock, Hitachi ID, IBM, Ilantus, Micro Focus, Omada, One Identity, Oracle, SailPoint, Saviynt, SecurID, and Simeio.
- The Innovation Leaders (in alphabetical order) are Avatier, EmpowerID, ForgeRock, IBM, Ilantus, Micro Focus, One Identity, Oracle, SailPoint, Saviynt, SecurID, and Simeio.
- Leading vendors in innovation and market (a.k.a. the "Big Ones") in the IGA market are (in alphabetical order) EmpowerID, ForgeRock, IBM, Ilantus, Micro Focus, One Identity, Oracle, SailPoint, Saviynt, and SecurID.