Event Recording

The Value Paradox: The 3 Inflections of IGA


Log in and watch the full video!

Log in and watch the full video!

Upgrade to the Professional or Specialist Subscription Packages to access the entire KuppingerCole video library.

I have an account
Log in  
Register your account to start 30 days of free trial access
Register  
Subscribe to become a client
Choose a package  
Awesome. All right. Well, I actually use my apple watch to time me. Oh, we have a timer also, so that's great. So let's get started. I wanted to talk a little bit about, you know, the value paradox around identity management and identity governance. I think, you know, in reflecting what, what we've been doing over gosh, almost 30 years now, it's really interesting to see some of the things that I continue to see, which I'll, I'll talk a little bit more about here as we, as we carry on, but what I wanna talk a little bit about today is what is the state of identity, you know, from a market perspective, what is the value paradox? What are the inflection points that I've seen in my time around identity governance or identity management. And also what I think is next, coming with respect to let's call it the future of identity.
So the state of IGA or the state of identity and what customers are saying to me, and I'll be really honest with you is a, is a little disappointing. There was a Gartner study just a little while ago, and it was an excellent study and it showed a lot of the reasons why people were changing, making decisions to change their identity infrastructure. And, you know, there was, you know, 10% said this 4% said this, you know, 19% said that, but the most interesting thing to me was when you just took out the numbers of the folks that said they were happy with their, with, with their implementation, as it was today, it was only 24%. So in some ways that's really surprising to me. I mean, we've been at this for a long time, yet 76% of customers are unhappy with their existing solution. Another thing, and, and also somewhat disappointing to me in talking to Gartner was their decision to retire the magic quadrant and like any vendor, you know, we, we participated in the magic quadrant for many years. And I remember speaking with the guys at, at Gartner and I said, well, what's the decision around this? Why did you wanna retire it? And they said, there's a lack of innovation. And again, that was another disappointing thing to me again, when you've, you've put your life into this, you know, you hope that three quarters of the customers aren't tossing out their software every few years, but that's, that seems to be the way we are.
So one of that, you know, just to give you one small tidbit about that, I spoke to a number of customers over the last couple of days. Now, how many of you know, how long active directory has been released for, does anybody remember? It was February, 2000. So what was that? 22 years ago? And I talked to a customer yesterday that had a problem with a vendor integrating with active directory. And I talked today with a customer who was so fed up with their vendor's integration with Azure, that it almost wanted to make me cry. I mean, if we're still at the point where we can't handle these off the shelf products, as, as we should be able to handle them, it is disappointing, but a number of things that I've seen that that really bother me, you know, that I think give pause to the value is just the, the cost and infrastructure around a lot of the identity solutions that are out there, whether they're SAS or whether they're, on-prem buying the, the virtual machines, deploying the virtual machines, monitoring the virtual machines, whether it's that, or whether it's monitoring your vendors installation and making sure that their systems are all all up and operational.
And I'm not saying that I'm any better from that perspective. When I used to work at one identity, we had to be worried about whether or not, you know, Azure instances were up or another company I was at. We had to worry about AWS instances being up all of these things, I think just add up around the cost and infrastructure for, for customers. And, and again, you know, disappointing and speaking of disappointing literally for the last 10 years, but especially over the last few years, I hear this resounding you know, kind of tide of the user experience just sucks. People have to go to a different UI, get a completely different experience, just to request an entitlement of some nature. And all of our customers are trained on this other system to request a laptop or to book an airline ticket or what have you, but the identity system is separate.
And, you know, there's just, if you, if you, if you step back and you think about what I just said, 76% of customers are unhappy. Imagine you go out and you train all of your employees on the new system that you just put in, you bring in a set of vendors, or you bring in a vendor, your favorite partner to get your system installed from that vendor. Right. And we all know that the vendor for company X is also not, is not going to be a vendor for company Y so if you throw X out and replace it with Y guess what you're doing, you're bringing in a whole new set of vendors and you're training all of your employees again in a different user experience. Again, it's just another area where I don't think we as an industry have provided the value that we should be.
And then lastly, and I think this is really important and something I'll, I'll, I'll talk a little bit more about, we've just built another silo, right? If you step up out of the basement and I hate to say it, I'll say it about myself. You guys can, you guys can be on the bridge of the, of the ship if you want. But sometimes I feel I'm down in the, in the boiler room, shoving, shoveling the coal we've, we've really created another silo within the organization. So we've got our identity silo, we've got our accounts receivable silo, we've got our internal audit silo. We've got our, you know, our accounting silo. What have you, it's just yet another silo. And again, something that has to be maintained and is separate from, in a lot of cases, what the business is doing.
So in order to sort of, I wanna set the stage a little bit around a few of these inflection points that we've had. So I can give you my thoughts about where I believe things are going. So when I first got into this business, the whole point of the product that we were selling and what a lot of the vendors were selling at the time was to synchronize email addresses between multiple different systems and then ultimately to do provisioning. So when someone started on day one, they would have their active directory account, or, you know, as I mentioned here, you know, back back in the day, CC mail, Lotus notes, you know, Dase all of those different things needed to have an account. And they were all handled by the local administrators in, in typically in house network admins and later the it departments. And the challenge was the, the days or weeks to grant access.
In fact, you know, just an interesting, an interesting factoid when we joined Microsoft and came in with the, the zoom it product, the meta directory product, and Mike, what someone mentioned yesterday, Microsoft meta directory services. What we found was that Microsoft, it would on average take between seven and nine working days to get every, someone completely provisioned. Didn't really matter for an employee. If I was sitting there and I, I, I didn't have access. It wasn't a big deal, but Microsoft and probably you guys, and like I am today, we pay contractors a lot of money. And to have them sitting around for seven to nine days was something that was justifying a purchase of a product like ours. So one of the things from my perspective is this first inflection point was all about supporting it and making the it group more efficient.
The second inflection point was a little bit different. It was a few years later, not that much further, but we started as I think a lot of you probably saw a lot of regulatory rules came in both in the United States, especially to begin with, but eventually in the EU. So there were a ton of governance products that, that, that came into play. It was also in around 2005 when we first started seeing the true SaaS products coming to market, whether it was sale point, or if you remember of vexa back in the day, those products came to life and they were being sold primarily to help with governance, to help with a lot of these compliance issues. These things that potentially people would get large fines for. There was always the threat that somebody could go to jail. It was also the time that we started to see the migration or the, you know, the rise of the SAS products, right, going from on-prem products to SAS based identity products. And they started to proliferate lots of different vendors out there selling both on-prem selling SAS products. And even today, I'm sure you guys know you can go to your favorite vendor and typically buy the on-prem version of their product or their SAS version of the product. And in most cases, those products actually don't have the same feature set. So again, a lot of complexity and a lot of cost for, for the, the, the customer, which I don't think has been returned to the customer.
One of the things we saw also at this point in time was a lot of the products being kind of thrown out as part of this process, because the on-prem products didn't really take care of SAS, the SAS cloud products very well. So yet again, another inflection point and another reason why customers wanted to migrate or purchase new solutions. And then I think this is a little bit more about where I think we're starting to move towards where we start to see efficiency and security converge to drive business alignment. And what do I mean by that again, if you cast yourself back and, and, and I don't, I hate saying things like this, because then I'm the one that's the really old person. But I remember when I use CC mail for my mail package and I used Lotus 1, 2, 3 for my spreadsheet, and I used a product called word perfect, right.
For my, my, my typing F thank you. Thank you. And every single time that you went from one of these solutions to the other, when you were at your desktop, when you were sitting at your old IBM PC in 1990, you had a different UX, you had a different button to push for help. Control V was not control V in another product, right? So this caused a huge problem with productivity, cuz your brain was context switching all the time. What do I do when I'm in CC mail? What do I do when I'm Lotus 1, 2, 3, and then we saw Microsoft come out with something called Microsoft office where all of these things were under one umbrella and the interface and the user experience and the buttons and the control V and the control X were the same across the platform. I think that was a key thing.
And I believe something is very similar, is starting to happen in the identity area. So we're starting to see best of breed, SAS applications being replaced by best of suite SAS applications. A number of people have talked about this today, just around identity. But I think we're also gonna start to see it around business platforms in particular like ServiceNow, which is the one that's most interesting to me, but others also a better UX for all those reasons I talked about before, easier to get your customers trained, easier to bring a vendor in using a business platform, reduced friction, greater visibility and quicker time to value become possible when you're based on a business platform, the challenge I find, and this goes a little bit to what Gartner said about the fact that there hasn't been any innovation is things like AI, machine learning, deep learning.
Aren't really there yet around identity. There's some great stuff being done by, for example, if you, you were listening to Alex's talk on Microsoft about a lot of the signals that they get across the platform, which, which is amazing, but in the general deep into identity, we still have a long way to go around machine learning and artificial intelligence and like everything else that needs to be part of the platform that the business is using to get the most value. And that's kind of my point here is these cloud cloud native platform, native solutions is, are what we need and they have to align with the business investments. You see, I stroked out the word tech for real, for, for an important reason here. A lot of decisions around identity have been B have been made from a technical perspective, not a business perspective and there's nothing wrong with that, but I'm starting to see more and more customers and more and more folks in the market start looking at what their business is doing from a strategic perspective to drive the digital transformation in their organization and how that ultimately is gonna affect identity.
And I do believe in this last point here on the bottom, that it's the rise of these platforms where identity sits at the center of the business platform. And I mentioned, or I've listed a few of the ones here.
So I do really believe in this statement, that identity must become part of the business, not apart from it. And I've got a, I put a few quotes up here just to sort of try to illustrate a little bit of this. There's been some acquisitions recently, this acquisition of singular key, which was all about no code identity and security orchestration, awesome acquisition yet it's no code and low code identity orchestration in a different product. What about if your, what if your company is using yet another product that does low code, no code or orchestration? How do you merge these things together while the answer is you don't? So again, you have a loss of value, Todd McKinnon at Okta when they acquired a zero great quote, he said, identity has to rise up to be one of the primary cl one of those primary clouds. And if it doesn't, it will be just subsumed into other clouds and Okta won't reach its potential. He got it, right. Identity has to be part of the cloud, not apart from it.
And you know, I love O obviously I grew up at Microsoft, but I love the fact that they've got a product called power automate and they're starting to work it across all their different applications and merging into a lot of the different parts of the platform. And ultimately it's those kind of things. When they get back boarded in quotes into identity, that's gonna provide the real value for us. And we did a little survey. I know we've got the results down at our booth if you drop by. But when we, we went out, we basically asked, I can't remember how many companies it was, but it was quite a number of companies about some of their biggest problems with identity and getting value out of identity. And interestingly enough, 50% of the, of the respondents said that user experience top the list of challenges across most of the segments, whether they were an enterprise customer, a medium sized customer or a smaller customer.
And I think again, I just think that's hugely important user experience. And all we're doing is building more identity products that have different user experiences. And, you know, back to my point about how in the old days we might use CC mail and word perfect. And, and Lotus 1, 2, 3 40 5% of the people that we surveyed expected that they would get a high productivity boost if they used fewer applications or systems as it applies to identity. And I truly believe in that again, when I talk to customers, I hear the same thing from a lot of customers over and over again, my users don't like the fact they have to go from one system to another system, you know, it's, you probably have all experienced the very same thing that I experience on a daily basis, which is how do you know how remembering what you have to do in one system versus another system. So in con in, you know, sort of as my, my conclusion to the talk here, I really do believe that what we're gonna see in the future is more customers making purchase decisions based on the business strategy of the company, as opposed to the technical strategy, what is it that they're using to drive their digital transformation? Whether it happens to be service now, whether it happens to be Azure and then wanting to build their identity foundation on that business platform as a part of the business, not apart from it.
So with that, I'll thank you for your attention. And I hope that everybody sticks around for the awards and obviously the reception and more beer.

Stay Connected

KuppingerCole on social media

Related Videos

Analyst Chat

Analyst Chat #152: How to Measure a Market

Research Analyst Marina Iantorno works on determining market sizing data as a service for vendors, service providers, but especially for investors. She joins Matthias to explain key terms and metrics and how this information can be leveraged for a variety of decision-making processes.

Event Recording

Cyber Hygiene Is the Backbone of an IAM Strategy

When speaking about cybersecurity, Hollywood has made us think of hooded figures in a dark alley and real-time cyber defense while typing at the speed of light. However, proper cyber security means, above all, good, clean and clear security practices that happen before-hand and all day,…

Event Recording

The Blueprint for a Cyber-Safe Society: How Denmark provided eIDs to citizens and business

Implementing digital solutions enabling only using validated digital identities as the foundation for all other IAM and cybersecurity measures is the prerequisite to establish an agile ecosystem of commerce and corporation governed by security, protection, management of…

Event Recording

Effects of Malware Hunting in Cloud Environments

Webinar Recording

Advanced Authorization in a Web 3.0 World

Business and just about every other kind of interaction is moving online, with billions of people, connected devices, machines, and bots sharing data via the internet. Consequently, managing who and what has access to what in what context, is extremely challenging. Business success depends…

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00