Okay, so hello everyone. Welcome to today's webinar, IGA Embracing Trends and Amplifying Core Capabilities. My name is Nitish, I'm a research Analyst at Kuppinger Code. In today's webinar we'll take a look at what is I G A, why we need I G A, what are the core capabilities of an i g solution and how can these capabilities help organizations in their day-to-day activities. We'll also take a look at some other aspects of keeping our goals such as the how we make the Leadership Compass report and also our newest tool case you can select. Before we begin, I would like to mention some housekeeping rules. First is the audio control. You all are centrally muted, so we are controlling it from here. You don't need to mute or unmute yourself. And as always with our webinars, we want to keep them interactive. So we will be running two polls during this webinar and we'll discuss the results of this poll during the final q and a session. So I would like to encourage everyone to please join in participating in this polls and cast your words. The q and a session will take place towards the end of the webinar, but you can enter the questions at any time using the C event control panel and we'll address some of the questions towards the end. And finally, we are recording this webinar and we'll make the recording as well as the slide deck available after a webinar in the coming days for your download.
So let's take a look at today's agenda. First is we'll talk about I G A and an overview and about its capabilities. Next is we'll talk about the evaluation criteria that keeping your core users to evaluate IG solutions. Third, we'll then look at the methodology of creating a leadership comp report as well as the various categories which are used for evaluating a solution. And finally we'll take a look at the KC Open Select. It's the new tool which has gone live and igs O I G page has just gone live yesterday, so we'll give you a preview of that. I would like to begin today's webinar by starting a poll. And my first question to you all is what will be the main motivation for you to upgrade or implement IG in your organization? Is it A improved security and regulatory compliance? B, automated tasks C, centralized governance visibility, or is it the improved user experience?
I think I'll give you now another 15, 20 seconds to cast your votes. You will see that in front of your screen any second now. So yeah, thank you everyone for your votes. Let's, I'm excited to see what, what are the results and yeah, we'll check that out in the final session. So let's, let's start with I G A. Why I G A is needed and what is I G A? So I g A is basically to about two main terms. First is the identity lifecycle management, which deals with creation, modification, division of identities, as well as it also deals with types of identities and target systems. And then we have the access governance part, which provides a centralized visibility to organizations and to to evaluate three main questions to ask, which is who has access to what, who has access to what and why and who granted this access.
So the I G A market combines user access provisioning and the identity and access governance market. So this is the main highlight of the solution, but how, how should you evaluate selecting an IG solution? And that starts with first identifying the core capabilities of an IG solution. And we'll start with the first one. That is identity lifecycle management and it provides all the necessary tools and mechanisms for creating, modifying and deleting of user identities. In other words, it's also known as joiner mover or leave a process. So that is included in this first core capability. Identity lifecycle management also offers inclusive support for all our interrelated events, either through the available connectors for automated provisioning and depro provisioning or use of workflows for manual intervention, management of user accounts and access entitlements across a of IT systems, including cloud-based applications is becoming increasingly popular and important requirement for identity lifecycle management as a capability in I G S solution.
Next is the policy and workflow management. Policy management deals with the tools for delivering rule-based decision making, which is based on pre-configured rules for identity lifecycle events. And these events could be such as account termination, role modification, rights delegation, S O D mitigation in that sense. And the enforcement of these policies is, is either triggered by the lifecycle of the identity or is defined by associated workflows and workflow management is concerned more towards defining the necessary actions that need to be taken in support of successfully executing certain events or making certain decisions. This includes also orchestration of tasks involved in the overall decision making process to support the business requirements. Workflow management should also allow easy customization and configuration to include common business scenarios such as approval delegations, escalations and et cetera. Third we have is role governance. Role governance refers to the capability of having control and visibility on the entire lifecycle of a role, which it starts from its inception towards the decommissioning.
In our typical role-based access control setting, the role governance monitors and tracks the key processes during the lifecycle of a role. Access request management is more about self-service user interface to the users to request access to the various IT assets that they wanna access. Now, access request management also encompasses the entire process of delivering a user-friendly approach for requesting the access. Now one example is the shopping cart approach, which is becoming quite popular for searching and requesting access to deliver better experience to user. Several vendors we have seen are using this flexibility approach for of configuring workflows to allow for modification of access requests after the request submission and before actually fulfilling based on the business process requirements.
Password management is another aspect of self-service where it allows for password resets and account recovery in passwords. Another thing that allows that password management allows is password synchronization across different IT infrastructure devices and applications. Some of the i g vendors offer risk appropriate identity proofing mechanism in case of forgotten passwords and this is on top of the already existing multiple layers of forms of authentication that the user has to go through or initiating password changes. Now, identity analytics and AI machine learning this, this is the new, you can see the trend that is emerging in IG market in the last 15, 16 months. We have seen the use of machine learning AI and overall automation on the rise. So when talking about identity analytics, it uses these machine learning techniques to derive critical information from already existing lots of data and then that helps to make and that and that it provides this information to making better decisions based on before the business.
Another thing that identity analytics and AI ML is that it also is being seen prominently in other tasks of I E G, such as automated access reviews, automated access entitlements, and even things such as correlation of identity events across this disparate systems to derive actionable intelligence. So that's the thing which we have seen in the last is that this is becoming fast as one of the things that the vendors are trying to innovate. Access certification is a key capability to gain organization wide visibility. So it this is one of the more key feature of an I G A solution and access certification allows processes and access reviews to manage attestations that users only have access right necessary to perform their job functions. Access certification campaigns also facilitate faster and accurate review of access by highlighting policy violations and permission conflicts in users access entitlements. And this is based on across multiple applications that it takes into consideration more commonly based on resource level or hierarchy requirements.
Access certification capabilities are increasingly becoming risk aware to include micro certifications based on the risk of an identity lifecycle event. Unlike certain things such as periodic access certifications, even based micro certification con is contributing significantly to continuous access governance capabilities of an organization. Next is the SS o D controls management and this refers to the controls that are important to identify track, report and mitigate S O D policy violations, which which could lead to internal fraud in organization or authorized access in. In some cases these controls are crucial to manage role-based authorization app application across applications with complex authorization models. What one thing is is that that I G A controls provide more core screened abilities to identify s o D risks than at the fine grain ment level found in other complex home applications. And for example, E R P solution key controls that are offered as part of this S O D controls management includes cross system risk analysis, compliant user provisioning, emergency access management, advanced role management, access certifications and so on, reporting and dashboarding.
This this one refers to creating valuable intelligence out of enormous amounts of data that is available. Dashboarding, it's, it's an important auditing control to monitor effective operation of IG processes. IG vendors are offering inbuilt templates for reporting with the ability to customize customize reports and suits, business auditing and reporting objective. Most vendors are also allowing for IG data export using certain specified industry stand industry formats into third party reporting analytics tool for advanced data modeling and business inte intelligence for the purpose of you can say reporting and dashboarding capabilities of I G A vendors and vendors are also vendors also trying to see if they are compliant with the major frameworks that are available in the market right now. Then is the ease of deployment that we are looking at in ease of deployment is more about how the I G S solution can be deployed on your system.
Is it and how is it delivered as well? Is it delivered in base of container? Is it delivered on a public cloud, private cloud? And so that that comes under the ease of deployment. Next is automation support. This one is similar to the AI and ML park, which we discussed earlier is using automation to, to automate these less critical task, which do not require high level decision making. Then the third party integrations is also integrated as a capability of IG solution. And finally the scalability and performance. This this relates to if the solution is equipped enough to be able to scale to the organization's needs and can it match the performance that is required.
Now that brings us to what are the activities that can be supported by I G A in an organization and that starts with first automated provisioning and de provisioning of user accounts across all the target systems. Next is management of access, entitlements and associated roles of users across all across the IT infrastructure configuration and enforcement of policies. Not just static but also event driven access policies for the accounts to access the IT systems and applications. User cell service allows users to validate their access to systems request password and and also request additional access that that can be also supported by an IG solution. And then access certification, access reviews more about supporting on demand and even driven user access certification campaign to detect and mitigate access violations. Auditing and reporting of access activities or is leading to critical information regarding servicing and monitoring and optimization is also supported.
A few more things which come to my mind other than these points is synchronization of identity attributes and access entitlements which are related to user accounts and groups across the entire identity repositories. Another one is the verification and synchronization of user account passwords and other identity attributes from an authorized event and source across the identity project. Finally, one thing which also which can be supported by IGA A is, is the reconciliation of access across the IT environment based on the defined policies to ensure compliance and compliance prevent any other policy violence violations, S O D policy violations.
Now when it comes to evaluating I GS solutions, we're keeping our call have a few set of criteria that we go through and in this segment we'll take a look at the technical requirements that we assess and write. And that starts with these eight categories that we look at when we are evaluating an IG solution. These are the technical categories. We have many other categories, categories, categories that we look at, but these are the highlight ones. The first is access and review support, where we look at integrated access governance capabilities that are sup that can support activities such as the review and disposition of user access requests, certifications campaigns, access remediations. Also something that is also looked at in the in this segment is the s O D controls to identify track report violations. So that is all part of this access and review support.
Next is the architecture and hybrid environment. And this kind category represents a combination of the architecture. Where we look at and focus on is how is the architecture, is it modern modular, how is it based on microservices? And we also take into account how is the deployment done? Is it container based which provides more flexibility or is it in some other format? Something else that is evaluated in this category is the solutions ability to support a hybrid and environment for customers that anticipate or are currently taking an intermediate step towards migrating from on-premise to the cloud. The third is the centralized governance visibility. This is the, this is we look at from your, the dashboarding capability where the OR organization can have a centralized view of all the issues related to access governance. And so that is the point which is take taken into consideration here then is the, again, identity lifecycle management.
We look at not just how the lifecycle of an identity is managed, but we also look at we some other capabilities such as access to identity store data modeling and mapping and also what kind of different activities are supported in this solution. Identity and access intelligence is about the AI and machine learning and automation aspect. Advanced capabilities such as using machine learning techniques that can enable recognizing pattern for process optimization, role mining, role design, automated reviews and anoma detection are taken into consideration here. On top of this. Other things such as user access information, user access, recommendation, authentication and authorization is also taken into consideration in this one cell ion mobile service. Mobile support is about how the users can request access. What is the overall user experience, how is the user the layout of the tool. And so that is into the more you can say the physical aspect of the tool is taken into consideration here.
Target system support, this one is about not just the depth but the breadth of the connectors that we look at. And this is for on-premise as well as SaaS. So that that is one of the critical elements you can say for an IG solution is to have good target system support. And one thing we also look at is if the solution has the ability to create custom connectors based on the requirements. And finally the workflows and automation. This one is about advanced workflow capabilities, which includes graphical workflow configurations and also up to an extent how certain tasks can be automated and which task cannot be automated. And why that now brings us towards the third point of today's webinar is the leadership compass process. The methodology and this methodology consists of four stepss starts with research where we identify the vendors get briefings, we also conduct demonstrations with the vendors, try to see how the solution works and then we also receive a technical questionnaire from them.
Using all this information, we go into the next step that is analyzing here. We analyze the vendor in multiple categories and also we are writing here the draft of the report. Third is the fact check process. In certain cases when the research was first conducted and when the report was created, it takes around one to two months of time. So in this period maybe certain vendor has had new updates in those time period. So or there are some issues or, or there has been some roadmap items which are delivered in these two months. So we, we used this fact check process for addressing this and correcting some issues if there are with the vendor writeup. And finally, once it has been gone through our internal review as well as external review, we publish this Oracle Kuppinger call.com website. Now what are these categories that we look at when evaluating vendors?
There are in total nine categories and these are the first five categories which includes the security functionality, deployment, interoperability, and the usability of the solution. That means does the product meet the security requirements? Is what are the functional capabilities of the product? Is it easy to deploy, is it to deliver? Does it interact well with other services, third party integrations and how is the overall experience when it comes to using the actual tool for the admin as well as the users. And then the final four categories are around innovation, market ecosystem and financial strength. In the innovation we look at if the vendor is making any progress in terms of providing new, new solutions, new features to the product to make it more standout or is it. And the next is the market position. Here we look at more about the vendor, how many customers the vendor has in which geographical regions are the, are the customers base in which geographical regions they are operating in, which types of industries they're operating.
So that is evaluated in the market position segment in the ecosystem. We look at their overall partners and the, and how they're spread out globally. And finally it is about we look at the financial strength of the vendor. How is the company funded? What is the revenue of the company? Has the company been profitable and what are the overall employee? How many employees does it have and what, what are its r and d plans? So it's a very, very in-depth analysis analysis of the entire vendor as well as the product using these nine categories. And once we have done with our analysis, we start rating the vendors based on these four categories. First is the product leadership. This leadership category rates the vendors based on their functionality of the solution. Next is the market leadership. This one is about seeing how the vendor ranks when it comes to when their customers, when it comes to being present globally or in certain region.
Third is the innovation leadership where the vendors are rated based on how are they delivering new and useful features for customers and how are they trying to come up with new features in the market. And F fourth is the final one, which is the overall leadership segment. So this combines the first three product market innovation leadership into one single four oral leadership category which gives overview of all the vendors. So yeah, that's how the leadership Compass Pro is created. And before we move on to the results, I want to start with the second poll. So this one is, what is the hardest part of selecting an IG solution? Is it a vast number of vendors? B, understanding the capabilities that vendors provide, is it see fixed budget, fixed budget when it comes to the vendor if they're flexible or not? Or is it the secure selecting the right vendor?
So you'll have again, another 10, 15 seconds to answer this poll. So I encourage everyone to take part in this. Alright, so thank you Aaron for your votes. We'll discuss the results very soon. We're just towards the end of the webinar. So I would like to conclude with showing you the results on how you can see the results of our analysis using the case open select tool. Now, KC Open Select tool helps you to find the vendors based on your requirements. You can configure the requirements based on understanding what, what are the gaps you're missing, what you want to add. And it's a very interactive tool. You can play around with the categories of the spy graph and shows you all the vendors who can match your requirement and also a comparison between all these vendors to help you decide which one is the best.
Of course, it finally depends on the customer to see which vendor meets the category and they should do due diligence of the vendor IG solution provider to before going ahead. And here is a quick overview of the 2022 IG report we did in that report we rated these vendors on the left side. So we had 26, 27 vendors on the, which we rated. So it was quite a big report and, but we also have a section called as vendors to watch. In this section we, we have not rated these vendors, but we believe that these vendors are really good and they're showing good progress towards having a really good solution. So now talking about the KC Open Select, once you go towards the open K KC website, you will find the open select tool. You can select for i g from many other domains such as CMM password management.
And once you have on this page, you will see these, you can see, I'll bring my mouse here. So I g solution you can, in the bottom you can see various categories such as the highlights, the market market segment definition, the considerations that you should make before moving to a solution. The use cases we have, we have used a few use ca use cases to differentiate the vendors and rate them based on these use cases. Then overall you can find all those solutions that are available by just clicking here as well as the vendors. And that brings us to, yes, so these are the use cases which I was talking about. For example, over here you can see it's about user and access as well as work service and service. Then the internal considerations include things such as product scalability to identify if you have your, you do meet the prerequisites for the technical requirements. And these are the questions which you can ask the vendor before going to the selecting a solution. So we have also listed down some questions which you can go through and see before asking the vendor. So yeah, we have just over a minute left. So I would really like to see the poll results before we go towards the end. So if we can see the poll results takes a few seconds.
Yeah, so we have the first result that is what will be main motivation for you to upgrade or implement IG in the organization. And it's a tie. It's a tie between a improved security and regulatory compliance as well as C centralized governance, visibility and complete. And based on the IG solutions that we have right now, they have reached a maturity in these states. So it completely makes sense. The evolution is coming more towards improving the user experience and automated tasks or that definitely makes sense to have as a secondary priority. And if you take a look at the second poll result, what is the hardest part of seeing an i g solution? So in that A is the leader is 15% understanding the capabilities that vendors provide that, that's why. So we would like, I would like to show you, we showed you this case open select tool which helps you to go through all the vendors, what are the capabilities, what do they help in your requirements as well.
So this is where the KCU tool comes in handy for you. So yeah, thank you for the poll results. I'll go back to my slides. I would like to end by guiding everyone to our related research section. So if you want to find more information around the topic of I G A, you can find it here. Such as example is this leadership compass report. We had the PI bias compass as well as many more reports, which you have done our own I G A solution. I'll just quickly check if we have any questions to ask. Oh, we're okay. We're about time. So I would like to thank everyone for joining today's session and I hope to see you somewhere sometime next time, again soon on a webinar. Thank you.
