The Identity and Access Management Market Landscape



Similar documents
Research. Identity and Access Management Defined

Five Business Drivers of Identity and Access Management

Use This Eight-Step Process for Identity and Access Management Audit and Compliance

Key Issues for Identity and Access Management, 2008

Gartner Updates Its Definition of IT Infrastructure Utility

Security and Identity Management Auditing Converge

How to Develop an Effective Vulnerability Management Process

IAM can utilize SIEM event data to drive user and role life cycle management and automate remediation of exception conditions.

Cost Optimization: Three Steps to Saving Money on Maintenance and Support for Network Security Products

Research. Key Issues for Software as a Service, 2009

Document Management: Assessing Costs and Benefits

Research Agenda and Key Issues for Converged Infrastructure, 2006

Business Intelligence Platform Usage and Quality Dynamics, 2008

Q&A: The Many Aspects of Private Cloud Computing

The Five Competencies of MRM 'Re-' Defined

Additional Tools for a World-Class ERP Infrastructure

IT asset management (ITAM) will proliferate in midsize and large companies.

Private Cloud Computing: An Essential Overview

Microsoft and Google Jostle Over Cloud-Based and Collaboration

The Lack of a CRM Strategy Will Hinder Health Insurer Growth

Eight Critical Forces Shape Enterprise Data Center Strategies

The Four "A's" of Information Security

BEA Customers Should Seek Contractual Protections Before Acquisition by Oracle

The IT Service Desk Market Is Ready for SaaS

Toolkit: Reduce Dependence on Desk-Side Support Technicians

IT Operational Considerations for Cloud Computing

Hype Cycle for Identity and Access Management Technologies, 2005

Predicts 2008: The Market for Servers and Operating Systems Continues to Evolve

Selection Requirements for Business Activity Monitoring Tools

The Hype Around an Integrated Talent Management Suite Outpaces Customer Adoption

Deliver Process-Driven Business Intelligence With a Balanced BI Platform

The Value of Integrating Configuration Management Databases With Enterprise Architecture Tools

For cloud services to deliver their promised value, they must be underpinned by effective and efficient processes.

Mainframe Modernization: When Migration Is the Answer

Case Study: New South Wales State Department of Education Adopts Gmail for 1.2 Million Students

Microsoft's Cloud Vision Reaches for the Stars but Is Grounded in Reality

Best Practices for Confirming Software Inventories in Software Asset Management

Key Issues for Data Management and Integration, 2006

Knowledge Management and Enterprise Information Management Are Both Disciplines for Exploiting Information Assets

Organizations Should Implement Web Application Security Scanning

Vendor Focus for IBM Global Services: Consulting Services for Cloud Computing

Clients That Don't Segment Their Network Infrastructure Will Have Higher Costs and Increased Vendor Lock-in

2010 FEI Technology Study: CPM and BI Show Improvement From 2009

Responsible Vulnerability Disclosure: Guidance for Researchers, Vendors and End Users

The What, Why and When of Cloud Computing

Cloud Decision-Making Criteria for Educational Organizations

How Eneco's Enterprisewide BI and Performance Management Initiative Delivered Significant Business Benefits

The EA process and an ITG process should be closely linked, and both efforts should leverage the work and results of the other.

What Is the Role of Quality Assurance in a SaaS Environment?

Case Study: A K-12 Portal Project at the Miami-Dade County Public Schools

Consider Identity and Access Management as a Process, Not a Technology

Market Trends in 2002 and 2003

Now Is the Time for Security at the Application Level

The Current State of Agile Method Adoption

Tactical Guideline: Minimizing Risk in Hosting Relationships

Iron Mountain's acquisition of Mimosa Systems addresses concerns from prospective customers who had questions about Mimosa's long-term viability.

When to Use Custom, Proprietary, Open-Source or Community Source Software in the Cloud

Use These Guidelines for Making Better CRM Consulting Provider Selections

Q&A: How Can ERP Recurring Costs Be Contained?

Overcoming the Gap Between Business Intelligence and Decision Support

The Six Triggers for Using Data Center Infrastructure Management Tools

Managing IT Risks During Cost-Cutting Periods

CDOs Should Use IT Governance and Risk Compliance Management to Advance Compliance

Organizations Must Employ Effective Data Security Strategies

Research. Mastering Master Data Management

Business Intelligence Focus Shifts From Tactical to Strategic

Best Practice: Having a 'Big Picture' View of IP Telephony Will Give the Buyer More Control

Integrated Marketing Management Aligns Executional, Operational and Analytical Processes in a Closed-Loop Process

Real-Time Decisions Need Corporate Performance Management

Roundup of Business Intelligence and Information Management Research, 1Q08

Recognize the Importance of Digital Marketing

An outline of the five critical components of a CRM vision and how they contribute to an enterprise's CRM success

Key Issues for Business Intelligence and Performance Management Initiatives, 2008

Gartner Clarifies the Definition of the Term 'Enterprise Architecture'

Transactional HR self-service applications typically get implemented first because they typically automate manual, error-prone processes.

Choosing a Replacement for Incumbent One-Time Password Tokens

Gartner Defines Enterprise Information Architecture

Governance Is an Essential Building Block for Enterprise Information Management

Repurposing Old PCs as Thin Clients as a Way to Save Money

ERP, SCM and CRM: Suites Define the Packaged Application Market

Cloud, SaaS, Hosting and Other Off-Premises Computing Models

Modify Your Storage Backup Plan to Improve Data Management and Reduce Cost

In the North American E-Signature Market, SaaS Offerings Are Increasingly in Demand

Dutch University's Successful Enterprise System Implementation Yields Valuable Lessons

The Seven Building Blocks of MDM: A Framework for Success

Cloud IaaS: Security Considerations

Energy savings from well-managed data centers can reduce operating expenses by as much as 20%.

Gartner's View on 'Bring Your Own' in Client Computing

How to Choose Providers for Mobile Consumer Application Platforms

XBRL Will Enhance Corporate Disclosure and Corporate Performance Management

Invest in an analysis of current metrics and those missing, and develop a plan for continuous management and improvement.

Tips for Evaluators: Better Business Intelligence RFPs

Backup and Disaster Recovery Modernization Is No Longer a Luxury, but a Business Necessity

Embrace Virtual Assistants as Part of a Holistic Web Customer Service Strategy

Key Issues for Consumer Goods Manufacturers, 2011

The Next Generation of Functionality for Marketing Resource Management

Google and Microsoft Battle for the.edu Market

2009 FEI Technology Study: CPM and BI Pose Challenges and Opportunities

EHR Advantages and Disadvantages

Case Study: Denmark's Achievements With Healthcare Information Exchange

Transcription:

Research Publication Date: 7 November 2003 ID Number: COM-21-4534 The Identity and Access Management Market Landscape Roberta J Witty Integrating identity and access management components into an overall solution is timeconsuming and costly. Choose your first component and vendor wisely; this decision can determine the success of your IAM project. Reproduction of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice.

WHAT YOU NEED TO KNOW Identity and access management product integration costs can be from two to six times the cost of the software license fee. Reduce those costs by looking for a vendor that has an IAM product suite or has integrated other IAM vendors' products with a common identity administration facility. The vendor should assume contract management and customer support for the other vendors' licensed products that complete its IAM product suite. STRATEGIC PLANNING ASSUMPTION(S) By 2005, the complexity of integrating the components of IAM solutions will cause 60 percent of enterprises to choose product suites that are owned or licensed by, and supported through, one vendor (0.7 probability). By year-end 2004, password management vendors that don't provide user-provisioning products will go out of business (0.8 probability). By 2005, EAM vendors that don't provide enterprise identity administration functions or products, or comprehensive IAM suites (or partner solutions), will disappear (0.8 probability). ANALYSIS The component with which to start your identity and access management (IAM) implementation depends on your initial "pain point": If the help desk call volume related to forgotten passwords (such as account lockout) is 30 percent or more, consider a password management or single sign-on product. If you are implementing your first customer-oriented, browser-based application, an extranet access management (EAM) product is critical. If you have user accounts that have not been used for more than six months, and the person who is assigned to those accounts hasn't worked for the enterprise for a year, pursue a user-provisioning product. If passwords are not strong enough authentication for a business function (for example, database administrator or systems administrator access), consider a strong authentication product, such as tokens or biometrics. Once you implement the first component, choosing the next component from the right vendor is critical. Although part of this decision will depend on your next pain point, focus on how well the vendor can integrate with your IAM product implementations so that all user access not just internal or external can be managed from a common facility. Because of this growing requirement in the marketplace, IAM customers are migrating to a single-vendor or product suite approach. Although customers aren't buying and implementing all components simultaneously, they want to know that the components will work together with little integration effort when required. By 2005, the complexity of integrating the components of IAM solutions will cause 60 percent of enterprises to choose product suites that are owned or licensed by, and supported through, one vendor (0.7 probability). In addition to this product suite buying pattern, IAM customers want one-stop shopping for contract management and customer support of all underlying components. Also, in this uncertain economy, purchasing solutions in information security is risky because security vendors may fail, Publication Date: 7 November 2003/ID Number: COM-21-4534 Page 2 of 11

merge or change direction, which leaves the buyer without support. Thus, IAM customers are looking for a vendor that will support them in the long term. IAM Market Landscape Matrix Table 1 is a market product survey of vendors and their IAM components that you can use as a guide to create or expand your IAM road map. An "" indicates that the vendor has a separately sold product for an IAM component (see "Identity and Access Management Defined"): Authorization services Directory services Enterprise single sign-on Password management User provisioning Metadirectory EAM operating system (OS), Web or database management system (DBMS) Audit Portal Application server Partnerships are noted with the name of the vendor. The list of partners represents those known at the corporate level; there may be others that are not listed here that are point or one-off partnerships done in the field for specific engagements. Original equipment manufacturer (OEM) and software licensing arrangements are noted with the OEM vendor in parentheses for example, (BL). Publication Date: 7 November 2003/ID Number: COM-21-4534 Page 3 of 11

Table 1. IAM Market Landscape Matrix Vendor Auth. Svcs. Dir. Svcs. Ent. SSO Pswd. Mgmt. User Prov. Abridean ActivCard (ACTV) SIE ASG Software Solutions Metadir. EAM Audit Portal App. Svr. OS Web DBMS Okiok RL Okiok Systems RL Beta Systems Software BHOLD Blockade Systems (BLKD) btrst VASCO VASCO SECUDE PRG SIE WPRO HP Blue Lance BMC Software PL RL OBL BN Systems Thor Thor Consul Publication Date: 7 November 2003/ID Number: COM-21-4534 Page 4 of 11

Business Layers (BL) Computer Associates International (CA) Citrix Systems (CTS) (Citrix product stack ) Communicator Inc. (functionality offered as a service) Consul Risk Management SLB Maw (PL) BMC Courion (CRN) OBL Critical Path, Inc. () Entegrity Solutions Entrust () -PKI PL Evidian CAL Consul PLM TIBCO Lotus/ Publication Date: 7 November 2003/ID Number: COM-21-4534 Page 5 of 11

Hewlett-Packard (HP) Identix CRN CRN Maw RL SIE TIBCO VIGN /Tivoli () Imprivata Maware International (Maw) Microsoft () BLKD M-Tech Identity Management Solutions () Netegrity () OBL OBL (BL) PLUM NetIQ Novadigm Novell () (PROT) Oblix (OBL) ACTV PL BMC BMC OctetString PLUM VIGN Publication Date: 7 November 2003/ID Number: COM-21-4534 Page 6 of 11

Open Systems Management Open Network () Oracle () (Oracle product stack ) PassGo Technologies Passlogix (PL) () () CTS PL -PKI () Thor -AD -SSO -Unix NEC SFLNK SLB BMC Thor () () CTS OBL PistolStar -SSO Proginet (PRG) Protocom Development Systems (PROT) Radiant Logic (RL) Security () BMC CRN Thor BL BMC CRN Thor Fisch RL SIE SYNT Secure Computing CTS PLUM Publication Date: 7 November 2003/ID Number: COM-21-4534 Page 7 of 11

Siemens (SIE) GRD SMTR Microsystems Thor Syntegra (BT Group) (SYNT) Thor Technologies () () () TruLogica Vanguard Integrity Professionals VASCO VeriSign Vocent Solutions -voice Volcker Informatik BMC CRN (SAP) Suse Publication Date: 7 November 2003/ID Number: COM-21-4534 Page 8 of 11

Waveset () Wipro Technologies (WPRO) Publication Date: 7 November 2003/ID Number: COM-21-4534 Page 9 of 11

Vendor Key btrst betrusted PLUM Plumtree SUSE SUSE LINU CAL Calendra SFLNK SAFLINK TIBCO TIBCO Software Fisch Fischer Int'l Systems SLB Schlumberger VIGN Vignette GRD Guardeonic Solutions SMTR SmartTrust Source: Gartner Research (November 2003) Matrix Exclusions This matrix does not define "who has what" functionality. This doesn't mean that the functionality isn't provided in a vendor product. Because buying behavior is on a product-by-product basis, it is important to know which vendors have separate products so that you are not buying more functionality than you need. For example, password management is a common function that is provided by EAM and user-provisioning products. However, if you don't want the other functionalities found in those products, you shouldn't have to pay for them. This matrix also doesn't include the identity administration component. Identity administration is a set of functionalities available for user access management purposes across all products, and specifically for user-provisioning and EAM products (see "Identity and Access Management Defined"). Gartner believed that this functionality would evolve into its own market, given the success of Oblix's CoreID it hasn't. Many user-provisioning and EAM vendors provide identity administration functionality to manage their product suite offerings. Therefore, identity administration isn't a market. When there is a generic product offering in this area, we will consider defining it as such. Until then, consider those product suite vendors that provide identity administration functionality across their IAM component offerings. Choosing a Vendor The key components for an IAM product suite vendor are EAM and user provisioning. Other components fill out the offering, but they don't perform the bulk of the workload. Therefore, consider EAM vendors that have a user-provisioning product or strong partnership with a user-provisioning vendor, and vice versa. Many large IT vendors offer most of the IAM components, such as Computer Associates International,, Novell and Siemens. Others are entering the market with a multivendor product suite, such as Microsoft, Oracle and Microsystems. Information security vendors, such as Entrust, Netegrity, Security and Waveset, also are bringing product suites to market. There is little benefit in choosing an application platform vendor that supplies IAM components, unless you use that vendor's application platform suite for application development. In that case, look for extremely good pricing packages. To provide IAM capabilities across the heterogeneous platform environment, consider the full range of IAM product suite vendors in your initial review. Key Issues How will enterprises manage the complexity of authentication and access control in a highly distributed world? Publication Date: 7 November 2003/ID Number: COM-21-4534 Page 10 of 11

Acronym Key DBMS database management system EAM extranet access management IAM identity and access management OEM original equipment manufacturer OS operating system SSO single sign-on This research is part of a set of related research pieces. See "The Growing Need for Identity and Access Management" for an overview. REGIONAL HEADQUARTERS Corporate Headquarters 56 Top Gallant Road Stamford, CT 06902-7700 U.S.A. +1 203 964 0096 European Headquarters Tamesis The Glanty Egham Surrey, TW20 9AW UNITED KINGDOM +44 1784 431611 Asia/Pacific Headquarters Level 7, 40 Miller Street North Sydney New South Wales 2060 AUSTRALIA +61 2 9459 4600 Latin America Headquarters Av. das Nações Unidas 12.551 9 andar WTC 04578-903 São Paulo SP BRAZIL +55 11 3443 1509 Publication Date: 7 November 2003/ID Number: COM-21-4534 Page 11 of 11

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information