New Analyst Report: KuppingerCole Rates Top Identity Governance Administration (IGA) Solutions
When Identity Governance is a Must
“IGA is essential to business as a strategic approach to ensure overall IT security and regulatory compliance.” That’s a direct quote from Martin Kuppinger, Founder and Principal Analyst, and Richard Hill, Senior Analyst at the KuppingerCole analyst firm in their latest Leadership Compass Report from September. When an independent analyst firm that has focused on cybersecurity and identity for the last 17 years says something is essential, we should all listen.
IGA is a fundamental building block of an organization’s identity and access management strategy. It enables you to automate labor-intensive processes such as access certifications, access requests, password management, and provisioning to dramatically cut operational costs. It helps you drive regulatory compliance by eliminating manual efforts for IT audits. And it provides efficient control and automation for the identity lifecycle—managing joiners, movers, and leavers.
Today’s most modern IGA solutions also reduce the risk of unauthorized access by providing insight on risky user behavior, exploiting the advantages of cloud platforms, and by simplifying the user and admin experience.
Your IGA Solution Needs All This Just to Get in the Game
Are you ready? Here’s a small sampling of the long list of capabilities, the “most relevant high-level capabilities” that KuppingerCole “expects to see in this group of products.” Do you have these capabilities in your current identity governance solution? Need a good governance capability checklist? See the full table here.
Mobile Interfaces - Support existing Directory Services, both on-premises and in the cloud, as both source and target of identity information.
Access Request Management - Flexible User Onboarding Integration to HR/HCM systems and other sources for identity information and support for mapping identity data from different sources.
The breadth of Connectors - Connectors to a broad variety of target systems, both cloud services, and on-premises applications and systems. Provisioning users to cloud services, beyond just SSO, is considered a key capability.
Depth of Connectors - For certain target systems, connectors must support deep integration, beyond just creating accounts and simple group/role mapping. This specifically affects business applications with complex entitlement structures such as SAP.
Workflow Capabilities - Flexible workflows e.g. for access requests and approvals that can be configured to the specific customer’s demand, without coding.
User Self Services - Pre-configured user self-services e.g. for password management or access requests. Again, required customization should be feasible by configuration, not coding.
SoD Management - SoD (Segregation of Duties) management is another important capability. As of now, it is not a commonly found feature in IDaaS IGA, but we expect solutions to deliver at least a good baseline capability in this area.
Hybrid Support - Supporting the hybrid environments most businesses still have today is a key capability. IDaaS IGA must not be limited to SaaS-only target environments to deliver on its promise.
In addition to these technical capabilities, KuppingerCole evaluates IGA vendors on the “operational requirements such as support for high availability and disaster recovery, strategic focus, partner ecosystem, quality of technical support and the strength of market understanding and product roadmap.”
Employing the Governance Gorilla
I urge you to read the new KuppingerCole Leadership Compass report for yourself. Especially if you are in the market or should be in the market for additional identity governance capabilities. If you are already an IBM Security customer, you’ll be happy to know that for governance, the report spotlights IBM Verify Governance as one of the gorillas in the market (and BTW, that’s a good thing.) But please, do read through the entire publication—there is so much useful information—it’s a recipe for identity governance success. You shouldn’t have to suffer from a weak identity governance stance any longer.
And please, stay secure out there.