2021 identity governance & administration buyer’s guide

1

2021IDENTITY GOVERNANCE& ADMINISTRATIONBUYER’S GUIDE

© 2021 | Solutions Review | 500 West Cummings Park | Woburn, Massachusetts 01801 | USA

IGA BUYER’S GUIDE

2

MARKET OVERVIEWIdentity Governance and Administration (IGA) software helps enterprises ensure the right employees get the right permissions at the right time. It monitors user permissions at the macro-and micro-level, helping to define “roles” in regards to digital identity. Common use cases of IGA software include establishing set permissions and remediating excess permissions. IGA remains one of the most neglected aspects of enterprise cybersecurity—to the peril of many enterprise organizations. Of course, this also involves helping enterprises maintain visibility over their users and permissions—no mean feat even for smaller IT environments. According to the 2018 SailPoint Identity Report, only 20 percent of enterprises report having visibility over all of their users. Meanwhile, seven percent do not have any identity visibility at all. SailPoint also found that 88 percent of enterprises don’t govern access to the data they store in files. In fact, only ten percent of enterprises monitor their user access to file data. Without identity governance and administration, insider threats can move against businesses unopposed and external threats can access sensitive data without obstacle. Currently, the key capabilities in identity governance and administration include entitlements management, auditing, access request processing, policy and role management, and access certification. Lifecycle management is perhaps the most important IGA capability. It allows enterprises an opportunity to guarantee that users have the appropriate permissions from the outset, can change permissions as users change roles within the enterprise, and can promptly offboard a user no longer associated with the organization. All of these functions are absolutely necessary for enterprise identity management. Yet enterprises continue to neglect IGA solutions in favor of more traditional IAM products or privileged access management. Granted both are also necessary, but IGA can bolster their protections and visibility. The future of identity governance looks to move to the cloud and to Security-as-a-Service (SaaS). Cloud deployments of IGA aims to alleviate the challenges of on-premises deployment, and SaaS helps with both deployment and management.

Cue the process of seeking out, evaluating, choosing, purchasing, and deploying an IGA solution. Solutions come in a variety of flavors, each offering a particular set of capabilities, strengths, and drawbacks. Choosing the right vendor and solution is a complicated process—one that requires in-depth research and often comes down to more than just the solution and its technical capabilities.

Solutions Review has developed this Buyer’s Guide to assist buyers in search of the best possible tool to fit the needs of their organization. This resource features important questions to ask during the buying process, and full, one-page vendor profiles that provide a solution overview, three key features, contact information, and our own ‘Bottom Line’ analysis. Companion research, including our popular vendor comparison matrix, can be found at solutionsreview.com.

Ben Canner, Editor


IGA BUYER’S GUIDE

3

4 Questions You Should Ask When Evaluating An Identity Governance

Solution

Small-to-medium-sized businesses can generally rely on their human IT departments to analyze and manage the identities of their customers, employees, and supervisors. However, as enterprises scale, so do the demands of data, access requests, and permissions. Also, even small businesses can benefit from automation and permission management. IGA’s automated workflows can help relieve the burden on InfoSec professionals and improve their efficiency.

As part of your Identity Management policy, you should have your employees assigned to defined roles with clear access permissions for those roles. Furthermore, your Identity Management policies should enforce those roles and prevent access creep. If you do not have concrete roles and access policies in place, then an IGA solution will only serve as an ineffectual bandage; inconsistencies in policy assignment and enforcement will not alleviate the need for manual intervention.

What problems do you foresee as your business grows and scales? What kinds of InfoSec capabilities will you need as you expand your customer base? Failing to consider these questions leads enterprises to deploy a patchwork of disparate solutions to handle their problems as they occur rather than selecting solutions according to a complete cybersecurity strategy. Before deciding on an IGA solution, consider how you will integrate it with your current solutions and what problems you aim to solve with it.

Auditors and compliance managers often need to manually use comparison counts to monitor all the provisioning to create their reports and seek out discrepancies. This process is a lengthy and over-complicated mess of tracking entitlements, flagging inappropriate accesses and removing erroneous permissions. IGA can automatically track entitlements, identify and remove false authorization, and generate reports for compliance.

Am I the right size for an IGA solution?

Are there processes I want to automate with an IGA solution?

Am I looking to solve a short-term problem or a much wider one with IGA?

Will IGA help with our reporting/compliance needs?


IGA BUYER’S GUIDE

4

5 .......................................................................................

6 .......................................................................................

7 .......................................................................................

8 .......................................................................................

9 .......................................................................................

10 .....................................................................................

11 .....................................................................................

12 .....................................................................................

13 .....................................................................................

14 .....................................................................................

15 .....................................................................................

16 .....................................................................................

17 .....................................................................................

18 .....................................................................................

19 .....................................................................................

20 .....................................................................................

Broadcom

Fischer Identity

HID Global

IBM

Identity Automation

Micro Focus

Omada

One Identity

Oracle

Ping Identity

PlainID

RSA

SailPoint

Saviynt

Simeio

Tools4Ever

Solution Provider Profiles


IGA BUYER’S GUIDE

5

Broadcom folded CA Technologies’ end-to-end Identity Management portfolio with its Identity Suite, Secure Cloud IDaaS solution, Single Sign-On, Advanced Authentication and Privileged Access Management Capabilities. In fact, they renamed its CA Technologies portfolio to the Layer7 Identity Management solution. For IGA Layer7 provides an integrated solution for privileged user governance, role discovery, lifecycle management, and identity compliance. Layer7 also helps enterprises deal with entitlement creep; Broadcom’s identity management increases audit and compliance efficiency through streamlined governance campaigns.

Key Features

Broadcom1320 Ridder Park DrSan Jose, California

United States+1 (408) 433-8000

www.broadcom.com

Bottom LineBroadcom received the label of Niche Player in the 2019 Gartner Magic Quadrant for Identity Governance and Administration. Also in 2019, it received attention as a Visionary in the Gartner Magic Quadrant for Access Management; since Broadcom incorporated CA Technologies’ portfolio into its own, it should have the capabilities to protect complex and demanding environments. Broadcom was named to the KuppingerCole Leadership Compass for Identity Governance and Administration 2020 as a Leader.

Host-Based Access Control Layer7 protects critical servers with fine-grained security controls. It’s host-based access control protects and monitors files, folders, processes, registries, and connections; it can also manage and enable UNIX and Linux users to be authenticated using the active directory.

Layer7 Identity Suite This provides comprehensive identity management and governance capabilities through the user experience. As such, it seeks to simplify processes like access requests and access certifications. The Identity Suite also performs risk analysis and certification, enabling remediation actions.

Layer7 SiteMinderThis single sign-on capability simplifies access across cloud, mobile, Web applications, and more. It also provides dynamic scaling support for flexibility in controlling access management, with options for agent and gateway-based policy enforcement points.


IGA BUYER’S GUIDE

6

Based out of Florida, Fischer International provides Compliance and Audit features as part of its IAM solution: Identity as a Service (IaaS). IaaS is an enterprise-grade full-suite identity solution for your enterprise’s private cloud or on-premise servers. Fischer offers Access Governance features to automatically and reliably control user accounts and privileges across internal and external systems based on user risk profiles and roles. Fischer also offers complete audit logging for all security events, including provisioning, deprovisioning, workflow, and access requests. Fischer’s International provides over 100 out-of-the-box reporting options, ensuring comprehensive compliance for any industry or regulatory mandate.

Key Features

Fischer Identity9045 Strada Stell Ct

Naples, FLUnited States

+1 (239) 643-1500www.fischeridentity.com

Bottom LineFischer Identity’s full auditing and compliance capabilities will match the needs of small to medium businesses and larger enterprises alike, especially those concerned with keeping detailed records of their identity management activity for compliance. Fischer’s architecture should eliminate the need for customization, ideal for those looking to set their access governance policies without hassle. It appeared in the KuppingerCole Leadership Compass for Identity Governance and Administration 2020 and in CIOReview’s Top 20 IAM Solution Companies of 2020.

Compliance & Audit Fischer Identity audits all security events, and provides a real-time interface to empower administrators to review the full identity life-cycle of a user on-demand, allowing for careful permissions evaluation. It also automatically fills mandated reports through out-of-the-box reporting options.

Automated User ProvisioningFischer Identity can automatically detect user additions and modifications, and grant appropriate access across one or more systems to flexibly control access. It allows users to create their own profiles for self-service password resets and enables your Help Desk to perform “On Behalf Of” password management.

Access GovernanceFischer Identity conducts an initial compliance assessment followed by recertification reviews to monitor employees’ access to all of their applications from an actionable portal, preventing access creep across the network and allowing for actionable insights.


IGA BUYER’S GUIDE

7

Formerly Crossmatch, HID Global offers an array of solutions ranging from biometric sensors and read modules; these include OEM embedded reader modules and finished desktop readers that validate identity using fingerprints or hard tokens. HID Global’s solutions can integrate into existing business systems, both analog and digital. Its solutions feature advanced multifactor authentication, credential management, and analytics. A philosophy of Zero Trust drives its innovations and facilitates digital certification. HID Global also provides access control systems with support for a wide range of credential technologies. Also, it tailor its specific solutions to match with different verticals and use cases.

Key Features

HID Global611 Center Ridge

Austin, TXUnited States

+1 (512) 776-9000www.hidglobal.com

Bottom LineSpecialized solutions for government, defense, and law enforcement make HID Global an attractive solution for both public sector users and mid-sized enterprises. HID Global is perhaps most prominently known as a biometric authentication solution provider, but its capabilities also allow for extensive granular and multifactor authentication protocols as well as extensive access governances. Additionally, it works to increase visibility with real-time monitoring and const-control functions.

Automated Identity Lifecycle ControlHID Global offers enterprise-grade, large scale- solutions to automate the identity lifecycle of users for data and workplace access; it simplifies the issuance and management of authenticators and digital certificates. Also, it can help reduce regulatory risk and ensure compliance through auditable trails.

Access Control SystemsHID Global provides support for a wide range of credential technologies, including Seos, iClass, MIFARE, Prox, and more. It also offers custom, personalized support to meet organizations’ needs.

Advanced Multi-Factor AuthenticationHID Global implements a layered Zero Trust security approach to assist enterprises’ transitions beyond single factor authentication. Its multifactor authentication can secure all IT infrastructures and facilitate frictionless and flexible authentication options.


IGA BUYER’S GUIDE

8

IBM Security’s Identity Governance and Administration suite—Identity Governance and Intelligence (IGI)—combines the IBM Security Identity Manager (ISIM) with IBM Security Identity Governance (ISIG) solutions for strong automation and some of the strongest governance abilities in the identity security market. IGI covers enterprises’ user lifecycle management, access risk assessment and mitigation, certification, password management as well as analytics and reporting to enable businesses to make the right decisions on enterprise access and remain within industry compliance. IBM’s products typically offer deep functionality and strong connectivity with a broad range of complementary products.

Key Features

IBM1 New Orchard Rd

Armonk, NYUnited States

+1 (800) 426-4968www.ibm.com

Bottom LineIBM’s identity solutions, including its Identity Governance and Administration, are ideal for large organizations with global footprints as well as smaller enterprises. In fact, IBM designs its IGA solutions to accommodate complex deployments or needs; it has the experience and staff to make its solutions work. It also appeared in the Gartner Critical Capabilities for Identity Governance and Administration report in 2019. IBM was named a Leader in the KuppingerCole Leadership Compass for Identity Governance and Administration 2020.

Access CertificationIGI enables the business to run access certification campaigns to reconfirm users access needs with customizable, self-service user dashboards. This allows users to recertify access and enabling flexible workflows.

Data GovernanceIGI helps enterprises ensure that the personal data they process, collect, and store is properly protected, allowing only designated users to access and manage appropriate data. This also helps them fulfill compliance mandates.

End-To End User Lifecycle ManagementIGI streamlines access management, automates the identity lifecycle processes and reduces the need for manual labor. It includes role management, multilevel provisioning workflow, and integrated password management.


IGA BUYER’S GUIDE

9

Identity Automation’s, RapidIdentity, supports not only identity governance and administration capabilities but automated provisioning, and access and account management as well. These are available as both on-premises and SaaS deployments for all types of enterprise IT environments. Their Identity Governance solution ensures access controls are maintained and updated through business and data changes via a simplified policy configuration; this bypasses the need for custom coding which can add a serious burden to IT security teams. Identity Automation’s Rapididentity is centrally implemented and managed to enable efficient compliance reporting and easy permissions evaluation.

Key Features

Identity Automation7102 N Sam Houston Pkwy W

Houston, TX United States

+1 877-221-8401www.identityautomation.com

Bottom LineIdentity Automation is a smart choice for organizations and enterprises of all sizes looking to replace their legacy identity and homegrown tools with a new, next-generation IGA system. Rapid Identity can be deployed in weeks, as opposed to the typical months or years, and offers a broad set of out-of-the-box and configurable capabilities for customization.Identity Automation appeared in the KuppingerCole Leadership Compass for Identity Governance and Administration 2020.The Summer 2020 RapidIdentity update featured Scheduled Entitlements.

Multifactor Authentication Identity Automation enhances security with multifactor authentication across all applications. This eliminates the hassle of having to maintain a separate and dedicated token system. In addition, RapidIdentity’s applications are based on time-and-date-specific conditions or user location with time and role-based certifications.

Out of the Box Audit Reporting Identity Automation helps enterprise clients to demonstrate regulatory and industry compliance with comprehensive, out-of-box reporting capabilities and provides a complete audit trail and ad-hoc reports for both reporting and investigations.

Automated Lifecycle Management Identity Automation can help enterprises automate and streamline the processes of provisioning, deprovisioning, and granting new access rights for all users throughout their lifecycle, helping to prevent access and entitlement creep across the enterprise IT environment.


IGA BUYER’S GUIDE

10

Based out of the United Kingdom, Micro Focus owns the NetIQ identity and access management suite. The company offers both the NetIQ Identity Management and NetIQ Identity Governance. This suite is offered with several optional add-ons, such as Access Review—an identity governance add-on—and the NetIQ Access Governance Suite (AGS). Micro Focus’ Data Access Governance allows control over unstructured data and for greater visibility into data access. It can also streamline user provisioning. The product is described as lightweight and capable of scaling to billions of devices. As such, Micro Focus can monitor and record all enterprise users’ activities within the provisioned systems, as well as enforcing the Principle of Least Privilege.

Key Features

Bottom LineThrough the NetIQ suite, Micro Focus offers a robust yet affordable identity governance and administration-focused solution with a large network of channel partners, ideal for small to mid-sized businesses. It was named as a Challenger in the 2019 Gartner Magic Quadrant for Identity Governance and Administration and a Visionary in Gartner’s 2019 Access Management Magic Quadrant. Also, it appeared in the KuppingerCole Leadership Compass for Identity Governance and Administration 2020.

NetIQ Identity GovernanceMicro Focus provides a comprehensive identity governance solution that provides a business-friendly interface built on a common governance model. It spans all business processes relating to identity, access, and certification.

Data Access GovernanceMicro Focus allows enterprises to streamline their user provisioning, improve governance through access reviews, and alert owners to data access risks. The capability enables visibility into data access.

Access ManagerMicro Focus offers a simple yet secure and scalable solution that can handle enterprise web access needs without bogging down work processes with unnecessary security authentication demands.

Micro FocusThe Lawn 22-30 Old Bath Rd

Newbury, BerkshireRG14 1QN

United Kingdom+44-(0)-1635-565-200www.microfocus.com


IGA BUYER’S GUIDE

11

Denmark-based Omada has nearly 20 years in the identity governance and administration market. Omada features a flexible data model, excellent dashboards and powerful reporting capabilities, including closed loop reporting. User-facing elements of all identity lifecycle scenarios support a flexible data model for user entitlements. Omada also offers specific identity provisioning services and industry-tailored solutions for several verticals including Banking and Finance, Life-Sciences, Manufacturing, Public, Utilities, and Retail.

Key Features

OmadaOesterbrogade 1352100 Copenhagen

Denmark+45 7025 0069

www.omada.net

Bottom LineOmada’s highly vertical-specific solutions make them an interesting vendor for organizations in the Banking and Finance, Life-Sciences, Manufacturing, Public, Utilities, and Retail space; due to its strength in reporting, Omada is highly recommended for organizations with a high level need for governmental or industry auditing and compliance. Enterprise-level deployments may require more hardware than smaller ones, but the user interface is intuitive and even more complex deployments are fairly straightforward comparatively. Its Identity Governance has been recognized by Gartner as a Leader in the 2019 IGA Magic Quadrant.

Reporting and Attestation Omada provides a dynamic and adaptable (yet fully integrated) enterprise platform for both identity management and identity governance enabling efficient governance reporting, attestation, and identity administration. This assists with compliance mandates and processes.

Automation Omada automates compliance alerts and remediation tasks to appropriate business roles in your organization such as security officer(s), system owners, and managers to allow for misaligned privileges rescinding. Automation can alleviate workflow burdens in your IT teams.

Identity Governance and Administration Omada provides an integrated identity governance and administration solution that includes closed loop auditing processes and advanced reporting for industry compliance and internal evaluations. This includes onboarding and offboarding as well as lifecycle management.


IGA BUYER’S GUIDE

12

One Identity offers their Identity Governance Solution, which can come in 13 different languages, and therefore enjoys strong popularity in overseas markets. The One Identity solution provides a unified governance foundation that addresses enterprise management, auditing, and industry compliance needs; it is a modular and integrated approach to account governance that provides rapid time-to-value by offering comprehensive functionality. This in turn allows One Identity’s customers to build on their existing security and identity investments. One Identity offers different “editions” offered to different verticals, including but not limited to communications, banking, insurance, and media services.

Key Features

One Identity+1 (800) 306-9329

www.oneidentity.com

Bottom LineOne Identity’s strong out-of-box governance capabilities make it an ideal fit for organizations looking for a solution with good SAP integration and DAG integration. Its IGA capabilities have received high marks in the relevant industry reports like Gartner and Forrester. In fact, it was named a Leader in Magic Quadrant for Identity Governance and Administration. In 2020, it was named a Leader in the KuppingerCole Leadership Compass for Identity Governance and Administration.

Compliance One Identity streamlines the identity governance process of managing user identities, privileges, and security across the enterprise, including application access, unstructured data, and privileged accounts for mandated reporting.

Organic Integration One Identity’s solutions simplifies privileged governance with the ability to define user roles and associated policies, access approval workflows, and perform periodic attestation of privileged access to optimize protections.

Autonomous Control One Identity implements automated, code-less, business-driven provisioning and if relevant deprovisioning of user identities and access privileges across your enterprise IT environment, ensuring optimal identity lifecycle management.


IGA BUYER’S GUIDE

13

The Oracle Identity Governance (OIG) Suite is an integrated solution that centralizes security for applications and web services, and provides a single point of contact for support under a single license contract; this can be a boon for overstretched IT security teams looking for simple maintenance. OIG suite is marketed for and well-suited to large enterprise customers with substantial global footprints. As such, OIG is a highly complex, scalable, and flexible product, capable of solving identity governance problems for businesses of all sizes. They provide actionable identity intelligence through automated controls, rich dashboards, and risk-based analytics.

Key Features

Oracle500 Oracle Pkwy

Redwood Shores, CAUnited States

+1 (650) 506-7000www.oracle.com

Bottom LineOracle’s modular Identity Governance solution is well-suited for large organizations with complex IGA needs. However, it does appear to be positioning itself for future innovation: it can support a wide range of web applications and cloud architecture. Oracle has been named to the Gartner Magic Quadrant in 2019 as a Challenger; it also appeared in the KuppingerCole Leadership Compass for Identity Governance and Administration 2020 as a Leader.

Identity Auditor Oracle provides advanced, integrated identity security analytics for access certification built into the provisioning and deprovisioning processes for accuracy and efficiency throughout the full user lifecycle.

Privileged Account Management Oracle provides privileged account management to control access from shared accounts and delivers a rich audit trail. It provides integrated role and user administration to accelerate ROI and improve user productivity.

Identity Intelligence Oracle’s Identity Governance provides closed-loop remediation through integrated identity administration and analytics, ensuring sustainable industry and regulatory compliance and consistent reporting.


IGA BUYER’S GUIDE

14

Ping Identity’s PingDataGovernance solution is designed to provide centralized, fine-grain policy control over access to your enterprise’s stored identities and profiles for users and third parties alike. PingDataGovernance can restrict internal and external applications from accessing specific attributes, databases, or entire identity profiles, preventing access creep or misuse of credentials. The PingDataGovernance identity governance policies can help you adhere to your privacy compliance regulations and corporate mandates by restricting access to identity and profile data based on user consent, the requesting application, and even based on external data sources and threat intelligence.

Key Features

Ping Identity1001 17th StDenver, CO

United States+1 (303) 468-2900

www.pingidentity.com

Bottom LinePing Identity’s market emphasis is on large enterprises, and they have the services and support staff to make good on their particular interests. Ping Identity offers scalable single sign-on features and can support multiple workforce, third-party, and consumer identity use-cases. Reportedly, their implementation and adaptation is straightforward and effective compared to a good number of their competitors. They have devoted much of their research to identity governance and administration, with much of that geared to securing the notoriously vulnerable healthcare industry.

Data Access Governance Policies Ping Identity can help enterprises adhere to geographic, industry and corporate privacy regulations, and create customizable, declarative policies reflecting a broad range of data-sharing restrictions.

Account Administration Delegation Ping Identity allows for the delegation of the rights to create, read, update, and delete account attributes. It can enable views into obfuscated customer account data for knowledge-based authentication purposes while protecting privacy.

Consent Management Ping Identity can enforce customizable, centralized identity governance policies reflecting a broad range of regulatory constraints. It can also capture and enforce customers data-sharing consent, especially handy for GDPR compliance.


IGA BUYER’S GUIDE

15

Israeli-based authorization solution provider PlainID integrates with leading identity governance and administration solutions providing a real-time, policy-based Authorization Platform. They offer a policy-based access control (PBAC) solution that simplifies authorization to one point of decision, one point of control, and one point of view across enterprises’ cloud, mobile and legacy applications. The policy-based access control solution is designed to replace legacy role-based and attribute-based authorization solutions. Companies that use PlainID benefit from a scalable graph database-based authorization platform, and the flexibility to work in any language/ standard necessary including XACML, JSON, OAuth, SQL, MongoDB, etc.

Key Features

PlainIDYigal Alon 94

Tel AvivIsrael

[email protected]

Bottom LineWith its centralized and automated managed access control model, PlainID offers a viable solution for those enterprises seeking to replace their legacy access control models such as role-based or attribute-based with a modern sophisticated model. They’ve invested time and resources into their UX, thus making the tool easy for policy creation and increased visibility into roles and permissions across all enterprise assets. With global enterprise clients in various sectors, PlainID has the infrastructure and capabilities to support large enterprise users and mid-sized enterprises.

Universal Authorization Support Authorization decisions can be consumed using industry leading standards, XACML, OAuth & SAML alongside custom protocols. Quick allow/deny decisions per request can be made or a fully detailed response can be presented.

Fine-Grained Authorization PlainID provides their enterprise clients with a flexible policy that determines decisions based on a pattern or resource attributes all the way from the user’s profile to the resource/action. This helps protect resources and users consistently throughout the IT environment.

The Power of PBAC PlainID maintains control of all of the enterprise’s assets and data using Policy Based Access Control to define technical policies. Their runtime authorization matches business policies in real time, preventing workflow interruptions during normal hours.


IGA BUYER’S GUIDE

16

Still operating under the Dell umbrella, RSA offers identity governance and administration through its RSA Identity Governance and Lifecycle solution: a highly scalable identity management suite built from separately licensed components. RSA’s Archer Governance, Risk, and Compliance products are highly capable and a good fit for companies with heavy identity governance needs and stringent industry and regulatory compliance requirements; RSA provides a common foundation for managing policies, controls, risks, assessments and deficiencies across your lines of business and even including third-parties. In 2020, RSA was acquired by Symphony Technology Group.

Key Features

RSA174 Middlesex Tpke

Bedford, MAUnited States

+ 1 (781) 515-5000www.rsa.com

Bottom LineRSA’s strong suite of independently licensed governance modules makes the company a good fit for companies of all sizes looking for next-generation identity governance solutions. It met the technical requirements for the Gartner 2019 Identity Governance and Administration Magic Quadrant. RSA appeared in the KuppingerCole Leadership Compass for Identity Governance and Administration 2020.

Deployment Flexibility RSA allows enterprises to balance their administrative control, time to value, and cost considerations when planning their implementation with support for both on-premises and hosted deployments.

Access Control RSA’s identity governance enforces access specific data across systems, applications, and records to ensure users can only access what is relevant to them, preventing their permissions from becoming out of control.

System Integration RSA consolidates governance, risk, and compliance information of any type, seamlessly integrating data and security systems without additional software. It offers pre-built reports and dashboards for easy review and compliance.


IGA BUYER’S GUIDE

17

SailPoint’s true identity security strength lies in their access governance and administration capabilities, which build off of SailPoint’s background as a renowned innovator in identity access and governance. IdentityIQ, offered as a standalone on-premises product with several optional add-ons, is well-regarded by industry experts for its strong identity governance capabilities and provisioning capabilities. They specialize in hybrid IT environments and even offer hosted managed services for governance, a boon for enterprises looking to alleviate the burden on overstretched IT security teams. Their compliance controls can help define and enforce user access policies, preventing access creep via strict enforcement.

Key Features

SailPoint11305 Four Points Dr

Austin, TXUnited States

+1 (512) 346-2000www.sailpoint.com

Bottom LineSailPoint’s background as an innovator in identity access and governance makes the company an ideal fit for large organizations seeking comprehensive identity governance and administration capabilities. In fact, SailPoint has been named a Leader by Gartner in the Magic Quadrant for Identity Governance and Administration Report for 2019. Also, it appeared as a Leader in the KuppingerCole Leadership Compass for Identity Governance and Administration 2020.

Access Request and Automated Provisioning SailPoint manages access changes throughout a user’s lifecycle by applying governance to all provisioning processes. Sailpoint also allows users to reset passwords automatically, while enforcing corporate policy consistently across the IT environment.

Single Sign-On SailPoint provides convenient access to enterprise applications while maintaining control and visibility, thereby facilitating the user experience and business processes workflow throughout the network.

Data Tracking and ComplianceSailPoint helps enterprises identify where their sensitive data is located, who has access to it, and how they are using it and enforces controls. They automate the process of reviewing user access rights across your organization.


IGA BUYER’S GUIDE

18

Saviynt’s identity governance solutions enable enterprises to secure their applications, data, and corporate infrastructure in a single cloud or on-premise platform. They approach identity governance holistically, moving beyond core identity governance to incorporate cloud security, application GRC, and access governance—all within a complete cloud-based solution. Saviynt’s platform can facilitate and automate user access reviews, onboarding, and lifecycle management, import access and usage data from applications in real time or as a batch, recognize violations, and offer security remediations. Saviynt’s IGA solutions can also develop rules and roles-based policies on user data, attributes, and behaviors, and offer suggestions on managing roles and permissions.

Key Features

Saviynt5777 W Century Blvd

Los Angeles, CAUnited States

+1 (310) 641-1664www.saviynt.com

Bottom LineCustomers praise the capability and the prowess of the Saviynt solution and remark on its ease of deployment. Saviynt was recognized as a market Leader for its IGA solution by the Gartner Magic Quadrant report and an Overall Leader in the KuppingerCole Leadership Compass report in 2019. It continues to innovate on its solution and expand its reach. Saviynt was named as a Leader in the KuppingerCole Leadership Compass for Identity Governance and Administration 2020.

Access CertificationSaviynt allows enterprises to intelligently use identity lifecycle events and usage to automatically certify user access. It also gives administrators complete flexibility in managing user access requests and entitlements with a business-centric user experience and interface.

Cloud-Based Service Saviynt’s identity governance solutions are designed for a fast, simple deployment that works with customer needs and experience. It will work well with enterprise IT environments whether they be on-premises, cloud-based, or hybrid.

Identity Analytics Saviynt’s identity governance solutions compute user peer groups, identifies inliers and outliers, and automatically recommends permissions changes based on findings to prevent access creep and thus prevent insider threats and potential vulnerabilities.


IGA BUYER’S GUIDE

19

Simeio offers their own identity governance and administration service. That service, their Identity Orchestrator platform, automates compliance reporting and protects against both internal and external threats with password and role management, access creep prevention, segregation of duties enforcement, and identity proofing. Simeio’s Identity Orchestrator also offers Core Directory Services to help enterprises manage their identities on a global scale with directory solutions, as well as a Cloud Security infrastructure which can be automated for identity administration and role management. They released the Simeio Identity Vault this year.

Key Features

Simeio55 Ivan Allen Jr. Blvd

Atlanta, GAUnited States

+1 (844) 2-SIMEIOwww.simeiosolutions.com

Bottom LineSimeio’s managed service offerings are recommended for enterprises looking to shift the heavy Identity Governance workload burden from their IT departments or who are suffering from the cybersecurity staffing crisis. It specializes in cloud and hybrid environments, ideal for enterprises looking to undergo their digital transformation. It received recognition in the KuppingerCole IGA Leadership Compass for 2020.

Cloud and Hybrid SolutionsSimeio can provide complete on-site, private cloud, or hybrid operations and infrastructure support for your IGA systems. It automates compliance and protects against both insider and outsider threats with password and role management.

Access Management & Federation Simeio allows enterprise to implement single sign-on to any on-premise application or network resource. Simeio can also manage your end-to-end identity lifecycle for employees, partners, customers, and devices including remote identities.

Implementation Services Simeio facilitates the implementation and operation of new user interfaces and new softwares, and integrates with existing enterprise applications and identity stores to achieve a more complete identity security posture.


IGA BUYER’S GUIDE

20

A key member within the IAM field for nearly two decades, Tools4ever develops and provides standardized and affordable Identity Governance & Administration (IGA) solutions that can be deployed and adopted within a few weeks and are easily managed by enterprise IT security teams. Tools4ever also offers an in-house team of IT consultants to assist with IGA deployment and implementations, as well as self-service resets, centralized access reporting, audit logs, and SSO which all facilitate identity governance; this is crucial to enterprises with limited security resources and talent. They also offer identity management as a service through their HelloID solution, which is designed for cloud environments and offers identity self-service and workflow automation.

Key Features

Tools4Ever300 Merrick RdLynbrook, NYUnited States

+1 (866) 482-4414www.tools4ever.com

Bottom LineTools4ever’s quick deployment and consultant-assisted implementation offer fast results and ROI; the solution provider’s tools are a good choice for companies small and large looking to invest in IGA without hassles. Their as-a-service offerings are also ideal for enterprises suffering from the cybersecurity staffing crisis or from human talent being stretched too thin. Their deployments do not require much technical knowledge and are easy. Tools4ever scales well, which is essential for enterprises looking to grow or for enterprises looking to more cautiously deploy their solution.

Access Governance Tools4ever supports the management of employees’ access rights for applications and data throughout the enterprise’s network and work processes. Rights can be issued, changed, and withdrawn through a universally-manageable security model.

Identity Manager Tools4ever connects to the HR/SIS system to automate enterprise users’ lifecycle process for onboarding, updates, and off-boarding the accounts. This prevents access creep, which can insidiously create security vulnerabilities due to human error and inconsistent records.

Audit Manager Through its solutions, Tools4ever allows organizations to govern their users’ access rights and control unstructured identity data, normalizing and saving access rights in a centralized database for easy reference and remediation if necessary.


IGA BUYER’S GUIDE

21

ABOUTSOLUTIONS REVIEW

Solutions Review is a collection of technology news sites that aggregates, curates, and creates the best content within leading technology categories. Solutions Review’s mission is to connect buyers of enterprise technology with the best solution sellers.

Over the past four years, Solutions Review has launched ten technology buyer’s guide sites in categories ranging from cybersecurity to wireless 802.11, as well as mobility management, business intelligence and data analytics, data integration, and cloud platforms.

Information for this report was gathered via a meta-analysis of available online materials and reports, conversations with vendor representatives, and examinations of product demonstrations and free trials. Solutions Review does not endorse any vendor, product or service depicted in this publication and does not advise technology users to base their vendor selection entirely on this research. Solutions Review disclaims all warranties, expressed or implied, regarding this research, including any warranties of merchantability or fitness for a particular purpose.

2021 identity governance & administration buyer’s guide

Documents