5 Questions You Need To Ask IAM Providers Before Choosing a Solution

IAM_Buyers_Guide_No_DLThe following is an excerpt from Solutions Review’s 2016 Identity Management Solutions Buyer’s Guide, to view the whole report, download if for free here.

Can you describe your solution’s ability to support the following authentication methods Password, soft-token, hard-token, biometric, phone-as-token? Are any additional methods supported?    

We’ve included 28 solutions in this Buyer’s Guide, and each one brings a different, strongly-held view of the best way to deliver IAM. Make your prospective vendor take a stand and expand on their model while defending that position against other options. Ask your prospective vendor about their ability to support password, soft-token, hard-token, biometric, and out-of-band mobile device authentication.

How does your Identity Management Solution enable or improve web-based Single Sign-On?

The benefits of single sign-on (SSO) are compelling; reduced password fatigue from different user-name and password combinations, reduced time spent re-entering passwords for the same identity, and reduced IT costs due to less IT help desk calls about passwords. Ask prospective vendors about their relationship to SSO, the applications they support, and their plans for the future.

Explain how Identity Federation does or does not fit into your proposed solution?

As stated above, the need for partners or contractors to securely access internal business applications is becoming a daily reality for many enterprises. Plus, the need to provide employees with access to external providers systems, such as outsourced human resources applications, has created a genuine demand for Federated Identity Management.  If not an immediate requirement, FIM is certainly something to consider as your grow.

How do you manage access from mobile devices? What operating systems do you support?

If you’re committed to providing employees, vendors, and consumer’s access to systems from anywhere, at any time, then you need to understand what a prospective solution provider can support with regard to mobile devices. And, if your organization has made a commitment to a BYOD policy, then you’ll need to understand whether an IAM solution can support not only iOS, but Android, Windows, and Blackberry as well.

How is your solution priced?

At some point, you’ve got to get to the bottom line. This can be tough as IAM solutions often have very complex pricing structures, so be persistent. There’s a wide range of sophistication in the solutions we’ve selected, and as such, there’s also a wide variety of pricing models. Some will include line items for various options and others will charge a simple per-user fee. In order to get an apples-to-apples comparison and build a cost model that you can plan around, you’ll need to have put each solution into a sort of “per-user-per-month” cost model. So get all the line-by-line costs and divide by the number of users, then add that to the per-user fees.

Check out 5 more questions you need to ask yourself before choosing an IAM Solution, as well as a full market overview of the top 28 IAM vendors, their capabilities, and best use cases, and a full-length glossary of terms in Solutions Review’s 2016 IAM Buyer’s Guide, available as a complimentary download here.

Jeff Edwards
Follow Jeff

Jeff Edwards

Editor, Cybersecurity at Solutions Review
Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large.He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.
Jeff Edwards
Follow Jeff