Forecast: Gartner’s 2019 Access Management Magic Quadrant

Forecast: Gartner's 2019 Access Management Magic Quadrant

Technology experts around the world impatiently wait for the release of the Gartner 2019 Access Management Management, Worldwide Magic Quadrant Report. The research giant published the second iteration of the AM Magic Quadrant in June of 2018. Currently, experts believe Gartner plans to release the 2019 Access Management Magic Quadrant sometime in August.

Gartner’s proprietary research methodology makes the release of their annual marketplace reports major events in the technology sphere; often, observers compare the buzz generated by the Magic Quadrant reports to Apple Keynote speeches.

Indeed, many experts consider the Magic Quadrant the premier report in each respective technology field. As a result, enterprise cybersecurity professionals and administrators use Gartner’s findings to develop the foundation for their future solution decisions.

Unfortunately, IT professionals can’t simply wait patiently for the release of the 2019 Access Management Magic Quadrant. Indeed, identity now serves as the core of modern enterprise cybersecurity; the overwhelming majority of cyberattacks begin with fraudulent logins or stolen credentials.

Moreover, even legitimate logins can suffer from severe access issues if the user possesses permissions beyond their station; this can increase the danger of insider threats.

Forecast: Gartner’s 2019 Access Management Magic Quadrant

Therefore, with the Gartner 2019 Access Management Magic Quadrant still months away, we decided to share our own predictions. We share educated guesses on the content of the 2019 Access Management Magic Quadrant and the market’s potential evolution.

To support our predictions, we draw on Gartner’s previous definition of access management technologies. According to the 2018 Magic Quadrant: “access management applies to technologies that use access control engines to provide centralized authentication, single sign-on (SSO), session management and authorization enforcement for target applications in multiple use cases.”

Will Passwords Count Against Potential Vendors?

Our first prediction for the 2019 Access Management Magic Quadrant involves the oft-tenuous relation modern IAM has with passwords. Overall, most identity security vendors attempt to either mitigate or outright eliminate passwords from their authentication protocols.

After all, passwords possess a notorious reputation in next-generation authentication. Hackers now have access to tools which makes cracking or guessing passwords relatively easy. With social engineering tactics, even novice hackers can guess passwords or simply phish them. Additionally, employees frequently repeat their passwords, which increases the chances of hackers discovering and exploiting them.

Finally, the sheer number of data breaches means hackers can find almost all users’ old passwords on the Dark Web. From there, they can engage in mass credential stuffing attacks.

Despite all of these serious deficiencies, vendors continue to use passwords in their authentication capabilities; most users are familiar with passwords and feel reluctant to alter their behaviors.

However, some vendors advertise their efforts to eliminate the need for passwords in their solutions; meanwhile, almost all of them promote the power and necessity of multifactor authentication rather than single or two-factor authentication. The more factors between users and the network, the more secure the login.  

We predict Gartner will not only heavily favor multifactor authentication in the 2019 Access Management, but they will also favor authentication which minimizes password involvement. Since user behaviors still heavily neglect password best practices, this might represent the best way to secure users long-term.

Additionally, Gartner might more heavily weigh biometric authentication vendors’ systems as a step-up from passwords. Yet biometrics presents its own issues which may prevent Gartner from embracing it as fully.

More Challengers on the Horizon?

In the 2018 Magic Quadrant, no vendor received the title of Challenger. According to their definitions, Challengers display strong execution but perhaps not quite the brand awareness or completeness of vision as Visionaries or Leaders.

We predict Gartner shall find more Challengers in the 2019 Access Management Magic Quadrant. In fact, we also predict many more vendors included in this iteration of the report. Given the ever-growing importance of identity in cybersecurity, more vendors continue to rise in prominence and affect the discourse. As such, the new report could become the first appearance of young vendors onto the technology world stage.

As to who those newcomers might be, we can only speculate; the market certainly appears heading for maturity (assuming it hasn’t already arrived). Simultaneously, we also predict major shake-ups in the Leaders Quadrant as enterprise use cases become more diverse; fewer providers may have the capability to offer more general solutions as a result.

IDaaS and the Cloud

Famously, this relatively new report replaced the previous IDaaS Magic Quadrant. However, Gartner considered IDaaS deployment options a serious factor in their previous report. Even last year, Gartner noted the decline of on-premises deployments.

With the rise of cloud and hybrid environments, and the consequent access problems enterprises face, IDaaS shall take on greater prominence in the next report. Indeed, we predict the 2019 Access Management Magic Quadrant won’t focus on on-premises deployments at all; after all, within a few years, such on-premises only IAM configurations will become a rarity among enterprises.

Will Integration Count as Much?

Perhaps our most controversial prediction on this list: do integrations with non-IAM infrastructures or solution matter in the 2019 Access Management Magic Quadrant?

On the one hand—of course they do. IAM may represent the core of identity, but it can’t possibly handle all other cybersecurity functions. On the other hand, identity now forms both the digital perimeter and employs behavioral analytics; both indicate it may be absorbing other cybersecurity categories.

Additionally, identity also forms a key part of most business processes. Therefore, identity security takes on a prominence in the overall infrastructure, which may make it the foundation of enterprises’ environments. Following that logic, identity’s ability to facilitate processes and communications may matter more to Gartner in the coming report.

Some vendors in the 2018 report received their position on the Quadrant because of their integration capabilities. Will Gartner rank them lower because that feature doesn’t matter as heavily as before?

To form your own predictions for the 2019 Access Management Magic Quadrant by Gartner, you can download it for free here. Additionally, you can also check out our 2019 Identity Management Buyer’s Guide.

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner