Forecast: The Gartner 2019 Identity Governance and Administration Magic Quadrant

Forecast: The Gartner 2019 Identity Governance and Administration Magic Quadrant

Technology experts around the world impatiently wait for the release of the Gartner 2019 Identity Governance and Administration Magic Quadrant. The research giant published the sixth iteration of the IGA Magic Quadrant in February of 2018. Currently, rumors suggest Gartner plans to release the 2019 Identity Governance and Administration Magic Quadrant sometime in October.

Thanks to their proprietary research methodology, Gartner’s annual marketplace analyses generate a level of buzz in the tech world only matched by Apple’ keynote speeches. In fact, many experts consider the Magic Quadrant the premier Gartner report in each cybersecurity technology marketplace. Often, enterprise cybersecurity professionals and administrators use Gartner’s findings as a foundation for their research and yearly purchasing decisions.

However, professionals can’t merely wait patiently for the 2019 Identity Governance and Administration Magic Quadrant. Every day, IT security teams face new attacks on their users’ identities. Role management and permissions visibility persistently plague enterprise cybersecurity schemes. They need to know which capabilities and priorities should comprise their critical identity governance policies.

Therefore, with the Gartner 2019 Identity Governance and Administration Magic Quadrant still some ways away, we decided to share our own predictions. We share educated guesses on the content of the 2019 Identity Governance and Administration Magic Quadrant and the market’s evolution.

We base our predictions off Gartner’s definition of IGA solutions. According to their previous Magic Quadrant, identity governance forms a crucial component of identity management; it is designed to “manage digital identity and access rights across multiple systems and applications.”

To do so, identity governance solutions aggregate and correlate identity and permissions data and utilizes it in core functions. These include access requests, access certification, workflow management, identity lifecycle management, permissions granting or removal, and entitlement management.

Visibility in the 2019 Identity Governance and Administration Magic Quadrant

Undoubtedly, Gartner weighs several identity management capabilities in all of its IGA report: role management, access requests, entitlements management, etc. However, we believe visibility shall become a major component of the 2019 Identity Governance and Administration Magic Quadrant.

Visibility and cybersecurity often interrelate. Without visibility, your IT security can’t possibly protect all of your users, accounts, and privileges; you can’t protect what you can’t see.

For example, lacking visibility into users’ accounts leaves them vulnerable to access creep; they could keep acquiring privileges as they take on new projects without any oversight in removing them. Of course, hackers and insider threats target credentials bloated with permissions above other users’ accounts. After all, they’re so much more valuable than more secure and more visible credentials.

Unfortunately, enterprises continue to struggle with their identity governance visibility. According to the recently released SailPoint 2018 Identity Report, only 20% of enterprises have visibility overall of their users. Moreover, 7% have no visibility whatsoever. Even a small gap in visibility constitutes a massive security vulnerability for enterprises of all sizes.   

Most likely, Gartner will consider IGA solutions which increase visibility with greater weight than solutions which can’t provide that kind of cybersecurity insight. In the 2019 Identity Governance and Administration Magic Quadrant, Gartner may very well connect visibility to more effective delivery and identity data traffic control.   

Will The Cloud Reigns Supreme in 2019?

In last year’s Magic Quadrant report, Gartner predicted extensive enterprise IGA growth on the cloud over the next few years.

In fact, researchers predicted as much as 40% of business IGA buyers shall select cloud-architected solutions by 2021. By the same token, 15% shall choose cloud-hosted software.

To Gartner, the cloud represents a much more effective delivery and deployment method than on-premises. If anything, Gartner expresses some cynicism about on-premises IGA deployment. In their 2018 Critical Capabilities for Identity Governance and Administration report, researchers believe “50% of [current] IGA deployments are in distress.”

Additionally, Gartner researchers note cloud IGA deploy faster and proves easier to manage and upgrade than on-premises architecture. Therefore, we predict Gartner placing special emphasis on the cloud in the 2019 Identity Governance and Administration Magic Quadrant; certainly, they’ll emphasize it more than in the 2018 report.

Expect to see Gartner weigh the importance of digital transformation facilitation in enterprise-level IGA solutions. Further, also note the rise of centralization in new cloud-focused, decentralized enterprise IT infrastructure.

The Power of Managed Services

One of the most important innovations of cybersecurity is the rise of managed security services. Through managed services, enterprises of all sizes can mitigate the effects of the cybersecurity staffing crisis; they can enjoy the benefits of 24/7 security monitoring, delegated access and role management, and compliance reporting. Given the stress IT security teams face every day under myriad deadlines and expectations, delegating duties to other cybersecurity experts can help alleviate some of the burdens.

Thus, Gartner should highlight the importance of managed services in the 2019 Identity Governance and Administration Magic Quadrant. Providers need to ensure their services can also monitor and regulate the permissions of your third party-users, applications, and vendors. Each third-party with unnecessary permissions constitutes a new security vulnerability in your enterprise; in fact, unnecessary third-party permissions could easily end up in the wrong hands and could allow for dangerous lateral movements.

Integration Capabilities Matter

Identity governance and administration constitutes an essential part of your enterprise’s identity management and your cybersecurity. However, it doesn’t form the whole of it. You’ll need to integrate your enterprise’s IGA solution with your other cybersecurity solutions, including endpoint security and SIEM as well as other identity security solutions.

As research experts, Gartner recognizes the importance of integration in their selected IGA solutions for the 2018 Magic Quadrant. In the 2019 report, it should take even greater importance. After all, identity governance improperly integrated can create security holes, as well as orphan accounts or inappropriate access to enterprise assets.

Likely, Gartner will weigh how solutions integrate more heavily due to these potential issues and because of the increasing complexity of cybersecurity demands. Enterprises can no longer rely on simply one solution to solve their problems. They’ll need a full platform of solutions to maintain consistent identity security standards.    

To learn more, be sure to check out our 2019 Buyer’s Guide. In it, we compile data on the top vendors in the identity security field, their key capabilities, and provide a Bottom Line for each.

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner