Comparing IDaaS SSO Solutions With KuppingerCole’s Leadership Compass

International Analyst firm KuppingerCole has released the latest iteration of its Leadership Compass report for Identity as a Service: Single Sign-On to the Cloud (IDaaS SSO).

In the 2017 Leadership Compass for IDaaS SSO, KuppingerCole Founder and Principal analyst Martin Kuppinger evaluates the strengths and weaknesses of the 18 products that he considers most significant in the IDaaS SSO market and provides readers with graphs separating the products into followers, challenges, and leaders. Kuppinger compares products across four graphed categories: Overall Leaders, Product Leaders, Market Leaders, and Innovation Leaders.

KuppingerCole’s ratings are based on a wide range of input and a long experience in that market segment. Input consists of experience from KuppingerCole advisory projects, feedback from customers using the products, product documentation, and a questionnaire sent out before creating the KuppingerCole Leadership Compass, plus a variety of other sources.

Products featured in the report are, in alphabetical order, CA Udebtuty Service, Centrify Identity Service, IBM Cloud Identity Service, Ilantus Xpress IDaaS, iWelcome, JumpCloud, Microsoft Azure Active Directory, Okta, Inc., OneLogin, Optimal IdM The OptimalCloud, Oracle Identity Cloud Service, Ping Identity PingOne Cloud, SAP Cloud Platform Identity Authentication, SailPoint IdentityNow, Salesforce Identity, SecureAuth IdP, Trustelem, and VMware Identity Manager.

At Solutions Review, We read the 53-page report, available in full here, and pulled a few of what we considered the most important takeaways.

What is IDaaS SSO

Before jumping into the big takeaways we should probably clarify exactly what KuppingerCole mean when they talk about IDaaS SSO.

According to the report, IDaaS SSO means Identity as a Service products “focused on providing a Single Sign-On experience to users.”

In a single sign-on (SSO) service model users log onto a single platform which gives them automatic log-in access to multiple applications for a particular period of time.  When utilizing SSO systems users only need to present one set of credentials, rather than learning or remembering separate credentials for each application.

While the main focus of these tools is on providing access for employees to cloud services, KuppingerCole also looks for support for other groups of users such as business partners and customers, for mobile users, and for downstream SSO back to on-premise applications. Formerly, KuppingerCole referred to this market segment as “Cloud User and Access Management”.

KuppingerCole has also released Leadership compass reports on IDaaS for B2E and IDaaS Digital.

Four vendors lead the way

In the Overall Leaders section of the report, which combines scores across all other sections, four vendors lead the pack. Microsoft leads the way, with a slight lead, followed by Okta, Ping Identity and Centrify. Microsoft held the lead largely due to its position as a clear market leader, thanks to a strong customer base derived from traditional Active Directory deployments, Office 365, and Azure, KuppingerCole says.

The other three leaders, Okta, Ping, and Centrify, are all noted for providing strong offerings in IDaaS SSO, with Centrify noted as the leading supplier of IDaaS SSO solutions. Okta was praised for their well thought-out approach to cloud Single Sign-On, which includes integrated support for strong authentication as well as integrated mobile management features. Ping was praised for good integration with on-premises environments. As noted, Centrify was named as the leading supplier of IDaaS SSO solutions and was praised for its strong mobile management features.

Tight race in product innovation

While just a few vendors led in the overall category, the report’s product innovation section paints another picture, with 12 vendors regarded as ‘Innovation Leaders.’ According to KuppingerCole, innovation is a key capability in IT market segments, as it’s what customers need to keep up with the constant evolution of threats and compliance requirements

For their assessment, KuppingerCole defines innovation not as the delivery of a constant flow of new releases, but as a customer-oriented upgrade approach, “ensuring compatibility with earlier versions especially at the API level and on supporting leading-edge new features which deliver the emerging customer requirements.”

When looking at Innovation Leadership, Centrify is slightly ahead of other vendors, a placement that KuppingerCole based on strong mobile support and PIM capabilities, as well as good integration to on-premise environments. Microsoft, Okta, and Ping Identity, also place near the top of the innovation leaders segment.

Download the full KuppingerCole Leadership Compass—IDaaS: Single Sign-On to the Cloud report here. 

Follow Jeff

Jeff Edwards

Editor, Cybersecurity at Solutions Review
Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large.He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.
Jeff Edwards
Follow Jeff