Identity and access management as service, or IDaaS, is the delivery of Identity and access management solutions as a service via the cloud in a multitenant or dedicated model. IDaaS solutions deliver core identity governance, access, and intelligence capabilities to customers systems, both on-premise and in the cloud.
In its early days, IDaaS market growth was driven by small and midsized businesses that looked to cloud-based SaaS delivery models to simplify their application deployment and usage.
Since then, IDaaS functionality has improved at a rapid pace, and today many cloud-based vendors can deliver the same functionality expected from traditional full-featured, on-premises IAM stacks.
And it’s common knowledge that companies and governments around the world see increased value in IAM Solutions. For example, 93% of European IT security leaders plan to maintain or increase spending on IAM in the next three years, according to a recent study.
Gartner analysts predict that by 2020, 40 percent of IAM purchases will use the IDaaS delivery model, a two-fold increase from less than 20 percent today. Perhaps more important is that 40 percent of those IDaaS implications will entirely replace on-premises IAM implementations, according to Gartner. The future, it seems, is in the cloud.
In that spirit, we’ve turned our gaze to the future of IDaaS. Whether its inclusion in the most recent Gartner Magic Quadrant, the release of an impressive new tool, a trail of acquisitions, or the securing of a new round of funding, these are the top seven IDaaS vendors we are keeping our eye on for 2017 and beyond:
Centrify’s IDaaS solution offers secure access to cloud and mobile apps via SSO, user provisioning, mobile device management (MDM), and multi-factor authentication (MFA) capabilities, and is also compatible with Active Directory (AD).
Centrify is particularly notable for its integrated MDM capabilities, which are some of the strongest in the market and match the capabilities of many MDM vendors. Centrify also boasts easy-to-use dashboards and strong reporting capabilities, with nearly 50 out of the box reports, as well as a SaaS Privileged Identity Management (PIM) solution, making Centrify a reliable choice for organizations with BYOD policies looking to simplify MDM, IAM and PIM simultaneously.
Okta’s IDaaS offering boasts one of the fastest growing customer bases in the market and the funding to match—the company has reached “unicorn” levels of funding in recent years.
The Okta identity management service provides directory services, SSO, strong authentication, provisioning, workflow, and reporting, all delivered as a multitenant IDaaS though some components reside on-premise. Aside from standard IDaaS capabilities, Okta also provides MDM and phone-as-a-token authentication capabilities. Okta features a broad partner ecosystem but lacks slightly in reporting capabilities. Okta opened an EU-based data center in 2015, making the company an ideal IDaaS solution for small to midsized businesses on either side of the Atlantic.
California-based OneLogin provides an on-demand IDaaS solution consisting of single sign-on, multi-factor authentication, directory integration, user provisioning, and a catalog of pre-integrated applications. OneLogin is provided via a multitenant architecture and provides robust capabilities and support for access management policy administration, user directory integration, and end-user self-service. As major proponents of the OpenID Native Applications Working Group (NAPPS), OneLogin has taken a standards-based approach to application integration and established itself as a thought leader in the field of authentication.
OneLogin makes an excellent IDaaS solution for organizations of any size looking for powerful SSO, directory, and MFA capabilities.
The Ping Identity Platform is a multi-tenant, web-centric IDaaS offering that provides secure single sign-on from any device and provides administrators with a single dashboard from which they can manage user access to all applications. Ping Identity Platform comes bundled with PingFederate, a federation service supporting all of the current identity standards including SAML, WS-Federation, WS-Trust, OAuth and OpenID Connect, and PingAccess for managing policies on both applications and APIs. Platform customers can use a lightweight self-services bridge component to integrate with AD, Google, or with one of many SaaS provisioners
Ping delivers this technology as a solution to manage partner employee identities, as well as customer identities through its recent acquisition UnboundID.
With its cloud-based Identity-as-a-Service (IDaaS) solution, California-based Bitium aims to give customers strong security capabilities including single sign-on (SSO), app management, and analytics tools, all without sacrificing ease-of-use. Bitium’s SSO app allows users to access over 1,000 cloud-based apps and lets administrators to provision (and de-provision) application access without sharing passwords. Though Bitium shows strong capabilities in SSO and analytics, the platform doesn’t currently feature two-factor authentication (2FA) or mobile device management (MDM), capabilities, and lacks customizable reports. Nonetheless, Bitium makes a powerful point solution for organizations looking for SSO and analytics.
Netherlands–based iWelcome offers an open-source based IDaaS solution that includes authentication, SSO, federation, self-service registration and user provisioning capabilities for both on-premise and cloud applications, all delivered via a dedicated single-tenant delivery model that allows for massive customization and white-labeling. iWelcome is an ideal candidate for large, EU-based, enterprise organizations looking for an IDaaS solution that will meet complex business requirements and use-cases, as well as regulatory data residency requirements.
The most well know brand on our list, Microsoft made its first foray into the IDaaS market with the May 2014 release of its new Azure Active Directory (AAD) Premium service and the technology giant has already made a large impact on the market. AAD offers comparable capabilities to other IDaaS offerings and includes access to Microsoft Identity Manager products for use with on-premise systems. AAD makes a strong choice for enterprise customers deeply familiar with Microsoft’s ecosystem, or who already use Microsoft’s Azure cloud PaaS service. However, customers looking for deep CIAM (B2C) and user provisioning capabilities should beware, as Microsoft has yet to catch up to the competition in these regards.