What’s Changed: Gartner’s 2016 Identity and Access Management as a Service (IDaaS) Magic Quadrant

2016 Gartner Magic Quadrant Identity and Access Management as a Service - IDaaSAnalyst house Gartner has released the latest iteration of its annual identity and access management as a service (IDaaS) Magic Quadrant (MQ) report.

In the 2016 MQ for IDaaS, Gartner evaluates the strengths and weaknesses of 14 vendors that it considers most significant in the IDaaS market, and provides readers with a graph (the Magic Quadrant) plotting the vendors based on their ability to execute and their completeness of vision. The graph is divided into four quadrants: niche players, challengers, visionaries, and leaders. Gartner does not endorse any vendor, product, or service depicted in its research publications.

At Solutions Review, We read the 30-page report and pulled a few of what we considered the most important takeaways and key changes since the 2015 edition.

What is IDaaS? 

Before jumping into the big changes in this iteration of the report, we should probably clarify exactly what Gartner analysts mean when they talk about Identity and Access Management as a Service, or IDaaS.

According to Gartner’s analysts, “a vendor in the IDaaS market delivers a predominantly cloud-based service in a multitenant or dedicated and hosted delivery model. The service brokers a set of functionality across multiple IAM functions — specifically, identity and governance administration (IGA), access enforcement, and analytics functions — to target systems on customers’ premises and in the cloud.”

The 2016 IDaaS MQ report rates vendors on the ability to be “general purpose” identity and access management (IAM) service providers with a variety of use cases; in order to be ranked, vendors must have functionality in IGA, access, and identity log monitoring and reporting.

A Market Poised for Exponential Growth, With Cloud-Native Vendors Leading the Way

It’s common knowledge that companies and governments around the world are seeing increased value in IAM Solutions. For example, 93% of European IT security leaders plan to maintain or  increase spending on IAM in the next three years, according to a recent study.

For their part, Gartner predicts that 40% of identity and access management (IAM) purchases will use the identity and access management as a service (IDaaS) delivery model by 2020, up from just 20%  in 2016.

Web-centric IDaaS leads the market in terms of customer acquisition, and Gartner estimates that up to 95% of client interactions on the topic of IDaaS “indicate a need for web-centric solutions to support B2E SaaS target system integration and consumer-facing and consumer use cases.” Meanwhile, just ten percent of those client interactions show a need for full-featured legacy IDaaS systems.

Two Flavors of IDaaS Dominate the Market

As in previous years, Gartner’s analysts have found that the IDaaS market  is “roughly split between two styles of offerings,” web-centric IDaaS, and legacy, full-featured IDaaS providers.

While legacy vendors usually offer robust capabilities, their solutions can be difficult to implement and maintain. On the other hand, web-centric vendors offer solutions that are easier to implement and use, but which may not offer the same degree of capabilities, especially in terms of IGA and integration with legacy systems.

However, in the coming years, Gartner predicts a blurring of the lines between these two distinct market segments, as web-centric IDaaS providers continue to move up-market and offer IGA features that meet the expectations of most organizations.

‘Leaders’ Quadrant Gets Crowded

In 2015, the ‘leaders’ quadrant of Gartner’s graph featured just one vendor. Flash forward to 2016, and the field has become considerably more crowded, as two vendors enter the fray, with one of them surpassing the incumbent vastly in terms of ‘completeness of vision.’ So, what happened?

Looking at the 2015 MQ, it’s apparent that there was a considerable consolidation of vendors into the ‘visionaries’ quadrant. This year, two of those vendors have passed the threshold into leaders territory, while others have moved up to the point that they are nearly straddling the line. This change leads me to believe that Gartner is reflecting the increasing capabilities of web-centric IDaaS vendors, and the market change in general in their scoring.


Now watch this: 

Jeff Edwards
Follow Jeff

Jeff Edwards

Editor, Cybersecurity at Solutions Review
Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large.He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.
Jeff Edwards
Follow Jeff