A lot has changed in the two years since we last examined the identity and access management (IAM) market. Some vendors have disappeared. New ones have emerged. The once-great security giant Symantec is now a division of Broadcom. Idaptive, too, is gone, acquired by Cyberark.
The big trends, though, remain the incorporation of behavior analytics and zero trust. These technologies have become an increasingly important part of access management products. And of course, the work-from-home (WFH) movement has put even greater pressure on access security. We’ll discuss the top solutions in depth, along with important trends in identity management and features to look for in IAM products.
Twingate helps fast-growing companies easily implement a Zero Trust secure access solution without compromising security, usability, or performance. We believe that “Work from Anywhere” should just work. Twingate’s secure access platform replaces legacy VPNs with a modern Identity-First Networking solution that combines enterprise-grade security with a consumer-grade user experience. It can be set up in less than 15 minutes and integrates with all major cloud providers and identity providers.
Learn more about Twingate
For security teams charged with defending hybrid and multi-cloud environments, Semperis ensures integrity and availability of critical enterprise directory services at every step in the cyber kill chain and cuts recovery time by 90%. Purpose-built for securing hybrid Active Directory environments, Semperis’ patented technology protects over 50 million identities from cyberattacks, data breaches, and operational errors. Expose blind spots. Paralyze attackers. Minimize downtime. Semperis.com
Learn more about Semperis
ADManager Plus is a unified AD, Exchange, Teams, Google Workspace, and Microsoft 365 management solution to simplify tasks such as provisioning users, cleaning up stale accounts, and managing NTFS and share permissions. It offers 200 built-in reports, including reports on inactive user accounts, Microsoft 365 licenses, and users’ last logon times. You can build a custom workflow for ticketing and compliance, delegate tasks to technicians, automate AD tasks such as restore and backup AD objects.
Learn more about ManageEngine ADManager Plus
A PAM solution that gives system administrators complete visibility into each endpoint’s access privileges. With this convenient setup, admins are able to view user requests, check request history, block elevations, and approve or decline escalation requests on the go from either the dashboard or mobile app. Enable Zero-trust execution or revoke local admin rights with a simple click. This effectively stops malicious insider threats from taking over your network and boosts your security.
Learn more about Heimdal Security
Dashlane offers features like SSO, password sharing, and directory integration to help you safely manage passwords for your business. Securing your company’s data starts with each individual employee. It’s why we designed Dashlane to be easy for you to deploy and simple for your team to use—no matter how tech savvy they are.
Try Dashlane Business for free
Learn more about Dashlane
With more users than ever accessing applications remotely, limiting access for remote employees, partners, and customers has become as complicated as it is critical. A static single sign-on (SSO) or multi-factor authentication (MFA) product isn’t going to cut it at the enterprise level, where the cost of a breach is high. Those costs can include lost data, stolen intellectual property, damaged customer trust and reputation, incident response costs, downtime, and steep fines from compliance regulations like GDPR and CCPA if personally identifiable information (PII) is involved.
The best IAM solutions incorporate the concept of zero trust, giving users only the access they really need, and use artificial intelligence to identify anomalous behavior that could indicate a breach or stolen credentials.
Most IAM products offer the following features:
In most cases, the identity and access functions are combined into one application. The identity management side is all about the creation, administration, and deployment of identifiers, credentials, and attributes. Access management, on the other hand, focuses on the control of permissions assigned to users and evaluating those permissions against identity whenever information access is requested.
Gartner sees the IAM market eventually becoming about decentralized identity. Instead of a user-focused system of identity and verification, an “identity trust fabric” will provide a layer of security between users and applications. That evolution will take time, however, as it is based on Blockchain technology and tied to the emerging concept of the cybersecurity mesh, itself an evolving strategy that attempts to tie together the vast distributed networks and resources of enterprises into a centralized policy management and orchestration layer. For more on these concepts, see Cybersecurity Mesh, Decentralized Identity Lead Emerging Security Technology.
For now, identity is already being tied into more advanced cybersecurity strategies like zero trust, microsegmentation and behavioral analytics. Identity is no longer a static concept, and IT buyers should look for IAM solutions that reflect that complexity and offer a roadmap to the future.
See also: Best Privileged Access Management (PAM) Software and Top Network Access Control (NAC) SolutionsCisco’s acquisition of Duo Security in 2018 gave the networking giant a strong presence in both IAM and zero trust. With its Tetration microsegmentation technology, SD-Access fabric and Identity Services NAC solution, Cisco may be the only vendor to span IAM, zero trust, microsegmentation and network access control. The company’s broad portfolio makes it uniquely positioned to be a leader in the evolving access management and zero trust market.Okta has long been a leader in access management, authentication and single sign-on. With a simple and easy-to-manage SaaS-based approach, Okta offers users a way to implement IAM and zero trust without a lot of complexity. Behavioral tracking is a plus, and the product offers a number of authentication options, including multi-factor, single sign-on and biometric. Okta is one of the easiest paths to zero trust and advanced identity management.Another perennial on our list, Ping Identity offers a range of access management solutions: software, cloud-based, hybrid, enterprise-grade and passwordless are among the options. The Ping lineup gets solid marks just about everywhere, and the company’s continuous development efforts ensure that it will be a contender for a long time. Ping has an option for just about everyone.Twingate helps fast-growing companies easily implement a zero trust secure access solution without compromising security, usability, or performance, saying that “Work from anywhere should just work.” Twingate says its secure access platform replaces legacy VPNs with a modern Identity-First Networking solution that combines enterprise-grade security with a consumer-grade user experience. It can be set up in less than 15 minutes and integrates with all major cloud providers and identity providers.Acquired from Idaptive in 2020, CyberArk offers SSO, MFA, and identity lifecycle management across workforce, third-party, endpoints, mobile devices and consumer users. Behavior analytics set a baseline for users and can trigger alerts and access changes when anomalous behavior is detected. The IAM solution gets solid marks for capabilities, value, ease of deployment, and support. It’s one of the best products on the market for adaptive access control.For security teams charged with defending hybrid and multi-cloud environments, Semperis ensures integrity and availability of critical enterprise directory services at every step in the cyber kill chain and cuts recovery time by 90%. Purpose-built for securing hybrid Active Directory environments, Semperis’ patented technology protects over 50 million identities from cyberattacks, data breaches, and operational errors while exposing blind spots.Oracle has put together a strong identity and access management product suite spanning the cloud and on-premises. The context-aware access products integrate with a wide range of applications, servers and systems, including custom applications. It gets high marks for ease of deployment, authentication and access management, single sign-on and support, and user perceptions of value are above average.IBM Security Verify Access users are generally happy with the solution’s capabilities. The software product generally offers greater functionality than the SaaS product, but IBM gets solid marks across the board from users, even on price, where it ranks in the top half of IAM products. Its advanced features are also highly regarded by users.OneLogin is a remarkably well-balanced product, with ease of use and deployment and capabilities all strong. Onboarding and offboarding are quick, and the IAM product boasts more than 6,000 application integrations and endpoint functionality too. The product offers a solid value, with some users reporting flexibility in pricing.CyberRes, a Micro Focus line of business, provides NetIQ Identity and Access management. Its adaptive identity-centric approach offers an integrated platform for identity, access, and privilege management.Micro Focus features
eSecurity Planet Editor Paul Shread contributed to this report
Top Cybersecurity Companies
See full list
eSecurity Planet is a leading resource for IT professionals at large enterprises who are actively researching cybersecurity vendors and latest trends. eSecurity Planet focuses on providing instruction for how to approach common security challenges, as well as informational deep-dives about advanced cybersecurity topics.
Advertise with TechnologyAdvice on eSecurity Planet and our other IT-focused platforms.
Property of TechnologyAdvice.
© 2022 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.