Presentation is loading. Please wait.

Presentation is loading. Please wait.

WEBINAR B2E Cloud IAM Forrester Wave™: What’s Hot And What’s Not?

Published byAlyson Hood Modified over 6 years ago

Similar presentations

Presentation on theme: "WEBINAR B2E Cloud IAM Forrester Wave™: What’s Hot And What’s Not?"— Presentation transcript:

1

2 WEBINAR B2E Cloud IAM Forrester Wave™: What’s Hot And What’s Not?
Andras Cser, Vice President, Principal Analyst Merritt Maxim, Senior Analyst November 12, Call in at 10:55 a.m. Eastern time

3

4 Access anywhere, anytime

5 Authentication is a difficult balance
Operational efficiency Asset security Customer satisfaction Image source: Property Manager ( and Smiley Faces (

6 Digital operational excellence
It’s not an “or” but an “and” relationship between customer experience and operational excellence Digital operational excellence Customer experience + Image source: Wikimedia Upload ( and PDPics.com (

7 B2B relationships enable the firm

8 IAM plays a paramount role
Website login Password recovery Master data management Preferences management Customer experience

9 Cloud IAM (IDaaS) reduces complexity and cost
Allows for managing employee identities across cloud environments Limits complexity of IAM solutions Reduces license and ongoing maintenance costs Supports legacy apps on-premises, as well as for SaaS Supports SSO from and on mobile devices Image source: Wikimedia Upload (

10 IDaaS flavors On-premises (MSSP) background Born in the cloud IBM
Microsoft Ping Identity Born in the cloud Bitium Centrify Okta OneLogin Salesforce SailPoint Technologies Image source: Pixabay (

11 Forrester Wave™ evaluation: inclusion criteria
Productized solution True multitenant SaaS B2E cloud IAM offering Authentication against on-premises AD At least $1 million B2E cloud IAM solution revenues in At least 40 paying customer organizations in production Mindshare with Forrester’s customers on inquiries Mindshare with other B2E cloud IAM competitive vendors

12 The Forrester Wave™: B2E Cloud IAM, Q2 2015

13 Forrester Wave™ evaluation: current offering
User directory support Access management policy administration User account provisioning policy administration End user self-service from the solution’s web portal End user self-service from the solution’s mobile application API security and solution APIs Reporting and scalability

14 Forrester Wave™ evaluation: strategy
Future product development and market plans Customer satisfaction Security implementation service and OEM partnerships Development, sales, and technical support staffing Pricing flexibility and transparency Customer reference scale and coverage

15 Forrester Wave™ evaluation: market presence
Revenue Install-based Vertical and geographic presence of the cloud IAM solution

16 SSO portal, SAML, and mobile access are table stakes
All vendors provide the following functionality features: Employee portal to log employees into SaaS apps. Optional on-premises agent. SAML SSO and single sign-out. Native iOS and Android mobile app for login. 2FA mobile app.

17 Forrester Wave™ evaluation: high-level results
OneLogin and Okta lead the pack. Centrify, Microsoft, SailPoint Technologies, Salesforce, Ping Identity, and IBM offer competitive options. Bitium lacks broad install-based but has potential.

18 The Forrester Wave™: B2E Cloud IAM, Q2 2015

19 Vendor profile: OneLogin
Strengths User directory configuration and integration Access management policy administration End user self-service from the portal Weaknesses Provisioning policy administration No own MDM solution

20 Vendor profile: Okta Strengths Simplicity Large installed base
User directory integration End user self-service from the mobile interface Own MDM Weaknesses Reporting and scalability User account provisioning and policy management

21 Vendor profile: Centrify
Strengths End user self-service from the mobile application Own MDM Nice dashboards Weaknesses No user provisioning for on-premises apps No attestation No workflow

22 Vendor profile: Microsoft
Strengths Policy administration Bundled own MDM (Intune) Nice end user interface and mobile app Large SI ecosystem and internal development force FIM bundled Weaknesses No access recertification End user self-service portal No end user management of own experience No ad hoc report definitions

23 Vendor profile: SailPoint Technologies
Strengths End user customization of the SSO portal System administration policy management for attestation campaigns for SaaS and on-premises apps Weaknesses Admins can’t create ad hoc reports. No way to limit who can see what report Customer satisfaction: “meets expectations” Weak SI ecosystem

24 Vendor profile: Salesforce
Strengths Solution is free or at a discount to clients. Access policy and detailed provisioning policy management Workflow Weaknesses More complex interface than other solutions Small development team Small customer base

25 Vendor profile: Ping Identity
Strengths Strong SI partner ecosystem Large developer base Great penetration in communications, high-tech, and finserv verticals Broad deployment coverage Weaknesses PingOne requires bundled PingFederate and PingAccess for certain use cases.

26 Vendor profile: IBM Strengths
Lighthouse Gateway has powerful policy management (based on ISAM). Coverage of on-premises apps Weaknesses No GUI workflow Mobile app is behind other vendors.

27 Vendor profile: Bitium
Strengths Lots of potential User customization of the portal Weaknesses Lacks provisioning policy administration capabilities compared with other vendors Lacks access management policy authoring capabilities compared with other solutions No MDM or 2FA Reporting lags Install base is small.

28 Image source: Trace One (http://www.traceoneview.com/)

29 Vendors’ future plans Extended support for both cloud and on- premises applications Built-in support for attestation campaigns Access request management interfaces and workflow User store support for IaaS workloads EMM capabilities

30 Ten commandments of modern identity management — thou shalt support:
A lot of endpoints: on-premises and cloud apps, and directories and SCIM. Customizable and flexible workflow. Mobile application for reviewers and requestors. Shopping cart in access request management. Access information-aided attestation. Bulk access reviews. Cloud (true multitenant) and on-premises delivery options. A slick user interface for business users and admins. Customer-facing IDM tasks out of the box. Ad hoc reporting and clickable dashboards. +1: Customers’ requirements 

31 Ten commandments of modern access management — thou shalt support:
In-line, network, and protocol-level behavioral intelligence before authentication Device fingerprinting built-in into access control. Risk-based and context-aware authentication with machine learning models. Web and mobile application SSO-blended: session transfer. 2FA supporting FIDO (UAF and U2F) and biometrics on an as-needed basis. Continuous authorization-based applications’ entitlements’ risk. Federation (SAML), OAuth, and OpenID Connect. Easy embedding into the secure payment ecosystem. Cloud IaaS readiness. Support for open source packages. +1: Customers’ requirements 

32 Forrester’s people and process recommendations for IAM
Present your case to the LOB, CMO, and CDO people for why CIAM is not employee IAM. Present your business case to IT security on B2E IAM. Hammer out agreement on formal levels of risk. Map tasks and channels to the formal levels of risk. Use the Forrester IAM maturity assessment. Seek the highest security maturity scores for the most important tasks and channels. Image source: Salary.com (

33 Andras Cser Merritt Maxim

Download ppt "WEBINAR B2E Cloud IAM Forrester Wave™: What’s Hot And What’s Not?"

Similar presentations

Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Current impacts of cloud migration on broadband network operations and businesses David Sterling Partner, i 3 m 3 Solutions.

Current impacts of cloud migration on broadband network operations and businesses David Sterling Partner, i 3 m 3 Solutions.
Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.

Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.
Microsoft Ignite /16/2017 4:55 PM

Microsoft Ignite /16/2017 4:55 PM
Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.

Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
SOA – Development Organization Yogish Pai. 2 IT organization are structured to meet the business needs LOB-IT Aligned to a particular business unit for.

SOA – Development Organization Yogish Pai. 2 IT organization are structured to meet the business needs LOB-IT Aligned to a particular business unit for.
The Cloud Identity Security Leader. © 2012 Ping Identity Corporation Nair the twain shall meet Enterprise Social Mobile.

The Cloud Identity Security Leader. © 2012 Ping Identity Corporation Nair the twain shall meet Enterprise Social Mobile.
APPLICATION Provisioning & Management made EASY EASY to ManageEASY to Manage EASY to MarketEASY to Market.

APPLICATION Provisioning & Management made EASY EASY to ManageEASY to Manage EASY to MarketEASY to Market.
Portal for ArcGIS An Introduction

Portal for ArcGIS An Introduction
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Alessandro Cardoso Microsoft MVP | Readify National Manager |

Alessandro Cardoso Microsoft MVP | Readify National Manager |
- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.

- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.
Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.

Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.
Identity Management and Enterprise Single Sign-On (ESSO)

Identity Management and Enterprise Single Sign-On (ESSO)
2015 NetSymm Overview NETSYMM OVERVIEW December 2015 2015.

2015 NetSymm Overview NETSYMM OVERVIEW December
Powering the Cloud and Mobile Enterprise. The World is Changing Software is One Industry Employees CIOs are Technology Operators THE WORLD BEFORE Software.

Powering the Cloud and Mobile Enterprise. The World is Changing Software is One Industry Employees CIOs are Technology Operators THE WORLD BEFORE Software.
Slavko Kukrika MVP Connect Windows 10 to the Cloud – Cloud Join.

Slavko Kukrika MVP Connect Windows 10 to the Cloud – Cloud Join.
Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.

Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.

Similar presentations

Ads by Google