ad hoc study
Identity and Access Management (IAM) is still largely deployed on-premise rather than in the cloud, despite this solution is growing in relevance. Many players — such as Dell, IBM, NetIQ and Oracle — are not even directly offering cloud IAM services. Instead, they sell IAM software, which can be hosted by a customer or a SaaS provider in their own data centres and deployed as a private cloud solution. There is a clear customer’s tendency to choose hybrid deployments, which consist of an on-premise IAM solution and a cloud Single Sign On (SSO) service. Indeed, partnerships and collaborations among IAM and cloud SSO players are quite popular in order to address the full IAM needs of enterprise customers.
This results from a recent InfoCom study carried out on different elements of the offers for security services for a large number of providers worldwide. The research also highlighted the price strategies, SLAs and go-to-market models of the different providers. The analysis also illustrates how security be the main challenge confronting cloud IAM services, especially after privacy breaches witnessed recently. Largely because of security and hosting issues, InfoCom expects that hybrid deployments will still be prevalent over the next coming years.
Current cloud IAM offers in the market consist of two fundamental elements: provisioning and access governance. Provisioning permits to automate the management of identities and their synchronisation with the applications, allowing also user’s self-registration: this reduces the intervention of IT administrators and facilitates access certification to all applications. Access governance features, instead, involve the processing and certification of user access, implementation of approval workflows and Segregation of Duties (SoD), user entitlements and access policies, as well as review, remediation and removal of orphan accounts. Key offer elements are the ease-of-use of the interface, flexibility and granularity of the different options and features as well as the availability of various standard reporting options.