the forrester wavetm - identity management and governance - q2-2016 - res116325

7/25/2019 The Forrester WaveTM - Identity Management and Governance - Q2-2016 - RES116325

http://slidepdf.com/reader/full/the-forrester-wavetm-identity-management-and-governance-q2-2016-res116325 1/16

The Forrester Wave™: Identity Management AndGovernance, Q2 2016

The Nine Providers That Matter Most And How They Stack Up

by Merritt Maxim

May 17, 2016

FOR SECURITY & RISK PROFESSIONALS

FORRESTER.COM

Key Takeaways

SailPoint, RSA, And Dell Lead The Pack

Forrester’s research uncovered a market inwhich SailPoint, RSA, and Dell lead the pack. CA

Technologies, Courion, Micro Focus (NetIQ), and

Oracle offer competitive options. IBM and SAP

lag behind.

S&R Pros Are Looking For Usability And

Automation

This market is growing because security

professionals use these solutions to address

key identity-related risks and streamline

operational efficiencies by migrating away from

existing inaccurate, manual, and inefficient

identity processes.

Identity Analytics And Ease Of Administration

Are Key Differentiators

As this market continues to mature, improved

end user interfaces, simplified and flexible

administration, and broader identity analytics will

dictate which providers lead the pack.

Why Read This Report

In our 17-criteria evaluation of identity

management and governance providers, weidentified the nine most significant ones — CA

Technologies, Courion, Dell, IBM, Micro Focus

(NetIQ), Oracle, RSA, SailPoint, and SAP — and

researched, analyzed, and scored them. This

report shows how each provider measures up and

helps security and risk professionals make the right

choice for managing and governing user access.



2

5

7

12

© 2016 Forrester Research, Inc. Opinions reflect judgment at the time and are subject to change. Forrester®,Technographics®, Forrester Wave, RoleView, TechRadar, and Total Economic Impact are trademarks of ForresterResearch, Inc. All other trademarks are the property of their respective companies. Unauthorized copying or

distributing is a violation of copyright law. [email protected] or +1 866-367-7378

Forrester Research, Inc., 60 Acorn Park Drive, Cambridge, MA 02140 USA

+1 617-613-6000 | Fax: +1 617-613-5000 | forrester.com

Table Of Contents

IMG Is Indispensable For Security,

Productivity, And Efficient Operations

Technical Complexity Can Delay Deployment

And Increase Administrative Difficulty

Identity Management And Governance

Evaluation Overview

Evaluated Vendors And Inclusion Criteria

Vendor Profiles

Leaders

Strong Performers

Contenders

Supplemental Material

Notes & Resources

Forrester conducted lab-based product

evaluations in February 2016 and interviewedseven vendors: CA Technologies, Courion, Dell,

Micro Focus (NetIQ), RSA, SailPoint, and SAP.

Related Research Documents

Build Your Identity And Access Management

Strategy

Making The Business Case For Identity And

Access Management

TechRadar™: Identity And Access Management

(IAM), Q1 2016


The Forrester Wave™: Identity Management And Governance,Q2 2016


by Merritt Maximwith Stephanie Balaouras, Andras Cser, Salvatore Schiano, and Peggy Dostie

May 17, 2016

http://www.forrester.com/go?objectid=RES61627






http://www.forrester.com/go?objectid=BIO9125















The Forrester Wave™: Identity Management And Governance, Q2 2016

May 17, 2016

© 2016 Forrester Research, Inc. Unauthorized copying or distributing is a violation of copyright law.

[email protected] or +1 866-367-7378

2


IMG Is Indispensable For Security, Productivity, And Efficient Operations

Identity management and governance (IMG) solutions give security and risk (S&R) pros the ability to

provision all users with the appropriate level of access to critical applications and systems, therebyminimizing the risk of users with excessive privileges or orphan accounts which hackers frequently

target to exfiltrate sensitive data. Comprehensive IMG platforms provide functionality such as user

account provisioning, delegated administration, role management, access request management, user

self-service, and access certification. They also provide reporting for on-premises, custom, and SaaS

applications. With an IMG platform, S&R pros can:

› Minimize the risk of data breaches. Public disclosures of large-scale data breaches have

become a daily occurrence. Since the majority of data breaches continue to occur as a result of

compromised credentials, over-privileged users, stale or orphan accounts, and segregation of duty

(SoD) violations, more than ever, security teams need strong, auditable processes for ensuring that

users have not accumulated unnecessary access rights during their job tenure.1 Security teams

that fail to invest in robust processes for managing user access to systems and data are increasing

their firm’s risk of a data breach.

› Improve end user productivity. In today’s highly distributed and complex organizations, it’s not

uncommon for new hires to wait days or weeks for technology management to grant them access

to systems and applications for their jobs. These delays only frustrate end users and decrease

productivity. The ability to automate and centralize the process by which users can request and

gain access to applications can yield significant employee benefits in both user satisfaction and

productivity. This in turn can help keep employee attrition low and enable your workforce to

function at an optimal level.2

However, this also means that vendors optimize IMG solutions forbusiness, not just technical users.

› Deliver operational efficiencies. Today’s digital workforce requires access to an increasingly

diverse set of data and applications. Managing and monitoring this access can be an

administrative nightmare as S&R pros struggle to both maintain consistency across environments

and mollify frustrated users who can’t access quickly and efficiently the systems needed for their

job. IMG solutions alleviate administrative headaches for managing and granting user access to

applications by providing a centralized platform with workflow, delegated administration, analytics,

and reporting to ensure that technology management grants access efficiently and within defined

business rules and policies.

Technical Complexity Can Delay Deployment And Increase Administrative Difficulty

Many IMG vendors have built up their IMG portfolios through acquisition during the past 10-plus years

(see Figure 1 and see Figure 2). While vendors made these acquisitions to accelerate time-to-market,

integrating these components takes time and can lead to multiple interfaces and complexity, resulting

in longer deployment periods and increased administration. These so-called acquisition architectures

may also lack flexibility to adjust to new requirements such as SaaS or mobile.





May 17, 2016



3


In addition, IMG requirements have expanded beyond provisioning and creating an account in a

target system like Active Directory. While user provisioning is increasingly a capability of most IDaaS

offerings, these cloud offerings are not as mature in other core identity areas such as role management

or access certification for on-premises apps, making it challenging for security teams that are facing a

cloud-first mandate to migrate their IMG infrastructure to SaaS.3 S&R pros considering investment or

reinvestment in this space should consider how these solutions currently support new requirements

such as:

› Prioritizing flexible and responsive user interfaces optimized for business users. Traditionally,

IMG resided primarily within the purview of technology management. Even for technical staff,

IMG solutions were hard to work with, and security pros often had to spend nine to 12 months

to customize these solutions to achieve the most basic access request approval workflows. New

requirements in access request management and access governance mean that business users

will increasingly interact with IMG solutions. These business users place a premium on easy-to-useinterfaces as well as support for performing functions on mobile devices. Security teams should

prioritize business user experience when evaluating solutions; friendlier interfaces will result in

faster deployment times and quicker adoption.

› Managing the identity life cycle for SaaS environments. IMG solutions initially focused on

supporting the identity life cycle for on-premises client/server applications and have built up

broad support for most commonly used commercial applications. However, as digital businesses

increasingly adopt SaaS apps such as Concur, Office 365, Salesforce, and ServiceNow, security

teams must maintain the same centralized, policy-based approach for managing and governing

the identity life cycle. While the IMG vendor ecosystem has added support for a range of common

SaaS apps, functionality beyond core provisioning can be inconsistent. S&R pros should place apremium on a given vendor’s support for SaaS apps to ensure broadest possible coverage and

strongest business value.

› Delivering robust identity analytics to identify anomalous user behavior. Although IMG

solutions serve as an important resource of valuable identity information, many security teams have

not leveraged this identity data to its fullest effect, as identity data was often exported to a SIM

or another analytics tool. Going forward, IMG solutions will provide the foundation for capturing

and detecting potentially suspicious user activity and using that data to feed into dashboards and

remediation. S&R pros should evaluate the ability to collect and perform such analysis natively in

the IMG platform even if behavior analytics is not on your short-term priority list.

› Providing a risk-centric view of users, apps, and entitlements to mitigate identity risk. IMG

solutions collect and manage a wide range of data around usage, approvals, and workflow, but

security teams don’t always fully leverage this data, if at all. S&R pros can use this data to identify

segregation of duty (SoD) violations and to prevent the fulfillment of certain requests. Today,

S&R pros want risk-scoring models out of the box that they can customize to their firm’s specific





May 17, 2016



4


identity, application, and data risk. Such configurable models can deliver great value, especially

when onboarding new apps or users, which is why S&R pros should evaluate individual risk-scoring

type capabilities.

FIGURE 1 Identity Management And Governance Acquisition Timeline

IdM1logic

June 2015

IDFocus

Oct. 2008

Netegrity, Oct. 2004

SecureReset

Nov. 2015

EMC, Oct. 2015

Dell

Courion

CA

Technologies

Eurekify

Nov. 2008

Xceedium

July 2015

Bay31

May 2015

Core Security

Dec. 2015

Quest, July 2012

(BiTKOO, 2011)

(Voelcker Informatik, 2010)

(RSA, 2006)

(Aveksa,

2013)

(Business Layers, 2004)

2002 Present

Note: This figure is meant to be representative of the identity management and governance

acquisitions over the past five years only for vendors included in this Forrester Wave. Acquisitions

made outside core identity management solutions are not shown. Timeline is not to scale.

Lighthouse Security

Aug. 2014

Access360

Sept. 2002

IBM

CrossIdeas

July 2014





May 17, 2016



5


FIGURE 2 Identity Management And Governance Acquisition Timeline Continued

Attachmate, Sept. 2014

Aveksa

July 2013

Note: This figure is meant to be representative of the identity management and governance

acquisitions over the past five years only for vendors included in this Forrester Wave. Acquisitionsmade outside core identity management solutions are not shown. Timeline is not to scale.

SAP

RSA

Micro Focus

(Net IQ)

2002 Present

(NetIQ, 2006)(Novell, 2010)

Oblix

Mar. 2005Sun, Jan. 2010

Oracle

Thor

Nov. 2005

(Waveset, 2003)

(Vaau, 2007)

Whitebox Security

July 2015

Beacon PS

Feb. 2011

Cloudmasons

May 2012

SailPoint

BMC Control SA

Mar. 2011

Identity Management And Governance Evaluation Overview

To assess the state of the identity management and governance market and see how the vendors

stack up against each other, Forrester evaluated the strengths and weaknesses of top IMG vendors.

After examining past research, user need assessments, and vendor and expert interviews, we

developed a comprehensive set of evaluation criteria. We evaluated vendors against 17 criteria, which

we organized into three high-level buckets:

› Current offering. We evaluated the ability of IMG solutions to deliver the following capabilities out

of the box: 1) user account provisioning; 2) role management; 3) access request management; 4)

access certification; 5) integration and APIs; 6) reporting and scalability; 7) administration; and 8)

overall solution complexity.





May 17, 2016



6


› Strategy. We evaluated: 1) the vendor’s IMG strategy and vision; 2) total complexity to implement

the solution; 3) pricing terms and flexibility; 4) customer satisfaction; and 5) breadth of the vendor’s

partner ecosystem.

› Market presence. We evaluated: 1) development, sales, and technical support staffing; 2) the size of

the IMG installed base; 3) product line and revenue; and 4) global presence (verticals and geographies.

Evaluated Vendors And Inclusion Criteria

Forrester included nine technology providers in the assessment: CA Technologies, Courion, Dell, IBM,

Micro Focus (NetIQ), Oracle, RSA, SailPoint, and SAP. Forrester also invited Hitachi-ID, IBM, Omada,

Oracle, and Microsoft, but these vendors declined to participate. Due to the volume of client inquiries

and their market presence, Forrester included IBM and Oracle as nonparticipating vendors in this

assessment. Each included vendor has (see Figure 3):

› A productized and publicly announced identity management and identity governance

offering. Participating vendor needed to have its own internally developed (not an OEM or resell)

IMG solution that supports the installation of the IMG policy administration console on-premises.

› At least $20 million in annual IMG license revenue over the past four fiscal quarters. The

vendor should have at least $20 million in true annual IMG license revenues. Hosted IMG solutions

do not count against this number.

› At least 50 paying customer organizations in production. The vendor’s IMG offering should

have at least 50 paying customer organizations in production at the cutoff date.

› A mindshare with Forrester’s clients during inquiries. Clients should mention the vendor’s namein an unaided context (“We looked at the following vendors for IMG”) during Forrester’s inquiries

and other interactions.

› A mindshare with other IMG competitive vendors. When Forrester asks other vendors about

their competition on briefings, inquiries, and other interactions, other vendors should mention the

vendor as a real competitor in the IMG market space.





May 17, 2016



7


FIGURE 3 Evaluated Vendors: Identity Management And Governance Information And Selection Criteria

Vendor

CA Technologies

Courion

Dell

Micro Focus (NetIQ)

RSA

SailPoint

SAP

Product evaluated

CA Identity Suite 12.6.07

Courion Access Assurance Suite

Dell One Identity Manager 7

Identity Manager 4.5, Access Review 1.5,SecureLogin 8.1, Identity Tracking 1.1, DRA 9.0

RSA Via Lifecycle and Governance 7.0

IdentityIQ 7.0

SAP Identity Management 8.0, SAP Access

Control 10.1

Inclusion criteria

A productized and publicly announced identity management, role management ,and identitygovernance offering. The vendor should have its own internally developed (not an OEM or resell) IMGsolution that supports the installation of the IMG policy administration console on-premises.

At least $20 million in annual IMG license revenue over the past four1 fiscal quarters. The vendorshould have at least $20 million in true annual IMG license revenues. Hosted IMG solutions do not countagainst this number.

At least 50 paying customer organizations in production. The vendor’s IMG offering should have atleast 50 paying customer organizations in production at the cutoff date.

A mindshare with Forrester’s customers on inquiries. Customers should mention the vendor’s namein an unaided context (“We looked at the following vendors for IMG”) on Forrester’s inquiries and otherinteractions.

A mindshare with other IMG competitive vendors. When Forrester asks other vendors about theircompetition on briefings, inquiries, and other interactions, other vendors should mention the vendor as areal competitor in the IMG market space.

Vendor Profiles

This evaluation of the identity management and governance market is intended to be a starting pointonly. We encourage clients to view detailed product evaluations and adapt criteria weightings to fit their

individual needs through the Forrester Wave Excel-based vendor comparison tool (see Figure 4).





May 17, 2016



8


FIGURE 4 Forrester Wave™: Identity Management And Governance, Q2 ’16

Challengers Contenders Leaders

Strong

Performers

StrategyWeak Strong

Current

offering

Weak

Strong

Go to Forrester.com to

download the Forrester

Wave tool for more

detailed product

evaluations, feature

comparisons, and

customizable rankings.

CA Technologies

Oracle

IBMCourion

Dell

Micro Focus (NetIQ)

RSA

SailPoint

SAP

Market presence

Full vendor participation

Incomplete vendor participation





May 17, 2016



9


FIGURE 4 Forrester Wave™: Identity Management And Governance, Q2 ’16 (Cont.)

C A T e c h n o l o g i e s

C o u r i o n

D e l l

M i c r o F o c u s ( N e t I Q )

R S A

CURRENT OFFERING

User account provisioning

Role management

Access request management

Access certification

Integration and APIs

Reporting and scalability Administration

Overall solution complexity

STRATEGY

IMG strategy and vision

IMG implementation complexity

IMG pricing terms and flexibility

Customer satisfaction

IMG partner ecosystem

MARKET PRESENCE

Development, sales, and technical

support staffing

IMG customer installed base

Product line revenue

Global presence (verticals

and geographies)

F o r r e s t e r ’ s

W e i g h t i n g

50%

13%

13%

13%

13%

10%

10%15%

15%

50%

30%

20%

15%

25%

10%

0%

20%

35%

30%

15%

3.35

4.00

3.00

3.00

4.00

3.00

4.004.00

2.00

2.70

3.00

2.00

4.00

2.00

3.00

3.80

4.00

3.00

4.00

5.00

2.73

3.00

2.00

3.00

3.00

3.00

3.002.00

3.00

3.00

3.00

3.00

3.00

3.00

3.00

2.30

1.00

3.00

2.00

3.00

3.58

3.00

4.00

3.00

3.00

3.00

3.005.00

4.00

4.25

4.00

4.00

5.00

4.00

5.00

3.40

5.00

3.00

2.00

5.00

3.00

3.00

4.00

3.00

2.00

2.00

4.004.00

2.00

3.05

3.00

2.00

4.00

3.00

4.00

3.85

4.00

4.00

3.00

5.00

3.93

3.00

4.00

4.00

4.00

4.00

3.005.00

4.00

4.10

5.00

3.00

4.00

4.00

4.00

3.30

3.00

3.00

4.00

3.00

S a i l P o i n t

S A P

4.68

5.00

5.00

5.00

4.00

4.00

4.005.00

5.00

4.45

5.00

3.00

4.00

5.00

5.00

4.00

3.00

5.00

4.00

3.00

2.58

2.00

4.00

3.00

2.00

2.00

4.003.00

1.00

1.85

2.00

1.00

1.00

2.00

4.00

2.95

1.00

4.00

2.00

5.00

All scores are based on a scale of 0 (weak) to 5 (strong).

Leaders

› SailPoint offers a solid and proven IMG solution. SailPoint is the one remaining IMG pure play

from the 2000s and has built an impressive and large customer install base and broad partnerecosystem to support IMG deployments across all verticals. The solution is less complex than other

solutions evaluated in this Forrester Wave. Customers reported some issues with documentation

and scalability in larger environments. The vendor’s future plans include: 1) management of access

to unstructured data resources; 2) continued user experience enhancements for mobile devices;

and 3) a stateless API integration model based on the SCIM standard.





May 17, 2016



10


› RSA differentiates its IMG strategy with intriguing GRC integration. RSA is integrating its RSA

Via Lifecycle and Governance capabilities (acquired via Aveksa in 2013) with the RSA Archer GRC,

RSA Security Analytics, and RSA’s Advanced Authentication solutions. The solution is much less

complex than other solutions evaluated in this Forrester Wave with simple, flexible, and intuitive

user interfaces. Customers indicated concerns around the pending Dell/EMC merger’s influence

on future IMG support and strategy. The vendor’s future research and development include: 1)

continuous assurance; 2) integrated IAM portfolio with RSA’s strong and risk-based authentication;

and 3) synergy between IAM, security, and GRC.

› Dell has strong global IMG coverage. The EMEA heritage of Dell’s IMG solution (based on

the acquisition of Voelcker Informatik) has given Dell a strong and diverse global customer base

and partner ecosystem. The Dell administrative portal was intuitive and less complex than other

solutions evaluated in this Forrester Wave. Reference customers universally singled out Dell’s

support and service responsiveness. The vendor’s future plans include: 1) extending data accessgovernance to include support for cloud storage applications; 2) the addition of behavioral

analytics capabilities; and 3) the creation of native mobile apps for request and approval supporting

the major platforms (e.g., iOS, Android, Windows).

Strong Performers

› CA Technologies delivers IMG functionality as part of a broad IAM offering. CA has a very

broad IMG platform and connector coverage across on-premises and SaaS environments. The

solution is more complex than other solutions evaluated in this Forrester Wave, with multiple

nonintegrated product interfaces. In customers’ view, CA Technologies needs to do a better job

with customer support and services. CA Technologies has invested over the past 12 months,both through acquisition and in-house development, to improve and streamline the business

user experience. Forrester expects that the vendor’s future plans will include behavioral analytics,

continued user interface improvements, and specific certification campaigns and analytics for

privileged and shared accounts.

› Micro Focus (NetIQ) delivers directory-centric IMG capabilities. Micro Focus (NetIQ) has a

large IMG customer base and strong directory integration capabilities but has not added net new

customers as quickly as other vendors have. Micro Focus (NetIQ) OEMs its role management

capabilities from fellow IMG competitor SailPoint. Customer references expressed concerns

around the vendor’s slow-to-develop cloud strategy. The vendor’s future plans include: 1) business-

user-friendly user interface as a part of a larger focus on ease of use and lowering total cost of

ownership; 2) expanding the vendor ecosystem of system integrators and consultants; and 3)

expanding embedded decision support analytics focused on identity relationships and behavior.

› Courion is re-emerging in IMG with a new team, investors, and strategy. Courion has

changed dramatically in past 12 months: In addition to its management and investor changes, the

company completed three acquisitions. Courion has a strong legacy in password management





May 17, 2016



11


and strong penetration in North American healthcare. Customers have experienced support and

service disruptions recently, but they were optimistic about the company’s strategy and road map.

The vendor’s future plans include: 1) continued enhancements in workflow and business user

experience; 2) enhanced identity analytics; and 3) mobile-based two-factor authentication.

› Oracle has a large IMG installed base and broad application support. Like other IAM suite

vendors, Oracle built its IMG stack through acquisition but has strong platform support and

directory integration. Oracle has a broad global partner ecosystem for IMG. Customers report

issues with scalability and longer-than-estimated deployment times. The vendor’s future plans

include: 1) enhanced business user interface; 2) hybrid identity cloud service; and 3) continued

deployment and life cycle automation.

Contenders

› IBM’s IMG solution is a component of a broader security strategy. IBM has a large installed

base and vendor and partner ecosystem. IBM acquired Italian company CrossIdeas in 2014 to add

to its fledgling role management capabilities. IBM Security Identity Governance and Intelligence

(IGI) combines CrossIdeas and ISIM technology and provides business identity governance

capabilities, in addition to its role management and role mining. Customers report issues with

administrative complexity and product upgrades. The vendor’s future plans include: 1) persona-

based dashboards and reporting enhancements; 2) increased analytics capabilities; and 3) insider

threat analytics with integration to Guardium and QRadar.

› SAP provides powerful capabilities for managing identities within SAP. SAP provides

comprehensive role management capabilities for managing SAP segregation of duty (SoD)

violations and a strong non-North-American customer and revenue base. Customers reported

mixed results with customer support and lengthy implementation times. The solution is much more

complex than other solutions evaluated in this Forrester Wave. The vendor’s future plans include: 1)

enhanced analytics and reporting; 2) creation of deployment packages to speed deployment; and

3) integration with mobile device management solutions.





May 17, 2016



12


Supplemental Material

Online Resource

The online version of Figure 4 is an Excel-based vendor comparison tool that provides detailed product

evaluations and customizable rankings.

Data Sources Used In This Forrester Wave

Forrester used a combination of three data sources to assess the strengths and weaknesses of each

solution. We evaluated the vendors participating in this Forrester Wave, in part, using materials that

they provided to us by January 26, 2016:

› Vendor surveys. Forrester surveyed vendors on their capabilities as they relate to the evaluation

criteria. Once we analyzed the completed vendor surveys, we conducted vendor calls wherenecessary to gather details of vendor qualifications.

› Product demos. We asked vendors to conduct demonstrations of their products’ functionality. We

used findings from these product demos to validate details of each vendor’s product capabilities.

› Customer reference calls. To validate product and vendor qualifications, Forrester also conducted

reference calls with three of each vendor’s current customers.

Engage With An AnalystGain greater confidence in your decisions by working with Forrester thought leaders to apply our

research to your specific business and technology initiatives.

Analyst Inquiry

Ask a question related to our research; a

Forrester analyst will help you put it into

practice and take the next step. Schedule

a 30-minute phone session with the analyst

or opt for a response via email.

Learn more about inquiry, including tips for

getting the most out of your discussion.

Analyst Advisory

Put research into practice with in-depth

analysis of your specific business and

technology challenges. Engagements

include custom advisory calls, strategy

days, workshops, speeches, and webinars.

Learn about interactive advisory sessions

and how we can support your initiatives.

http://forr.com/1einFan

http://www.forrester.com/Analyst-Advisory/-/E-MPL172

http://www.forrester.com/Analyst-Advisory/-/E-MPL172

http://forr.com/1einFan





May 17, 2016



13


The Forrester Wave Methodology

We conduct primary research to develop a list of vendors that meet our criteria to be evaluated in this

market. From that initial pool of vendors, we then narrow our final list. We choose these vendors basedon: 1) product fit; 2) customer success; and 3) Forrester client demand. We eliminate vendors that have

limited customer references and products that don’t fit the scope of our evaluation.

After examining past research, user need assessments, and vendor and expert interviews, we develop

the initial evaluation criteria. To evaluate the vendors and their products against our set of criteria,

we gather details of product qualifications through a combination of lab evaluations, questionnaires,

demos, and/or discussions with client references. We send evaluations to the vendors for their review,

and we adjust the evaluations to provide the most accurate view of vendor offerings and strategies.

We set default weightings to reflect our analysis of the needs of large user companies — and/or

other scenarios as outlined in the Forrester Wave evaluation — and then score the vendors basedon a clearly defined scale. We intend these default weightings to serve only as a starting point and

encourage readers to adapt the weightings to fit their individual needs through the Excel-based tool.

The final scores generate the graphical depiction of the market based on current offering, strategy, and

market presence. Forrester intends to update vendor evaluations regularly as product capabilities and

vendor strategies evolve. For more information on the methodology that every Forrester Wave follows,

go to https://www.forrester.com/marketing/policies/forrester-wave-methodology.html.

Integrity Policy

We conduct all our research, including Forrester Wave evaluations, in accordance with our Integrity

Policy. For more information, go to https://www.forrester.com/marketing/policies/integrity-policy.html.

Endnotes1 The responsibility and the budget for identity and access management (IAM) often reside with a number of different

business and technology management teams. Historically, the easy business justification for IAM investment came from

its impact on administrative operational efficiency — for example, help desk agents spend less time resetting passwords,

and automated access recertification campaigns save managers and application owners time. To learn more, see the

“Brief: Reframe The Business Case For Identity And Access Management In Security Terms” Forrester report.

According to the Verizon 2016 Data Breach Investigations Report, 63% of confirmed data breaches in 2015 involved

weak, default, or stolen passwords. There were 10,489 total incidents classified as insider and privilege misuse,

which Verizon defines as any unapproved or malicious use of organizational resources. Source: “2016 Data BreachInvestigations Report,” Verizon (http://www.verizonenterprise.com/verizon-insights-lab/dbir/).

2 Psychological and neurological research offer critical insights into where high performance and creativity come from,

how they make an impact on customer experience and profit, and how organizations are destroying performance

without knowing it. For more information, see the “Workforce Enablement Defined: Elevate Productivity And

Engagement” Forrester report.











May 17, 2016



14


Employees that drive your digital business require access to an increasingly wide range of apps to maximize their

productivity. When employees have to wait days to gain access to selected apps, productivity and employee satisfaction

suffers. To learn more, see the “Use Identity Management To Streamline Employee Onboarding” Forrester report.

3 In Forrester’s 17-criteria evaluation of B2E cloud identity and access management (IAM) vendors, we identified thenine most significant SaaS providers in the category — Bitium, Centrify, IBM, Microsoft, Okta, OneLogin, Ping Identity,

SailPoint, and Salesforce — and researched, analyzed, and scored them. For more information, see the “The Forrester

Wave™: B2E Cloud IAM, Q2 2015” Forrester report.









We work with business and technology leaders to develop

customer-obsessed strategies that drive growth.

PRODUCTS AND SERVICES

› Core research and tools

› Data and analytics

› Peer collaboration

› Analyst engagement

› Consulting

› Events

Forrester Research (Nasdaq: FORR) is one of the most influential research and advisory firms in the world. We work with

business and technology leaders to develop customer-obsessed strategies that drive growth. Through proprietary

research, data, custom consulting, exclusive executive peer groups, and events, the Forrester experience is about a

singular and powerful purpose: to challenge the thinking of our clients to help them lead change in their organizations.

For more information, visit forrester.com.

CLIENT SUPPORT

For information on hard-copy or electronic reprints, please contact Client Support at

+1 866-367-7378, +1 617-613-5730, or [email protected]. We offer quantity

discounts and special pricing for academic and nonprofit institutions.

Forrester’s research and insights are tailored to your role andcritical business initiatives.

ROLES WE SERVE

Marketing & StrategyProfessionals

CMO

B2B Marketing

B2C Marketing

Customer Experience

Customer Insights

eBusiness & ChannelStrategy

Technology ManagementProfessionals

CIO

Application Development& Delivery

Enterprise Architecture

Infrastructure & Operations

› Security & Risk

Sourcing & VendorManagement

Technology IndustryProfessionals

Analyst Relations

116325