Monday, December 19, 2011

Gartner 2011 Magic Quadrant for IAG: Tight Competition in a Maturing Industry

Gartner has just released its first ever Magic Quadrant for Identity and Access Governance (IAG), and SailPoint appears to have emerged as a narrow victor. Unlike the Forrester Wave for IAG published earlier this year, which showed SailPoint and Aveksa leading the competition by a mile, Gartner has 4 of the 7 evaluated offerings in the top quadrant, with CA on the borderline.

Admittedly, I'm more familiar with SailPoint IdentityIQ and Oracle Identity Analytics than any of the other products featured here. Both are extremely mature, versatile offerings that are simple to deploy and provide a full range of access governance capabilities, including role analytics, detective/preventative policy enforcement and certification/remediation. From a pure governance perspective, there isn't much to choose between them.

SailPoint's acquisition of BMC's identity management offering and their incorporation of BMC's provisioning engine into IdentityIQ means that they are no longer a pure play IAG vendor, and can compete on equal terms in the IAM space with the likes of IBM, Oracle, CA and Microsoft. In recent months, SailPoint has also been adding provisioning capabilities to their extensive range of native governance connectors, which ship with the product. Of course, OIA also offers provisioning capabilities, but only when integrated with OIM or another supported provisioning product.

As I've noted before, the maturation of identity management is driving a trend away from bottom-up identity administration tools, towards more holistic, governance-based solutions. Visionaries such as SailPoint have long anticipated this evolution and are ideally positioned to take advantage of it as organizations become more sophisticated in how they approach identity governance.

The decision by both Forrester and Gartner to begin publishing IAG market analytics in 2011 acknowledges the increasing maturity of IAG. The explosive growth being experienced by Aveksa and SailPoint offers further validation, if any were needed, of this trend.

The question is, what does this mean for identity management practitioners?

Well, as one might expect, there is good news and bad news. The bad news is that it is no longer sufficient to be a technical whizz who can develop advanced customizations, custom connectors and sophisticated workflows in their product of choice. As IAM/IAG offerings become easier to deploy, offer richer, more business-friendly functionality, and adopt a less I.T.-centric approach, I expect the demand for advanced technical customizations to diminish. The good news is that the increasing maturity of these offerings will allow identity management professionals to spend less time focusing on arcane technical integrations and more time devising robust, governance-centric solutions for customers.

I'm not saying that the market for identity administration tools will go away. Of course it won't; there will always be a demand for automated provisioning. But identity administration is becoming more commoditized, and over time I expect it to be increasingly viewed as just one component of a more holistic IAG framework. Just because the tools are becoming more sophisticated doesn't mean that the operational challenges that create a need for streamlined identity administration are going away.

The real implication is that IAM/IAG solutions are evolving from mere I.T. tools into corporate governance suites, which in turn suggests that the target audience for such offerings is increasingly likely to be a CTO, CISO or CIO than the Manager of Enterprise Applications. For identity management professionals, this means that the ability to articulate business value to a non-technical audience, deliver policy-driven solutions and demonstrate a sophisticated awareness of the regulatory landscape will become just as important as the ability to create a kick-ass workflow. Individuals with that balance of soft and hard skills are difficult to find, and will therefore remain in extremely high demand.

Which, in my opinion, is exactly how it should be.


  1. enjoyed reading it. I need to read more on this topic...I admiring time and effort you put in your blog.
    sailpoint training

  2. we are offering best sailpoint online training with job support and high quality training facilities and well expert faculty .
    to Register you free demo please visit
    sailpoint training in hyderabad

  3. I really appreciate information shared above. It’s of great help. If someone want to learn Online (Virtual) instructor lead live training in SAIL POINT, kindly contact us
    MaxMunus Offer World Class Virtual Instructor led training on SAIL POINT. We have industry expert trainer. We provide Training Material and Software Support. MaxMunus has successfully conducted 100000+ trainings in India, USA, UK, Australlia, Switzerland, Qatar, Saudi Arabia, Bangladesh, Bahrain and UAE etc.
    For Demo Contact us:
    Name : Arunkumar U
    Email :
    Skype id: training_maxmunus
    Contact No.-+91-9738507310
    Company Website –

  4. excellent piece of information, I had come to know about your website from my friend kishore, pune,i have read atleast 8 posts of yours by now, and let me tell you, your site gives the best and the most interesting information. This is just the kind of information that i had been looking for, i'm already your rss reader now and i would regularly watch out for the new posts, once again hats off to you! Thanx a lot once again, Regards, , Sailpoint Online Training