As business units bypass IT and adopt clouds on their own, identity management becomes more complex and more critical, prompting recent product announcements that hone in on providing greater visibility and control.
SailPoint Technologies on Monday announced SailPoint AccessIQ, which integrates cloud access management with identity governance and automated provisioning. AccessIQ provides cloud-based single sign-on and self-service access to help companies manage corporate compliance and risk in a hybrid environment. And cloud identity provider Symplified recently announced a partnership with systems integrator Qubera Solutions, in which it will design identity and access management services for premises-based, cloud and mobile applications.
Personal clouds are a growing trend, says Ian Glazer, research VP, Identity and Privacy, at Gartner. In addition to SailPoint and Symplified, the identity management market has more than 150 vendors, Glazer said, including Oracle, IBM, CA, Courion and Aveksa.
"Knowledge workers use their own tools that they feel are best-suited for the ways in which they work--corporate IT may or may not be aware of those apps," he says. "When intellectual property, customer data and other sensitive information start flows to those apps, then IT needs awareness, at the least, and control at the most."
A recent Gartner survey found that 35% of all application spend will originate outside IT by 2015, and that 50% of companies will have mission-critical data in the cloud by 2016.
Identity management products address the question of "who has access to what," says Glazer, adding that that it's "the most fundamental question within information risk and protection. Knowing who is using which applications and the privileges that people have within those applications is crucial. Being able to govern that level of privilege is mandatory."
Compliance and security fall on software-as-a-service providers, but managing user access falls to the enterprise, says Jackie Gilbert, VP and general manager of SailPoint's Cloud Business Unit.
"What makes this complex is each business unit has to manage its own population ... when it comes time to setting up who has access to [the application] and who can do what, [the business units] can't do it themselves and can't rely on Salesforce.com. That's an area where issues arise," especially if an employee leaves the company and is not officially removed, she says.
Identity management is a way for IT to apply enterprise governance, while still empowering business users with the convenience they want with single sign-on to use the services IT provides, says Gilbert. AccessIQ offers "guard rails" to keep IT involved so companies aren't exposed to security and compliance risks, she explains.
SailPoint will be available in the third quarter, and pricing will be based on a per-user, per-month subscription, says Gilbert.