Comparing Cloud Identity and Access Management (IAM) Solutions

The State of the IAM Market

With the huge shift to the cloud happening and the corresponding plethora of SaaS apps now invading enterprises, it is not surprising that the need for identity and access management solutions built for the cloud is rising in importance in the minds of IT buyers. This is because each newly deployed cloud-based app can become an island of identity unto itself. This in turn causes the problems of end users drowning in too many passwords (which also increases the odds of one being stolen), the inability for IT to quickly provision and de-provision users from the myriad of cloud apps (assuming IT even knows what SaaS apps are deployed), and heightens the need to layer on multi-factor authentication to further protect users if their passwords get compromised.

These growing problems are causing the market for cloud-based identity and access management (aka “Cloud IAM” aka “Identity and Access Management-as-a-Service” aka “IDaaS”) to be one of the fastest growing markets within all of security. In the recently published Gartner Magic Quadrant for IDaaS, it states that “the market size for multifunction IDaaS at year-end 2015 was just over $600 million … We estimate that 2016 revenue will be approximately $1 billion.” That means, per Gartner, that in the same 2015-2016 timeframe, IDaaS is growing 66% year over year.

Comparing Vendors: Centrify Takes a Platform Approach

I know a good bit about the IDaaS market as recently Centrify was named a leader by Gartner in the IDaaS Magic Quadrant (“MQ”). This is the third year in a row we have been included in the Gartner IDaaS MQ*, and we believe placement in the Leader’s quadrant validates our unique ability to secure access to apps and infrastructure from any device for all users.


After customers and partners hear about the MQ and our leadership position in it, I am then often asked, “So how do you stack up against competitors such as Okta, Microsoft Azure AD, etc. in this market?” I want to use the remainder of this blog post to give some of my thoughts on that question.

The first thing I want to point out is that we are not a “one-trick-pony” like other solutions because we actually do much more than SSO, MFA and provisioning for SaaS apps. That’s table stakes.

We in fact go beyond IDaaS, which really just addresses the needs of end users, by also addressing the identity needs for IT users and privileged accounts; which, to be blunt, are the proverbial keys-to-the-kingdom from an identity perspective. In other words, one must not ignore that the misuse of privileged credentials is involved in 80% of data breaches.

So we provide a much more holistic and far-reaching solution to address an enterprise’s identity problems. Centrify’s solution is built on a single platform, thus delivering better ROI than deploying a plethora of unintegrated point solutions from a variety of vendors. And, much like we are leader in IDaaS, we are also the only vendor who is a leader in Privileged Identity Management.


Next, I further point out that Centrify is also more than just cloud — we also support on-premises environments from both an application and infrastructure perspective. The other major IDaaS vendors are frankly just SaaS only, and the reality is that enterprises’ end users need to access apps in a hybrid environment of cloud and on-premises. So, these point solutions really can’t holistically address from a SSO, MFA, etc. perspective all the apps that users need access to. In effect, they give partial coverage from an app perspective, and they certainly don’t address the needs for securing access to operating systems — be it for end users’ Macs that require smart card support, users’ Windows laptops that need MFA or for the Windows and Linux servers that IT staff need to access.

Identity and Access Management Market Comparison Support

Customers and partners immediately understand and appreciate those differences. And, the points above are not debatable in terms of Centrify providing these types of capabilities and others not providing them. But, sometimes as a follow up questions I am asked, “Well what about the narrow use case of employee SSO to SaaS apps? How do you stack up?”

I then say, “I can certainly answer that question and wax poetic, but don’t trust me, let’s look at what the neutral parties have to say in this matter.”

Fortunately there are respected independent analysts and reviewers who are comparing solutions in this area. In fact just very recently Gartner published its 2016 Critical Capabilities for Identity and Access Management, Worldwide. In this report, Gartner evaluated critical capabilities of 18 identity and access management as a service vendors and three common use cases using 11 critical capabilities including:

  • SaaS Application Integration
  • Profile and Password Management
  • Authentication
  • Mobility Management

The key take away from our perspective is that Centrify received the highest service score in the “Workforce to SaaS” use case (Gartner defines the “Workforce to SaaS” use case as “…primarily driven by the need to extend basic IAM functions and serve employees accessing SaaS applications.”).   Here’s how the vendors scored in this use case:

Centrify vs Okta, Okta Alternatives, Centrify vs OneLogin, Centrify vs identity and access management solutions vendors, best iam solutions, cloud iam solutions

We’re very proud of this scoring, as it’s based solely on actual demonstration of product capabilities — all of which were built based on real customer need.

Another great third party comprehensive review of solutions in the Cloud IAM space was Network World’s review of SSO solutions. In addition to Centrify, the review evaluated seven other vendors including Okta and Microsoft, so it was a very comprehensive look at the market. In this review it also turns out that Centrify came out on top again, beating Okta and others, with Microsoft actually scoring last of all vendors reviewed.

So, in two major independent reviews of products in this category and use case, Centrify received the highest service score. But, of course most enterprises want and need to address additional identity use cases, including support for IT users and privileged accounts, as well as support for hybrid environments of both infrastructure and apps. As a result, I think Centrify is well positioned to address your cloud IAM needs and beyond.

Read more with these complimentary copies of: 

2016 Gartner Identity and Access Management as a Service Magic Quadrant, Worldwide

The Forrester Wave™: Privileged Identity Management, Q3 2016

Critical Capabilities for Identity and Access Management as a Service report

Network World Review

*Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.