Identity Management Solutions
These products won a Top Rated award for having excellent customer satisfaction ratings. The list is based purely on reviews; there is no paid placement, and analyst opinions do not influence the rankings. Read more about the Top Rated criteria.
Identity Management Solutions TrustMap
TrustMaps are two-dimensional charts that compare products based on trScore and research frequency by prospective buyers. Products must have 10 or more ratings to appear on this TrustMap.
Okta is an enterprise grade identity management service, built in the cloud. IT can manage access across any application, person or device. Whether the people are employees, partners or customers or whether the applications are in the cloud, on premises or on a mobile device, Okta…
WatchGuard AuthPoint is a multi-factor authentication (MFA) service that helps companies keep their assets, information, and user identities secure. Multi-factor authentication solutions can enable organizations to close security gaps that leave companies vulnerable to breaches by…
LastPass, a GoTo (formerly LogMeIn) company, is a password management application to simplify access to enterprise applications for users but also increase centrality and ease of management of access for administrators with task automation, convenient and secure password sharing,…
Microsoft Azure Active Directory (Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and…
Cyberark Workforce Identity (formerly Idaptive Next-Gen Access Services, acquired by CyberArk in 2020) secures enterprise identities against cyberthreats that target today’s hybrid IT environment of cloud, mobile and on-premises. Cyberark Workforce Identity helps protect against…
The SAP Customer Data Cloud, based on Gigya (acquired by SAP in 2017) is a product suite that allows users to identify consumers, business customers, or partners across devices and channels to drive registrations and engagement; manage access, permission, and consent; and transform…
OneLogin is the eponymous identity and access management (IAM) product from the company in San Francisco featuring single sign-on (SSO), multi-factor authentication, provisioning, cloud directory, and more.
SecurID, a company and solution suite from RSA, is an identity and access management suite supporting access management, authentication, and identity governance.
Keeper secures passwords, documents and sensitive digital assets, and boasts millions of users. With Keeper, businesses can auto-generate high-strength passwords, protect sensitive files in an encrypted digital vault, securely share records with teams and integrate with SSO, LDAP…
IBM Cloud App ID helps developers who are not security experts to easily add authentication to their apps, and protect their APIs and app back-ends running on IBM Cloud. Developers can add a variety of login-in types: Email or username and passwordEnterpriseSocial App ID includes…
IBM Security Verify, formerly known as IBM Cloud Identity, is an identity-as-a-service (IDaaS) offering that aggregates dynamic user, device and environmental context to automate risk protection and continuously authenticate any user to any resource.
SolarWinds Access Rights Manager (ARM) is designed to assist IT and security admins to quickly and easily provision, deprovision, manage and audit user access rights to systems, data, and files. By analyzing user authorizations and access permission you get visualization of who has…
The SailPoint Identity Platform (IdentityIQ) provides enterprise-level cloud-based or installed identity and access management (IAM) software featuring single sign-on (SSO), password management, provisioning, role management, and identity intelligence for audit purposes.
Varonis offers their Data Security Platform, a modular suite of data acess and data security products providing sensitive data discovery, data access governance, unusual behavior detection, GDPR compliance support, as well as incident playbooks and cybersecurity forensic reporting.…
Secret Server (originally from Thycotic, now from Delinea since the 2021 Thycotic merger with Centrify) is an enterprise password management application, which is available with either a cloud-based or on-premise deployment which emphasizes fast deployment, scalability, and simplicity.…
The PingOne Cloud Platform from Ping Identity in Denver, Colorado is an identity management and access solution (IAM) for enterprises. Features of the products include single sign-on, multi-factor authentication, user management with directory, provisioning and deprovisioning. The…
Passly from ID Agent, a Kaseya company and the service that replaces the former AuthAnvil, is an identity and access management (IAM) platform providing two-factor authentication, single sign-on (SSO) and password management.
The vendor aims to deliver seamless workforce access while maintaining security. Avatier Identity Anywhere is a passwordless IGA solution that includes: user self service and HR driven lifecycle management universal workflow experience with push notificationservice catalog with…
ID.me is a digital identity network that aims to simplify the user's indication verification experience.
ManageEngine ADManager Plus simplifies enterprise-wide Windows Active Directory management and reporting.
Forefront Identity Manager is a Microsoft's legacy identity management solution. In 2016 Microsoft released Microsoft Identity Manager, an updated IAM solution. Support for Forefront Identity Manager ended October 2017.
What are Identity Management Solutions?
Identity and access management software manages information about the identity of software users and controls access to corporate resources. The overall goal of identity and access management software is to improve security and employee productivity. Identity management solutions should also lower costs while managing user identities and credentials.
Identity Management Solutions Features & Capabilities
- Access (authorization or restriction of access to certain information to certain persons across locations and systems)
- Single sign-on (SSO, describes the ability to login to the system once and only once, gaining access to all systems without the need for logging in again via help from a server)
- Multi-factor authentication (using multiple, independent components to gain access, a simple step to increase security)
- Password management and self-help for password users
- Identity federation, related to SSO, access spanning system boundaries (e.g. cloud access)
- Directory / User Repository Management for tracking of users with access
- Security Analytics for auditing and compliance
Challenges from Distributed Identity-Based Systems
The modern IT environment is highly complex with large numbers of users accessing a tangle of on-premise and cloud applications. This makes identity and access management especially difficult. Each application essentially has its own proprietary identity store. Consequently, there is no directory federation, which burdens users with having to remember multiple logins. It burdens IT administrators with having to manage multiple different tools, procedures, and policies to manage user identities.
The latest solution to managing distributed identity-based systems is Identity-as-a-Service (IDaaS). IDaaS is a cloud-based service offered by identity management vendors that outsources identity management to the vendor, especially in regards to access management for SaaS applications. In most cases, employees and other end users utilize Single Sign-On to access all of their business systems and applications. The vendor handles all of the identity management and authorization protocols on behalf of the business, saving the organization maintenance and overhead costs in the process.
Identity Centralization and Privileged Access Management
Identity management solutions make it much easier to manage provisioning while ensuring compliance. In other words, providing and revoking access to applications in accordance with policies. Identity and access management software also supplies self-service capabilities for end-users, so that they can get the application access they need with no delays. They can also be automatically de-provisioned on the day they leave.
Identity management solutions also enable businesses to utilize more granular privileged access management (PAM). Privileged access management ties users’ identities to specific privileges within different systems and applications. PAM capabilities limit the number of unnecessary access privileges that users have, minimizing the risk that comes with such excess privileges. Identity management software with PAM features, or standalone PAM products, also streamline privilege management for IT administrators, improving efficiency and security simultaneously.
Identity Management Solution Comparisons
There are some common factors to consider when comparing identity management solutions:
- Identity management suite vs. password management solution: Many identity management solutions started out as password management tools which then expanded into identity management. These products will likely excel at ease of use and integrations with popular 3rd party systems. In contrast, identity management suites with a legacy of identity management will likely be more robust for complex or large-scale identity management needs.
- User-focus vs. data security focus: same goals, but user-focus is more focused on making end-user’s identity management processes easier. In contrast, data security is more aligned with privileged access management, which prioritizes minimizing the attack surface of a business’s systems and data.
- SMB vs. Enterprise Users: Many identity management products skew towards either the SMB or the Enterprise markets. SMB-focused products will likely be easier to use with a greater focus on efficiency and self-service, while enterprise products will be more scalable and robust for IT administrators. Buyers can consider the distribution of reviews across SMB and enterprise reviews as a signpost of where a product may lie on this spectrum.
Identity Management software vendors usually price per month per user. Some vendors sell tiers of functionality with enterprise-level pricing which can be as much as $35 per user per month. Others provide unbundled pricing allowing customers to buy capabilities such as multi-factor authentication or API access management as individual capabilities for specific users.
The following identity management solutions offer award-winning customer relationships, feature sets, and value for price. Learn more about our Best Of Awards methodology here.