KuppingerCole Report
Executive View
By Richard Hill

Kapstone Autonomous IGA

Due to the quickly changing landscape of IT environments, including hybrid IT infrastructure, the complexity of compliance requirements, siloed identity management, and the need to shorten application onboarding time, IGA solutions adapt through identity and access intelligence, automation, and flexibility. Kapstone addresses these challenges with its Autonomous IGA solution.

1 Introduction

Identity Governance and Administration (IGA) often refers to the integrated Identity Lifecycle Management and Access Governance markets. Where Identity Lifecycle Management focuses on tasks related to administering access fulfillment and entitlements throughout an identity lifecycle, Access Governance provides the necessary tools for businesses to manage workflows and access entitlements, run reports, access certification campaigns, and SOD checks. IGA products also support the consolidation of identity information across multiple repositories and systems of record such as HR and ERP systems in an organization’s IT environment. The identity information, including user accounts, associated access entitlements, and other identity attributes, are collected from across the connected target systems for correlation and management of individual identities, user groups, and roles through a centralized administration console.

Access intelligence is the analytics layer over Identity Lifecycle Management and Access Governance that offers business-related insights to support effective decision making and enhance governance. Both Identity Lifecycle Management and Access Governance intelligence are becoming a sought-after capability for organizations requiring better visibility of identity administration and access entitlements across its IT infrastructure. Governance should move beyond simple reporting and dashboarding to offer more advanced capabilities that include machine learning techniques enabling pattern recognition to deliver valuable intelligence for process optimization, role design, automated reviews, and anomaly detection. The use of identity and access intelligence is one of the key differentiators between IGA vendors in the market today.

Automation of everyday IGA tasks has always been a priority for organizations to reduce the inaccuracy and administrative inefficiency encountered by manual completion of IGA tasks, making IGA operations leaner and achieve lower TCO. Most IGA tools provide support for automated provisioning and fulfillment, starting the basic automation of IGA requirements. Some organizations have more advanced requirements for automation, such as automated access reviews and event-driven access certifications. While some vendors have started to support these capabilities, IAM leaders should ensure the right mix of manual and automated IGA processes to ensure the effectiveness of processes is continuously monitored against defined key performance indicators (KPIs).

Depending on the size of an organization, the number of IT applications, systems, and other endpoints can range from a few to hundreds of target resources to onboard and provision. IGA tools should also be capable of handling legacy and modern target systems across many IT environments, such as on-premises, the cloud, multi-cloud, or even within a Docker container running in Kubernetes somewhere. The challenge is for the IGA solution to remain flexible and scalable enough to provide the IGA capabilities based on the customer's needs, whether the organization is big or small, or the IT environment is complex or straightforward.

To address enterprise these types of IGA requirements and challenges, Kapstone provides an Autonomous IGA solution that is modular, intelligent, and autonomous to make IGA simple and easy to use. Kapstone, founded in 2014 with offices in the US, Canada, and India, comes with over 25 years of IAM experience. Its technology partner ecosystem includes some leaders in the industry and continues to grow. Key customers of Kapstone are in the Insurance, Government, Energy, Finance, and Transportation industries.

2 Product Description

Back in 2016, Kapstone released its Access Review product with Day Zero Application Onboarding and Attestation and introduced Kapstone's Provisioning ...

Kapstone’s Provisioning Gateway module facilitates rapid application onboarding by connecting to the different applications using the SCIM standard ...

IGA Governance Visibility

Kapstone Autonomous IGA provides a modern and user-friendly UI that is easy to visualize the state of governance under its ...

Login Get full Access

3 Strengths and Challenges

Kapstone IGA has three guiding principles - be autonomous wherever possible, use intelligence to enhance governance, and add flexibility through a mod ...

Login Get full Access


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.