KuppingerCole Report
Executive View
By Richard Hill

Simeio Identity Orchestrator

Simeio Identity Orchestrator (IO) is a solution that helps integrate and orchestrate other IAM solutions while also adding a series of own capabilities. Simeio IO allows customers to connect and direct their existing IAM infrastructure in a modern and more efficient way. Using Simeio IO, customers can converge existing IAM siloed solutions that Simeio can then operate as an MSP or IDaaS. Simeio IO offers improved application onboarding, IAM analytics, with a unified single pane of glass and mobile application.

1 Introduction

IAM (Identity & Access Management) today is at the core of enterprise IT infrastructures when it comes to protecting digital corporate assets. IAM, as the name states, is about managing identities and their access. This involves managing user accounts and their entitlements across various systems and applications in use throughout organizations.

Over the past several years, organizations have been facing multiple changes affecting their security posture. The perimeter that separated the internal network from the outer world does not have the same relevance before, with mobile users accessing internal systems, integrating business partners and customers into business processes, and shifting to cloud applications. On the other hand, the value and relevance of digital corporate assets and intellectual properties have increased. With the shift to connected things and smart manufacturing, digital assets are becoming "crown jewels" even for more traditional businesses such as mechanical engineering.

Protecting digital assets, the systems, and applications in an IT environment of growing complexity and a hybrid nature while facing ever-increasing attacks forces organizations to take action. Protecting against internal and external attackers requires a well-thought-out understanding of risks and countermeasures.

IAM is a core component in every security architecture. IAM "done right" ensures that identities, credentials and authenticators, and access entitlements are well-managed. IAM thus reduces the attack surface by helping organizations move towards the "least privilege" principle. IAM provides the tools to automate processes around managing users and access entitlements and regularly reviewing these and identifying, e.g., excessive entitlements.

On the other hand, IAM also plays a vital role in business enablement when it comes to the needs of employees, contractors, business partners, and customers to access specific applications, systems, and data. IAM is the tool for implementing the workflows and automated processes for onboarding users and granting them access. Again, if done right, IAM can help organizations by optimizing the onboarding and change processes, ensuring that entitlements are revoked and that accounts are deleted or deactivated once they are no longer required.

Under the umbrella of IAM, we can differentiate between the "core IAM" or -- as it is called frequently today -- IGA (Identity Governance and Administration), and the broader definition of IAM, which includes additional capabilities such as Privileged Access Management, Web Access Management, Identity Federation, and more. IGA, in fact, is an umbrella term for two of the core elements of IAM, which are Identity Provisioning and Access Governance. Identity Provisioning supports automating processes for creating and managing user accounts and their high-level entitlements across various systems and applications in use. At the same time, Access Governance adds the governance layer for analyzing entitlements, regular reviews, recertification, and efficient access request workflows. However, other capabilities such as Access Management are of equal relevance.

Over the past few years, we have seen a shift from traditional IAM deployments that run on-premises towards IDaaS. IDaaS is one of the fastest-growing market segments of IAM characterized by the cloud-based delivery of traditional IAM services. The market, primarily driven by web-centric use-cases in its early days, now offers full-fledged IAM capabilities irrespective of application delivery models. The IDaaS market has registered significant growth over the last few years, primarily driven by the need of organizations to achieve better time-to-value metrics over on-premises IAM deployments. IDaaS solutions offer cloud-ready integrations to extend an organization's IAM controls to meet the security requirements of their growing SaaS portfolio.

The IDaaS market has evolved over the past few years and is still growing, both in size and number of vendors. However, under the umbrella term IDaaS, we find a variety of offerings. IDaaS, in general, provides Identity & Access Management and Access Governance capabilities as services, ranging from Single Sign-On to full Identity Provisioning and Access Governance for both on-premise and cloud solutions. These solutions can also vary in their support for different users, such as employees, business partners, and customers; their support for mobile users; and their integration capabilities back to on-premise environments.

In this executive view, we discuss how Simeio's Identity Orchestrator can help create a unified IAM infrastructure by connecting and directing other IAM solutions across all areas, from Identity Lifecycle Management (ILM) to Access Management and Privileged Access Management (PAM), with a range of capabilities provided as part of the Simeio solution itself.

2 Product Description

Simeio is a US-based vendor in the IAM market, delivering their Simeio Identity Orchestrator as a solution that supports customers in orchestrating IA ...

Figure 1: The architecture of Simeio Identity Orchestrator (Source: Simeio)

Product Architecture

From a product architecture perspective, Simeio IO comes with integrations for both existing IAM solutions and applications, ba ...

Login Get full Access

3 Strengths and Challenges

Simeio IO follows a well-thought-out approach for adding a centralized layer on top of existing IAM solutions. This enables orchestration amongst mult ...

Login Get full Access

Copyright

©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.

top