KuppingerCole Report
Executive View
By Paul Fisher

Saviynt Cloud PAM

Saviynt Cloud PAM is a privileged access management solution engineered to work primarily as a service and sits as part of the Saviynt Enterprise Identity Cloud platform. It is a modern and competitive PAM package that performs most of the essential components of a PAM solution with a zero-footprint deployment model. It should be of interest to a wide number of organizations.
By Paul Fisher

1 Introduction

PAM platforms are critical access and security controls that address the risks associated with the use of privileged access in organizations and companies. It is recognized that most successful cyber-attacks involve the misuse of privileged accounts. And misuse is enabled by poor management of privileged access using old or inadequate PAM software (or even none!), out of date policies and rusty security processes. The recent rise in ransomware has given organizations another reason to consider PAM as many of these attacks target privileged accounts as a gateway into wider enterprise networks.

The dangerous activities that PAM must control include abuse of shared credentials, misuse of elevated privileges by unauthorized users, theft of privileged credentials by cyber-criminals and abuse of privileges on third-party systems.

While PAM platforms have been around for around 20 years, the demands of digital transformation and wholesale structural changes to IT architecture have intensified interest in Privileged Access Management software and applications -- across all market sectors. While many assets remain on-premises or in private data centres, many organizations are also using the cloud for infrastructure, storage and SaaS applications. PAM must keep up with these developments.

KuppingerCole research shows that the PAM market is responding and growing because of these challenges and is in a vigorous period of growth and innovation. Part of this is flexibility in purchasing options with growth in subscription models and SaaS options, although licensing and maintenance deals still dominate the sector. KuppingerCole believes that as PAM moves to a dynamic operating model to deal with dynamic IT architectures, SaaS and flexible purchasing options will become more popular with customers not wishing to be tied into technology that does not evolve fast enough for their changing demands.

A typical IT estate will include applications, on-premises architecture, data centres, Microservices, orchestration platforms and multi-cloud infrastructures. Somehow, organizations need to manage PAM all through this new digital landscape. KuppingerCole considers there will be demand among organizations of all sizes to outsource some or all of the deployment and operation of PAM to Managed Service Providers (MSP). In addition, more PAM vendors will offer full PAMaaS run from the cloud on behalf of their clients - this will require new commitments of trust between client and provider, not least in protecting data privacy and honouring Service Level Agreements (SLA).

Legacy PAM solutions scan IT environments at regular intervals, but progressively these intervals can't keep pace with the rate at which, for example, cloud resources and microservices auto-scale, leaving them periodically at risk. Managing the security of PAM consistently and uniformly applying governance is now much more complicated.

All of which means that many businesses will be less inclined to manage PAM themselves and drawn to the ease of use, deployment and auto updates that PAMaaS offers. This trend will not be restricted to smaller businesses, or those without large in-house technical teams -- although this is an obvious target market - but also to larger corporations that possess hugely complex IT estates where PAM plays a critical role in protecting specific high-value operations.

While many public clouds come with some form of PAM application and security commitments in SLAs, these differ across proprietary Cloud Service Providers (CSP) making it hard to maintain consistent security access management in multi-cloud, multi-provider environments. What is desirable is a dedicated PAM solution that handles all modes of identity across multiple clouds and hybrid IT infrastructures. The good news is that organizations have never had more choice in PAM tools and deployment options to match their IT environments, processes, and supply chains. In this Executive View we consider the PAMaaS option vended to the market by Saviynt.

2 Product Description

Saviynt is a US based company founded in 2009 that specializes in Identity and Access Governance. It has taken its learnings in Identity Management to ...

Saviynt Cloud PAM is a lean code platform that results in zero on-premises footprint which should accelerate deployment and automate maintenance and u ...

Login Get full Access

3 Strengths and Challenges

Building on their experience gained in IAM and IGA solutions, Saviynt has produced a competitive PAM package that benefits fully from its cloud native ...

Login Get full Access


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.