KuppingerCole Report
By Martin Kuppinger

Making IAM agile and working to the business

IAM is changing. It is no longer about workforce IAM anymore, but about managing all types of digital identities, across a wide variety of use cases. Digital identities are at the core of digital business. Thus, modern IAM must be agile to cater to the ever-changing demand of the business, and serve every type of identities from consumers to devices, things, and services. This requires rethinking traditional approaches, having a holistic approach for IAM, a strong IAM organization, and modern customization and deployment approaches such as GitOps.

Commissioned by iC Consult

1 Executive Summary

The role of IAM has changed fundamentally over the past decade. IAM today is way more than an administrative tool and a solution for enforcing Access Governance. Digital identities are at the core of the digital business. Consumers, customers, the devices and things they are using, business partners, but also services: The IAM focus of today goes well beyond employees and even beyond humans.A lack of ability in managing digital identities and their access, i.e., a lack in having a modern IAM in place, will hinder the digital business. Modern IAM and the ability to handle digital identities is essential for success not only in the initial Digital Transformation, but for continuous improvement of the Digital Business.

IAM thus must become agile and cover way more capabilities than ever before. And it must be ready when the business demand arises, not becoming a hindrance in the evolution of the Digital Business. This requires different, innovative approaches to IAM, including the way IAM is adapted to new demands. On the other hand, being an essential foundation for Digital Business, IAM must be reliable and stable. This involves approaches for adaptation and extension of IAM for delivering new capabilities to the demand.

Modern as-a-service deployment models and the growing number and maturity of standards help in reducing complexity and increasing agility. However, there is more required: A plan, an architecture, and an efficient approach for delivering new capabilities, integrations, and custom capabilities. IAM agility is based on the ability to serve new requirements fast and efficient within a defined framework. IAM agility is based on six pillars:

  • Organization

  • Model

  • Plan

  • TOM (Target Operating Model)

  • Extension & Customization

  • Integration

The areas of TOM and the ability of flexible extension and customization converge into the rather new concept of GitOps. Git emerged as a term for a software for distributed version control, which emerged into code management platforms. DevOps, as an established concept, combines development and operations by delivering software to operations in a continuous process. GitOps extends this concept by utilizing the concept of infrastructure as code (IaC), where the configuration of infrastructures is done as part of the code. Thus, within such model, not only customizations are provided, but as part of the GitOps approach, the configuration of the runtime environment is also managed in code. GitOps is an essential model for efficient operations of an agile IAM that is able to quickly serve new business demands. Service Layers is one of the still very few solutions, aside of pure IDaaS solutions, that consequently implement the GitOps paradigm for efficient IAM delivery and operations.

2 Highlights

  • The need for a modern IAM: IAM becoming a business enabler, beyond just being an administration, security and governance tool

  • The need for s ...

Login Get full Access

3 Changing business demand: IAM becoming a business enabler

IAM is a business enabler. Digital identities are at the core of every digital service, and digital business relies on digital identities. Thus, the ...

With the need for organizations to be way more agile than in ancient times, for continuous innovation, highly volatile partnerships, and direct intera ...

Login Get full Access

4 The challenge: Delivering new services now, without IAM sprawling

With the need for delivering a way broader set of IAM capabilities than ever before, and the need to cater to new business demands to IAM in an agil ...

Login Get full Access

5 The solution: Modern architectures, legacy IAM integration, services

Modern architectures, target operating models, and deployment models are the foundation for a successful IAM delivery. However, this requires an ade ...

Defining such a model is an essential task for being able to deliver to the business demand on time. Such model allows for adding new capabilities, an ...

Login Get full Access

6 Service Layers: Delivering modern IAM as a service, built for GitOps

Service Layers delivers a modern IAM framework, utilizing existing IAM solutions, that build on the GitOps paradigm and thus overcomes the challenge ...

The target of this approach, based on the GitOps paradigm, is to deliver self-managed software components as part of both the standard deployment of S ...

Login Get full Access

7 Recommendations: 8 areas to cover for a truly agile IAM

Making IAM agile and ready to serve the demand of today's digital businesses requires to think beyond the traditional approach on IAM, in both scope ...

Login Get full Access


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.