For all of us consuming technology, we know that SaaS (Software as a Service) application are here to stay. Be it the New York Times on your iPad with your morning coffee or your stock trading account to watching movies on Netflix. All these are now associated with SaaS based apps that are now consumed from multiple devices. Thus creating a “saas full of applications” to manage and maintain.
For a typical enterprise, it is now getting very common to use a plethora of these SaaS apps for Customer Relationship Management (SalesForce.com), Human Capital Management and Human Resource Information System (Workday),Expense accounting (Concur), Web based presentation(WebEx) and many others.
Most of these application walked into the enterprise, sponsored by a business user as an easy way of streamlining processes and getting work done without getting corporate IT involved. However at some point internal IT was commissioned to take over management of user accounts and customization if any. Now for IT, the big headache was to manage access to these systems. It was challenged to do this without using their central user database of LDAP which usually is Active Directory. As each of the SaaS apps maintained its own proprietary access management control thus an employee user account was created across all the different SaaS apps that were getting used.
To add to this real world problem of Single Sign On (SSO), most companies, for regulatory compliance purpose, need to maintain an user management system in place that can be audited and verified. These accounts should be available only to approved users and access should be removed when that approval is rescinded due to termination or change in job profile.
With this we have seen a revolution in Identity Management (IdM) with explosion of SaaS application in the enterprise space. Identity Management is defined as the management of individual identities, their authentication, authorization, roles, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime, and repetitive tasks.
For a more detailed information on Identity Access Management refer to IAM
Identity Management and Identity Access Management are interchangeably used and are now becoming an explosive market. As per IDC and Forrester, the IAM market will be anything between $5.1 billion to $12.3 billion by the year 2014. This has resulted a rush of players trying to get a piece of the action some which are known players and are getting through acquisitions. Between IBM,CA,Oracle and Symantec(Verisign) have approxmately 50% of the market. Rest of it is pretty fragmented and there is a great article addressing this at Fragmented IAM market. There is also very strong products from the open source world specially for OpenID which has now been supported by Facebook, Yahoo, Google and many other online and social media sites.
We will obviously see some consolidation in this market and also update in technology as we see more data consumed through mobile devices. As the complexity of SaaS applications grows, we will have more automation to manage users and user accounts with advanced level of workflow. The cesspool of application in the SaaS world will get clearer !