Idaptive, The Home Run Machine
“Yesterday’s home runs don’t win today’s games.” – Babe Ruth.
Idaptive’s placement as one of the only two leaders in The Forrester Wave™: Identity-As-A-Service (IDaaS) For Enterprise, Q2 2019 report two weeks ago, less than six months after its launch as an independent security SaaS company, was an incredibly exciting and inspiring milestone. It made me introspect on our journey over the last few months after our spin-out from Centrify and truly ruminate over what market, or what “game” we’re competing in today and how this “game” will evolve tomorrow. And more importantly, as Idaptive continues to win in this market, what will constitute a “home run” in this game in the years to come.
The game is Zero Trust, and this is the Zero Trust World Series….
That thought truly put things in perspective.
The Idaptive platform’s promise is to deliver Next-Gen Access using a Zero Trust approach. The Zero Trust approach is based on the principle of “Never Trust, Always Verify”, and incorporates fine-grained contextual attributes to govern and enforce access to an application, data, network, and other critical assets that the user needs at the time. In essence, a system that implements a Zero Trust approach needs to be able to enforce strict multi-factor authentication and fine-grained authorization by continuously collecting and analyzing broad contextual information from all sources, such as attributes of the user, device, network, location, time and risk to let the user in. In terms of core capabilities, this translates into an integrated, API-first cloud service that delivers Single Sign-On (and Access Management), Identity Lifecycle Management, Mobile and Endpoint Management and Machine Learning driven User Behavior Analytics in one single consolidated platform.
Idaptive, the home run machine…
Idaptive is the only leader in the Forrester report that is rated the highest in precisely these capabilities – the capabilities that are absolutely necessary for truly implementing a Zero Trust approach. In other words, this report calls out several home runs Idaptive scored that demonstrate the company's superior Zero Trust offering.
Home Run #1: Access Management and Identity Management Policy & Administration
Idaptive scored the highest in its ability to author and manage fine-grained identity and access management policies for end users — a core requirement of a Zero Trust platform. The platform scored the highest in part due to its comprehensive role-based access control and contextual attribute-based access control framework. Additionally, the sheer array of fine-grained policies related to authentication and authorization for all types of apps, from all types of devices and for all types of users available in the Idaptive platform was instrumental in helping Idaptive showcase its stronger Zero Trust capabilities.
Home Run #2: Mobile IDaaS Functionality
The second area that Idaptive scored the highest in is Mobile IDaaS functionality. Most Zero Trust Identity platforms, including other leaders in the IDaaS report, claim to be able to leverage device context for access through “third party integrations”. But none of them, except Idaptive, can truly provide an integrated, built-in deep device context, without which Zero Trust remains a pipe-dream. The Idaptive platform’s ability to leverage all types of contextual information and apply that information to access, especially deep mobile and device context achieved through its endpoint and mobility management platform, clearly stood out as a genuine advantage and a real differentiator in the report.
Home Run #3: Support for Connected On-prem Apps (VPN-less access to on-prem Apps)
Idaptive is the only leader in this report that has enabled fine grained access control and Single Sign-On to on-prem apps, without a VPN or integration with a third-party proxy for the past few years now. Requiring end users to be granted access rights to the entire network through a VPN, regardless of the fact that they only need to access one app, violates the Zero Trust principle.
Let’s be honest – supporting SSO for cloud apps is easy and has become commoditized largely due to the adoption of standards like SAML, OIDC, and others. But in a multi-cloud, hybrid organization, a platform cannot truly claim to be “Zero Trust” if it cannot protect all types of applications, especially those on-prem in the company’s data center.
Home Run #4: API Security and Solution APIs
Idaptive’s engineering organization, since its inception, has incorporated the API-first mantra in its design paradigm, with every capability in the platform starting with an API. Any Zero Trust platform loses the “platform” bragging right if it cannot let its services be consumed by other applications, workloads, devices for authentication and authorization. And when it comes to API security and solution APIs, Idaptive has once again scored a home run in this report.
Home Run #5: Reporting and Data Analytics
The final, and probably one of the most impactful home-runs for Idaptive in this report is the clear validation of our vastly superior analytics capabilities. Idaptive is the only leader that has its own integrated User Behavior Analytics sub-system that delivers comprehensive descriptive and predictive analytics to our customers – complete with a library of built-in reports and dashboards, a flexible widget-based dashboard designer, an incident exploration and investigation, and incident response orchestration and automation designer, third-party threat data ingestion, and finally, a threat modelling engine that allows the building of custom threat and risk models.
Just Getting Started
All this said, I firmly believe that we, at Idaptive, are only just getting started in this game of Zero Trust. And the prospect of building on an incredible foundation we already have and innovating, while continuing to deliver on the promise of Zero Trust to our customers in the years to come, is a truly exciting and inspiring endeavor.