Midsize Enterprises Are Opportunities for Identity Management Vendors

Smart card authentication methods stand out as the least deployed of all the identity management technologies and have the most potential for growth in the next 12 months

The volume of accounts and complexity of access control have created a $2.4 billion market for products and services providing authentication, single sign-on, user directories, self-service portals and access provisioning. The market for identity management is crowded with point and multipoint solutions and is sorely lacking in end-to-end solutions for heterogeneous networks, according to the Yankee Group report, Identity Management Market Still Fragmented. Only four vendors--IBM, Microsoft, Sun and Computer Associates--come close to an effective solution.

"The disappointing absence of an elegant identity management solution is a mirror of the disparate access control mechanisms in use today," says Phebe Waterfield, Security Solutions & Services analyst. "Standards such as SAML and XACML are maturing slowly, however, the Yankee Group predicts true end-to-end identity management systems that link users to network access and enforce consistent access control policies all the way to the source of information: The applications and platforms will appear by 2005."

Regulations are now putting pressure on enterprises to verify and demonstrate to auditors the efficacy of their identity management processes. These regulations include HIPAA, the Gramm-Leach-Bliley Act and the Sarbanes-Oxley Act.

The most common business drivers behind identity management initiatives are:

-- Reduce technical support overheads

-- Grant and revoke access to employees and partners efficiently

-- Authorize access appropriately and have persistent visibility into who has access to systems and information