Those who have been associated with Identity & Access Management domain for more than a decade would recall Access 360, Netigrity, Waveset & BMC’s Control-SA as the first generation Identity & Access Management solutions. Onboarding and off-boarding users perhaps the biggest use these IAM solutions, later on to be supplemented by managing access on the Web. It could take more than two to three years to have your basic provisioning system going with 4-5 applications
The second generation began with the giants like IBM, CA, & Oracle mostly acquiring smaller companies first time after Identity Management suites that would cost around half million dollars with three times more money sunk in deployment services. They offered more solutions to more use-cases in provisioning & web access management. A set of System Integrators (SI) emerged to help customers implement those solutions in “Time & Material” (T&M) mode. The more project over ran, the more money was made by them. Rare SIs like ILANTUS brought the concepts of Fixed Fee implementations and “Connector Factory” to help customers implement these solutions faster and more economically.
The need for security compliance revolving around “Governance” issues, basically triggered by SOX and other regulatory compliance needs gave the birth to Access Governance in the third generation of IAM solutions. Aveksa and shortly after, SailPoint brought in Access Governance technologies that focused on governance than administration.
The fourth generation of IAM has begun now. Rechristened as Identity Governance & Administration (IGA), this generation is bringing in “IDaaS” (Identity as a Service) a cloud based approach to traditional IAM. While most of the fourth generation IAM vendors offer basic, low value commodity solutions like Single sign on, a few like ILANTUS are offering complete set of IAM solution services that relatively inexpensive and quick to adapt.