What’s Changed: 2019 Gartner Magic Quadrant for Identity Governance and Administration (IGA)
Technology research giant Gartner, Inc. recently released the 2019 Gartner Magic Quadrant for Identity Governance and Administration (IGA). You can download it here. Gartner researchers define identity governance and administration as “tools designed to manage digital identity and entitlements (access rights) across multiple systems and applications.” In other words, Gartner defines IGA as solutions that get the right people the right permissions at the right time for the right reasons.
In terms of capabilities, the 2019 Gartner Magic Quadrant for Identity Governance and Administration cites identity life cycle, entitlement management, policy and role management, and identity analytics. Perhaps the most critical capabilities include lifecycle management and entitlement management; the former involves managing identities for people and programs from creation to eventual deletion. Meanwhile, the latter helps administrators maintain the link between identities and entitlements, helping to establish who has access to what.
Context for the Gartner Magic Quadrant Report
According to the 2019 Gartner Magic Quadrant for Identity Governance and Administration, the IGA market is mature after six years of existence. Now, IGA solution providers focus on delivering in-demand cloud solutions and fulfilling different business requirements; also, Gartner notes that many IGA vendors focus on midsize to global enterprises. Indeed, IGA clients largely rely on their solution providers for successful deployment as only a well-staffed IAM team can deploy it on their own.
Additionally, Gartner’s researchers share their predictions for the Identity Governance and Administration market. First, they predict the importance of cleanup analytics in future ROIs by 2022. Second, researchers say over half of IGA solution providers will offer “predictive and recommendation engines leveraged by machine learning.” Currently, less than 15 percent of vendors offer these capabilities.
The 2019 Gartner Magic Quadrant for Identity Governance and Administration warns enterprises against using the vendors’ positions in the graph as the sole tool for determining a shortlist. In fact, IGA vendors often provide a general set of IGA capabilities that may suit individual use cases.
Researchers comment that IGA forms a foundational piece of enterprise identity management strategies; it answers essential questions about who possesses what permissions in your network. Smaller enterprises can use IGA to replace informal solutions and improve efficiencies. Simultaneously, large enterprises may adopt IGA technologies early on but fail to innovate to new versions.
The 2019 Gartner Magic Quadrant for Identity Governance and Administration is the seventh iteration of the report. According to researchers, IGA began when user administration and provisioning (UAP) merged with identity and access governance solutions.
In this Magic Quadrant report, Gartner evaluates the strengths and weaknesses of eleven providers it considers most significant in the marketplace and provides readers with a graph (the eponymous Magic Quadrant) plotting the vendors based on their ability to execute and their completeness of vision. The graph is divided into four quadrants: Niche Players, Challengers, Visionaries, and Leaders. At Solutions Review, we read the report, available here, and pulled out the key takeaways.
Movements in the 2019 Gartner Magic Quadrant for Identity Governance and Administration
In the 2019 Gartner Magic Quadrant for Identity Governance and Administration, Gartner did not add any vendors to their report. Instead, it dropped four vendors—Alert Enterprise, Core Security, Dell Technologies (RSA), and Microsoft. However, Gartner notes that all of the dropped vendors actually met the technical requirements of the report; Gartner changed the inclusion criteria for revenue for this report, which excluded these vendors. Additionally, Gartner includes a comprehensive list of Honorable Mentions, who fulfilled a significant majority of technical inclusion criteria.
For this report, Gartner did not name any vendors to the Visionaries Quadrant. Gartner defines Visionaries can provide IGA requirements to their clients but not on the scale as Leaders; they receive recognition for their innovative approach to IGA and may focus on specific industries. Possibly, this relates to Gartner’s comments on Identity Governance as a mature marketplace; previously, only Dell Technologies (RSA) received the title of Visionaries in 2018.
Meanwhile, Atos (Evidian), Broadcom (CA Technologies), and SAP all received the label of Niche Players in 2019. SAP and Atos both appeared in that quadrant in 2018, although Atos rose significantly in its Ability to Execute as did SAP. Interestingly, Gartner cites Broadcom’s acquisition of CA Technologies in 2018 and its subsequent business decisions as impacting its ranking in the Quadrant; in 2018 CA Technologies was named a Leader in the IGA report.
In the Challengers Quadrant, we find Hitachi ID Systems, Micro Focus, and Oracle. Micro Focus moved up in its Ability to Execute thanks to its flexibility and policy management features. Hitachi similarly moved up thanks to its strong lifecycle management and CIAM performance. Both were in the same Quadrant last year.
However, here too we see considerable movement; Oracle was in the Leaders Quadrant in 2018 and instead placed as a Challenger in 2019. Gartner acknowledges it fulfills its IGA requirements’ instead it cites an unclear strategy and some internal reorganization as its reasons for moving it to the new Quadrant.
Of course, this leads to the five Leaders in the 2019 Gartner Magic Quadrant for Identity Governance and Administration: Saviynt, SailPoint, IBM, Omada, and One Identity. Of these, One Identity, Saviynt, SailPoint, and IBM appeared in the Leader Quadrant in the previous report.
Saviynt rose considerably in its Ability to Execute due to its SaaS delivery and identity analytics. IBM earns its position, which stayed relatively steady, with its cloud-based solutions and hybrid deployment options. One Identity’s Leadership provides deep integration with complicated applications and integrated unstructured data access governance in its solution; however, it did sink somewhat since last year. Simultaneously, SailPoint rose dramatically in the Quadrant; Gartner praises it for its above-average identity analytics, IGA innovations, and a recent cloud-hosted service release.
Interestingly, Omada crossed from the Challenger Quadrant to the Leaders Quadrant in 2019. In particular, Gartner singled out Omada’s go-to-market strategy improvements and its identity analytics capabilities as Leaders’ worthy.

Latest Jobs
-
- Penetration Tester, UK based. Ability to achieve SC clearance
- United Kingdom
- 55000
-
Experienced Penetration tester- UK based with the ability to achieve SC clearance. On-going training and development and paid certifications / renewals. Interested to hear from all areas of penetration testing, web app, infrastructure, mobile, etc. MUST have current hands on experience delivering penetration testing. Ideally from a consultancy background with experience working with multiple clients. OSCP / CREST / CHECK / Tigerscheme penetration testing experience / certifications desirable. Apply today for more details. All information kept in the strictest of confidence.
-
- Senior Data Privacy Specialist, London. CIPT
- London
- 60000
-
REF CH7875 £60,000 Senior Data Privacy Specialist, London. CIPT Senior Data Privacy Specialist needed to help advise client on project and programmes relating to Data Privacy and compliance. UK based role. Ideally looking for someone that has a strong appreciation of technology and Data Privacy that can work with clients to develop or enhance their strategies, policies, processes and techniques to manage cybersecurity risks while enabling business driven data. Certified Information Privacy Technologists (CIPT), Certified Information Privacy Professional/Europe CIPP/E experience and or certification highly desirable. Specific experience within the healthcare industry is of particular interest. All details kept in confidence Apply today for more information
-
- Cyber Security lead Managing Consultant, Healthcare
- London
- 120000
-
REF CH7874 £120,000 Cyber Security lead Managing Consultant, Healthcare, Public Sector. UK Cyber Security lead Managing Consultant with a specialisation in healthcare needed. The Cyber Security lead Managing Consultant will identify, engage with, consult and deliver key and critical cyber focused programmes and projects into healthcare clients. To be a success in the role you will be able to identify and engage with clients building pipelines of new business opportunities. A key part of your role will be to engage with new and existing clients to win new business opportunities- this role is revenue generating. Consulting experience around digital cyber transformations, Governance, Risk & Compliance, Critical National Infrastructure programmes, Managed Detection and Response etc are key. NIST, ISO27001, etc Team management, , identifying Cyber Risk, UK based, Permanent position. The ability to achieve UK security clearance is a perquisite. All details held in confidence. Apply today for more information.
-
- CONTRACT outside IR35 - SENIOR Security Analyst level 3.
- United Kingdom
- competitive day rates
-
REF CH7873 CONTRACT 3 month rolling outside ir35 SENIOR Security Analyst level 3. London ideally- but flexible SOC SIEM experience essential. Broad cyber hands on experience should include Threat hunting, Detection, Phishing, Malware etc Scope of engagement · Managing / running BAU tasks (Organising and assigning workloads to the Tier 2 analysts) · Working with the various security tools (Creating documentation to support the use of these tools) · Support Incident Management activities (Work with the incident managers when an incident is identified) · Support Incident Response activities (Recommendations and support remediation activities without completing these activities) · Be technical point of contact to the wider business on security related issues (SME within the team on security related issues) · Train the SOC Analysts (Continuity of service - knowledge transfer to the T2 analysts ) · Working with the Security Engineers on: (Use Case Development Identifying scenarios and developing the use case for the engineering team to deploy Identifying rules and alerts triggered to be fine-tuned by the engineering team) · Recommendations for dashboard creation (Working with the engineering team to identify potential dashboards to create) · Creating, maintaining and uplifting documentation (Playbooks, Process Documentation) · Drive improvement across the estate (Support Vulnerability Management activities and provide enrichment where possible) Any of the following certifications are desirable Splunk Phantom certified admin, Splunk Core Certified Power User / Advanced, Splunk Certified Enterprise Security Admin, etc The individual MUST currently be living in the UK and be able to achieve UK security clearance. (SC) Looking to interview immediately. Arrange a call https://calendly.com/chris-holt/arranged-call-with-chris-holt-soc-role- Chris.Holt@dclsearch.com