Identification safety groups face the ceaselessly conflicting objectives of stability, agility and improved safety. Identification leaders face a fancy world in flux, with enterprise methods regularly altering, identity-driven threats growing, compliance rules changing into extra rigorous and AI-driven apps creating new id safety challenges.
Groups managing workforce id have accrued a wide range of expertise instruments to do their jobs. This proliferation poses challenges — and alter is within the air.
In my Omdia research, “Identification Safety at a Crossroads: Balancing Stability, Agility and Safety,” I delved into the market dynamics of workforce id safety to grasp and quantify the main ache factors for leaders managing id safety.
Identification safety is a broad area, and the analysis touched on subjects, together with id governance and administration (IGA), id verification, id menace detection and response (ITDR), and nonhuman identities (NHIs), with a deal with AI brokers.
Whereas the research revealed many issues, right here I will deal with the portfolio of workforce id safety instruments used at present and the way groups can tackle instrument sprawl and construct efficient id safety methods to fulfill their organizations’ wants.
Workforce id safety instrument proliferation
Identification and entry administration (IAM) has traditionally been a comparatively fragmented cybersecurity sector. Identification groups should handle many discrete actions, together with entry administration — authentication, authorization, role-based entry management with performance corresponding to single sign-on, id supplier companies and MFA — for customers; privileged entry administration (PAM) for key customers; IGA; password administration; NHI safety; id safety posture administration (ISPM); ITDR; and extra. This record does not even contact the id stack wanted for buyer IAM.
The variety of workforce id safety duties has contributed to a wide range of instruments within the id safety crew’s toolbox. Apart from the number of completely different id features, the variety of instruments has elevated resulting from a mixture of increasing cybersecurity threats, regulatory pressures, digital transformation, distant and hybrid work, and the complexity of managing identities throughout a fancy surroundings that features on-premises, multi-cloud and SaaS environments.
My analysis discovered that id groups use a median of 11 instruments for workforce id safety. This consists of industrial, open supply and homegrown instruments. Identification safety groups additionally must combine and orchestrate a lot of applied sciences to interoperate between a bunch of various consoles to get their jobs achieved.
The origins of instrument proliferation
I wished to dig deeper into this research than the intestine emotions I typically hear about instrument sprawl — I wished to assemble information and be taught in regards to the origin of id instrument proliferation.
My analysis requested a follow-up query to respondents who mentioned they use greater than 4 id instruments to grasp the the explanation why they accrued their instrument portfolios. The highest three responses to this multiselect query had been:
- Cloud adoption requiring further instruments (52%).
- Cyber insurance coverage necessities (51%).
- Separate instruments wanted for various (on-premises, cloud, SaaS) environments (48%).
Further instruments for the cloud infrastructure adoption is smart when you think about that every IaaS participant provides native performance to assist with entry administration. For instance, in case you are in AWS and Azure and utilizing native instruments particular to every supplier, you find yourself with two cloud infrastructure entitlement administration instruments.
That cyber insurance coverage necessities response was a little bit of a shock, but it surely is smart. Verizon’s “2025 Information Breach Investigations Report” discovered credential abuse is the commonest preliminary entry vector, with 31% of breaches involving using stolen credentials. Cyber insurers acknowledge that id instruments are a key consider mitigating the chance of a breach. A corporation’s means to acquire insurance coverage, get the bottom charge and renew protection improves by adopting key controls corresponding to MFA and PAM.
Accumulating separate instruments throughout completely different environments happens for a lot of causes, from enterprise unit autonomy to needing instruments with completely different performance for every surroundings. For instance, organizations would possibly deploy Microsoft AD on-premises and use Okta or Azure AD for cloud apps. Or they could deploy one IGA instrument for a handful of core purposes, corresponding to Oracle, SAP and Workday, which might be integral to operations, and a further IGA instrument to cowl cloud apps.
There are a lot of different causes organizations have greater than 4 id safety instruments. For instance, buyer contractual obligations, compliance necessities, instruments accrued by means of M&A exercise and decentralized buying, together with completely different groups independently buying completely different instruments.
I do not assume any id chief needs quite a lot of workforce id safety instruments. A big portfolio of instruments may end up in operational complexity, id silos and inconsistent insurance policies, and may improve the chance of gaps leading to errors, unaddressed points and safety dangers.
The prevailing instrument stock has advanced to get jobs achieved. Consolidating or rationalizing instruments requires a product that solves duties as nicely or higher than the prevailing hodgepodge of instruments. Identification safety platforms are an amazing idea, however they must ship outcomes.
In at present’s world, id leaders can seldom embrace a platform method. I spoke with an id chief at RSAC Convention who made the purpose that he had accrued many instruments and want to consolidate them, however no matter got here subsequent had to offer best-in-class performance.
One shocking perception from the analysis is that enterprises sometimes have a number of instruments masking the identical features. For instance, whereas 38% have a single instrument for password administration, 45% use a number of instruments. And 36% have a single PAM product, but 44% have a number of PAM instruments. Having a number of instruments is the norm moderately than the exception. This leaves room for enchancment — distributors can develop merchandise that cowl a number of use instances, for instance, a cloud-focused vendor masking on-premises use instances or vice versa.
The trail ahead
Each group’s id safety surroundings is exclusive, however there are some widespread themes to think about as you determine assist develop enterprise, handle entry and enhance the corporate’s id safety profile.
- Stock current instruments. Audit the portfolio of instruments in use at present, together with current instrument options, scope and person populations. Assess any overlaps, gaps and sources of complexity. This lays the groundwork to cut back danger and enhance effectivity.
- Perceive what you have already got and use it. Have a deal with on the capabilities of current id safety instruments and use them to the utmost diploma. You might need been preoccupied with a piece disaster and never observed some new performance that’s now accessible from an current instrument. Distributors enhance what they provide over time, and additions to base performance would possibly allow you to cowl new use instances with out the expense of a brand new instrument.
- Align capabilities with enterprise and safety wants. There is no such thing as a one-size-fits-all instrument for id safety. Your enterprise dynamics and danger tolerance are distinctive. Platforms are promising, however they don’t seem to be nirvana. You must steadiness the advantages of consolidating instruments with particular use instances which may not be met by larger instrument distributors or platforms. For instance, rising enterprise initiatives round agentic AI would possibly require new tooling to fulfill particular AI agent id safety wants.
Innovation and the way forward for id safety
In terms of the platform versus best-of-breed concern, there’s an ebb and a stream. Platform gamers lend themselves to fixing extra established issues and may present a compelling danger ROI when it comes to danger discount and effectivity. Nonetheless, id safety continues to see disruptors displace older applied sciences and best-of-breed merchandise that clear up particular issues with extra agility than broader platforms.
Established id safety gamers — corresponding to BeyondTrust, CyberArk, Delinea, IBM, Microsoft, Okta, One Identification, Ping, SailPoint, Saviynt and Thales — proceed to broaden their expertise footprints with converged platforms. Rising innovators throughout a variety of various areas are among the many instruments which have come onto the id safety tackle ache factors and fill gaps. Such distributors embody P0 Safety and Veza, which provide converged platforms together with IGA and entry management; ConductorOne, Fabrix.ai, Lumos and Oleria, which have an IGA focus; Cerby, Grip Safety and Zluri, which provide SaaS app discovery, safety and integration with IGA; GetReal Safety, Nametag and Actuality Defender with deepfake detection instruments; Axonius with ITDR and IGA; Apono, Sonrai Safety and Xage Safety with PAM; and Breez Safety, Permiso Safety and Verosint, which provide ISPM and ITDR.
Past this, a lot of id safety gamers are crafting instruments to determine, govern and safe AI brokers.
My Omdia analysis had many intriguing findings — the above information factors are just some. Keep tuned for upcoming articles with extra outcomes.
These are thrilling instances for id safety. If you’re a brand new expertise participant fixing an attention-grabbing new id downside or an progressive method to an current problem, I want to hear about it. You possibly can attain me through LinkedIn.
Todd Thiemann is a principal analyst masking id entry administration and information safety for Omdia. He has greater than 20 years of expertise in cybersecurity advertising and technique.
Omdia is a division of Informa TechTarget. Its analysts have enterprise relationships with expertise distributors.
![The Most Searched Issues on Google [2025]](https://blog.aimactgrow.com/wp-content/uploads/2025/06/most-searched-keywords-google-sm-120x86.png)
