Top 17 Identity and Access Management platforms
Identity Management, Single Sign-On and 2-factor authentication solutions allow to simplify and secure access to cloud, mobile and on-premises applications to employees and customers while increasing IT control and visibility.
Socure, a company that uses AI and machine learning to verify identities, has raised $450 million. Socure’s identity resolution engine uses predictive analytics to parse over 8 billion records, providing a multi-dimensional picture of a consumer’s identity for fraud detection purposes, even for hard-to-identify populations, including those who are Gen Z, credit-invisible or new to the country. Socure’s customer base includes 12 of the top 15 banks and a roster of fintech companies, online gaming providers and crypto exchanges — Voyager, Public, Stash and DraftKings, to name a few.
2021. Customer due diligence platform First AML gets $21M
New Zealand-based end-to-end due diligence platform First AML has raised $21 million. One of the main ways First AML is different from other digital ID authentication startups (like Jumio, Onfido or ForgeRock, to name a few) is that instead of individual end users, it focuses on complex entities and transactions, which may mean performing due diligence on multiple organizations and people at a time. Unlike many other authentication and KYC (know your customer) startups, its main clients aren’t banks. Its clients include other types of financial service providers, accountants, law firms and real estate agencies.
More consolidation is afoot in the world of cybersecurity, specifically around services to help organizations manage identity and access. Today, One Identity — which provides tools for managing “zero trust” access to systems, as well as running log management and other governance services for enterprises — announced that it has acquired OneLogin, a rival to companies like Okta, Ping and others in the area of secure sign-on services for end users. OneLogin has some 5,500 customers, including the likes of Airbus, Stitch Fix, the AAA and Pandora.
2021. Microsoft acquires access management startup CloudKnox
Microsoft has acquired identity and access management (IAM) startup CloudKnox Security. CloudKnox helps organizations enforce least-privilege principles to reduce risk and help prevent security breaches. The company’s activity-based authorization service will equip Azure Active Directory customers with granular visibility, continuous monitoring and automated remediation for hybrid and multi-cloud permissions. In addition to Azure Active Directory, the company also plans to integrate CloudKnox with its other cloud security services, including 365 Defender, Azure Defender and Azure Sentinel. Microsoft also recently acquired IoT security startups CyberX and Refirm Labs as it moved to beef up its security portfolio.
2021. Australian ID verification startup OCR Labs raises $15M
With the gig economy came the need for ID verification, thus startups like OnFido (raised $188.8 million) appeared, alongside several others. But this sector is by no means ‘done’ yet. Now, OCR Labs, which emerged from Australia, has announced a €12.5M. OCR Labs says its technology uses “five proprietary technologies in one solution, including identity document optical character recognition (OCR), document fraud assessment, liveness detection, video fraud assessment, and face matching”. This supports AML and KYC regulations. No one wants to spend hours trying to prove who they are, whether it’s for a job or for a bank account, and we also want to know we’re protected against identity theft and fraud. Digital ID verification has a key role to play, but this year we’ve also seen the limitations if hybrid models are used. People are a barrier and a risk, but fully automated technology can have a huge impact on many industries and privacy. OCR Labs is built to be secure, frictionless and fast, and capable of recognizing ID documents the world over.
2021. Aserto raises $5.1M to build authorization as a service
Aserto, a new startup that wants to build an authorization-as-a-service solution, announced a $5.1 million seed round. What the company is doing is creating a sophisticated service that does much of the work for developers, giving them fine-grained control over roles access control based on policies using what they call a “policy-as-code approach to authoring, editing, storing, versioning, building, deploying and managing authorization rules.” The solution is built using the CNCF Open Policy Agent (OPA) project.
2021. Jumio raises $150M for its all-in-one ID authentication platform
Jumio, which has built a platform that provides a variety of digital identity tools and technology — using biometrics, machine learning, computer vision, big data and more to run checks on ID documents, log-ins, to help prevent suspicious financial activity, identity theft and more — has closed a $150 million round of funding. Currently, Jumio’s primary business is B2B: It provides tools to enterprise customers like HSBC to manage digital identity verification. Some of the areas where it will be investing include expanding its AI capabilities to do more anti-money laundering work, and to look at building a B2C product, using the data, tools and network of customers that it has to help individuals better manage their identities online.
2021. Okta acquires cloud identity startup Auth0 for $6.5B
Okta is buying cloud identity startup Auth0 for $6.5 billion. It’s a substantial amount of money for one identity and access management (IAM) company to pay to buy another, similar entity. But the deal ultimately brings together two companies that come at identity from different sides of the market — and as such could be the beginning of a beautiful identity friendship. On a simple level, Okta delivers identity and access management (IAM) to companies who use the service to provide single-sign-on access for employees to a variety of cloud services — think Gmail, Salesforce, Slack and Workday. Meanwhile, Auth0 is a developer tool providing coders with easy API access to single-sign-on functionality. With just a couple of lines of code, the developer can deliver IAM tooling without having to build it themselves. Auth0 will operate as an independent unit inside of Okta as they look for paths to integration in the coming months.
2021. BeyondID grabs $9M to help clients implement cloud identity
2020. Cloud directory service JumpCloud raises $75M
JumpCloud, the cloud directory service, has raised a $75 million Series E. Changes in the way that IT works have been evolving since the company launched in 2013. Back then, most companies used Microsoft Active Directory in a Windows-centric environment. Since then, things have gotten more heterogeneous with multiple operating systems, web applications, the cloud and mobile, and that has required a different way of thinking about directory structures. JumpCloud provides independent cloud directory platform that would connect people to really whatever it is they need and do that in a secure way while giving IT complete control over that access.
2020. Okta adds new no-code workflows that use identity to trigger sales and marketing tasks
Identity management provider Okta announced new no-code workflows that provide a way to use identity as a trigger to launch a customer-centric workflow. The company has created a series of connectors to make it easier to connect identity to a workflow that includes sales and marketing tooling. Last year Okta introduced Platform Services, which pulled apart the various pieces of the platform and exposed them as individual services, which bigger-company customers could tap into as needed. He says that this is an extension of that idea, but instead of having to get engineering talent to write complex code to tie the Okta service into say Salesforce, you can simply drag the Salesforce connector to your workflow.
2020. Google finally fixed the worst thing about its Authenticator app
If you want to protect your data from hackers, you should definitely use two-factor authentication, and Google Authenticator is a simple, logical choice. And now, it finally got a feature that makes it easy to move its data from one phone to another. Google Authenticator is a mobile app to provides a secondary, ever-changing code you must use, along with your password, to get into your online accounts such as Facebook, Gmail and Twitter. Now, Google has updated the Authenticator with the ability to transfer all of its data to a new phone. The process is simple and it boils down to choosing an account and scanning a QR code on your old phone.
2020. ForgeRock nabs $93.5M for its ID management platform
ForgeRock, which has built a platform that is used to help make sure that those accessing services really are who they say are, and help organizations account for how their services are getting used, has raised $93.5 million in funding. It operates in an industry heavy with competition, with some of the others vying for pole position in the various aspects of identity management including Okta, LastPass, Duo Serurity and Ping Identity. But within that list it has amassed some impressive traction. In total it has 1,100 enterprise customers, who in turn collectively manage 2 billion identities through ForgeRock’s platform, with considerably more devices also authenticated and managed on top of that.
2020. Okta launches Lifecycle Management Workflows to make building identity-centric processes easy
Okta, the popular identity and access management service, has launched Lifecycle Management Workflows, a new tool that helps IT teams build and manage IFTTT-like automated processes with the help of an easy to use graphical interface. The new service is an extension of Okta’s existing automation tools. But the key here is that IT teams and developers can now easily build complex identity-centric workflows across a wide range of applications. With this, these teams can easily automate an onboarding process, where setting up a new Okta account also immediately kicks off processes on third-party services like Box, Salesforce, ServiceNow and Slack to set up accounts there.
2019. Identity management software Okta introduced end-user-security product
2019. Okta brought identity management to server level
Okta announced a new level of identity protection at the server level. The new tool, called Advanced Server Access, provides identity management for Windows and Linux Servers, whether they are in a data center or the cloud. The product supports major cloud infrastructure vendors like Amazon Web Services, Microsoft Azure and Google Cloud Platform, and gives IT the ability to protect access to servers, reduce the likelihood of identity theft and bring a level of automation to the server credential process. The tool is continuously monitoring user information to make sure nothing has changed such as another machine has taken over, avoiding man-in-the-middle attacks. It’s also making sure that there is no virus or malware, and that the person who is using the machine is who they say they are and has access at the level they are using it.
2019. Okta acquired workflow automation startup Azuqua
Okta is to acquire workflow automation startup Azuqua for $52.5 million. In a modern enterprise, people and work are constantly shifting and moving between applications and services and combining automation software with identity and access management could offer a seamless way to move between them. The combining of the two companies is intended to move smoothly between applications in a complex workflow without having to constantly present your credentials. S0 product teams will be able to embed this technology in their own applications alongside Okta’s core authentication and user management technology to build integrated customer experiences.
2018. Cisco is buying 2-factor authentication provider Duo Security
Cisco is to buy security firm Duo Security for $2.35 billion. The acquisition feels like a good fit for Cisco. Duo’s security apparatus lets employees use their own device for adaptive authentication. Instead of issuing key fobs with security codes, Duo’s solution works securely with any device. And within Cisco’s environment, the technology should feel like a natural fit for CTOs looking for secure two-factor authentication. Over the last few years, Cisco has made several key acquisitions: OpenDNS, Sourcefire, Cloudlock, and now Duo.
2018. Okta introduced new service - Sign in with Okta
Okta unveiled a new service "Sign in with Okta" that allows employees to sign into third party sites and apps just like they sign in their company applications with a single set of credentials. The new API allows developers to add a few lines code and give Okta customers the ability to sign into one another’s websites in a similar way that OAuth allows you to use your Google or Facebook credentials to sign onto consumer sites. When developers add this functionality, the user sees a “Sign in with Okta” button on the website or service they are accessing. They can then use their Okta login to get into these sites under whatever rules the site owner has defined.
2018. Okta partnered with ServiceNow
Okta and ServiceNow got together to build an app that helps ServiceNow customers using their security operations tools find security issues related to identity and take action immediately. Okta launched the Identity Cloud for Security Operations app today. It’s available in the ServiceNow app store and has been designed for customers who are using both toolsets. When a customer downloads and installs the app, it adds a layer of identity information inside the ServiceNow security operations interface, giving the operations team access to information about who specifically is involved with a security problem without having to exit their tool to find the information.
2017. Amazon enters single sign-on market
Amazon released a single sign on product for the AWS cloud. With AWS SSO you can easily manage SSO access and user permissions to all of your accounts in AWS Organizations centrally. That’s very different from what other single sign on products like Okta or OneLogin are doing. These companies provide a much more comprehensive approach to single sign on, giving you a central way to log into all of your cloud services (and in some cases on-prem too). This saves you the pain of having separate user names and passwords for every account. You log in once and you have access to all of the included cloud services.
2017. Okta launches free service for startups
Online identity management provider Okta, which counts corporate clients like Nordstrom and government clients like the U.S. Department of Justice, said that it’s now going to let startups use its services for free. Young organizations with up to 25 employees will be able to use Okta Identity Cloud without charge for one year. CEO Todd McKinnon hopes that they’ll become corporate clients as their business grows and they’re satisfied with the secure sign-on services. There are a lot of companies in the secure sign-in space. When asked about startups like Duo or SailPoint, which recently went public, McKinnon said “they have one part of what we offer” and “we have a broad suite.” He believes Okta’s real competitors are the incumbents like IBM, Oracle, Salesforce and Computer Associates.
2017. Duo Security raised $70 million
Duo Security announced $70 million Series D funding at a valuation of $1.17 billion. The Michigan-based SaaS company works with more than 10,000 companies. The company’s main product is a two-factor authentication app but Duo also offers other security products to secure users and their devices. Duo’s solution is cloud-based, which means there's no software to install, and no server to set up. The new investment will help accelerate the company’s technical innovations and operations as well as securing new partnerships.
2017. Google acquired enterprise-class Single Sign-On provider Bitium
Google has acquired Bitium, a company that focused on offering enterprise-grade identity management and access tools, such as single-sign on, for cloud-based applications. This will basically help Google better manage enterprise cloud customer implementation across an organization, including doing things like setting security levels and access policies for applications working across their Cloud and G Suite offerings. The goal of Bitium is to simplify the process of administrating and using popular cloud-based applications so that users aren’t tempted to enter the nefarious realm of “shadow IT,” where they fall back to their own personal accounts across these services because the enterprise alternative is sub-standard or difficult to access.
2017. SAP acquired customer identity management provider Gigya
SAP announced an acquisition of Gigya, a firm that helps online properties manage customer identities and profiles. Gigya today manages some 1.3 billion customer identities across hundreds of sites, existing business that it will bring under SAP’s umbrella. The idea will be to integrate those features into SAP’s wider e-commerce operation to expand the kinds of services it offers to existing customers, and to help sell more e-commerce services to Gigya’s base. Unlike alternatives Gigya originally had its start as a “social” log-in platform in which it helped online properties manage customer profiles as linked with their profiles on sites like Facebook. But a few years ago, the company started to widen out its view of the purpose of identity management and how it can be used for a wider set of customer management features for e-commerce and other sites.
2017. Identity management startup ForgeRock raised $88 million
Enterprise identity startup ForgeRock announced an $88 million Series D investment round. Unlike alternatives ForgeRock allows to authenticate not only users, but also machines and sensors attempting to access your systems. CEO Mike Ellis sees his company’s approach to identity as a natural extension of what’s happening the industry. “The relationships between humans, devices, things and services is driving security,” he says. It’s something the company has been building towards from the earliest days, a platform than can scale to deal with identity from a variety of sources beyond just human users. “We believe you have to exist everywhere — at the device and gateway level like a connected car, but also on prem and in cloud,” he said.
2017. Okta makes 2-factor authentication standard for all customers
Cloud identity provider Okta announced that it’s making 2FA the standard for all its customers. Research suggests that a large number of breaches are related to stolen or weak passwords. Okta recognizes that, so it’s implementing 2FA as a standard, presenting every user with a one-time passcode to add another layer of protection that will be harder for hackers to surface. What’s more, the company also sees the password reuse problem so it’s adding a compromised password detection tool, which can find commonly-used passwords from large, publicly-known data breaches and warn users if they are using them. It’s certainly a big step forward, and while 2FA isn’t a panacea, it’s still better than just a username and password because it’s adding that additional layer of protection.
2017. OneLogin brings some smarts to multi-factor authentication
Multi-factor authentication service OneLogin rolled out a new version of its mobile app that uses machine learning to determine your typical usage patterns and only asks you for a second factor when it determines that it’s absolutely necessary. Most MFA algorithms are rather rigid. If you’re on the network at work, you get asked for a password. If you’re not, you get asked for a second factor, but he says, it should be much more subtle than that, understanding how users access the network. The latest version of OneLogin OTP is designed to fix that. If you log in regularly from your home on the same laptop, after several times the system will learn that this is a common location and device, and you will be allowed onto the network without a second factor.
2016. OneLogin acquires Sphere Secure Workspace to gain mobile management
Cloud identity management provider OneLogin has acquired Sphere Secure Workspace to add mobile device management to their identity-driven security model. Sphere provides a container approach to mobile security where your work content is separated from your personal content inside a virtual container on a single device. This is not a new approach by any means, but it gives OneLogin entree into the light-weight mobile device management space. With Sphere, the company simply blows away the container when an employee leaves a company or loses a device, and the person’s other content remains intact. It gives the employee access to work content in a more secure way with a single log-in, while protecting the personal content.
2016. Enterprise identity management leader Okta expands partnership with Box
Cloud identity management and mobility management provider Okta announced a partnership with Box to support device-level security for the Box mobile app. Okta and Box have a long history together but this expands the friendship. The new solution will allow to apply a set of policies on the device, such as requiring a device PIN before you can use any of the managed apps. Okta’s EMM solution also includes integrated identity across participating apps with Single Sign-On (SSO) along with unified provisioning across all devices, according to the company.