Smaller organizations are more likely to use software-as-a-service (SaaS) cloud deployment solutions, which can be more cost-effective than on-premises solutions

Identity Governance and Administration (IGA) tools manage digital identity and access rights across multiple systems. To enhance control over user access, these tools collect and correlate the disparate identity and access-rights data distributed throughout the IT landscape.

This aggregated data serves as the basis for core IGA functions, including identity lifecycle and entitlements management, access requests, workflow orchestration, access certification, fulfillment via automated connectors and service tickets, reporting and analytics. IGA also provides a number of ancillary functions, including role and policy management and auditing.

Following are the five key access management growth factors over the next five years:

GDPR deadline fast approaching
Finance, banking, insurance, government, utilities and other heavily regulated end-user sectors have traditionally focused on identity- and access management solutions. However, manufacturing and retail sectors have become more security conscious over the past year.

An increase in the number of data breaches, and looming legislation around General Data Protection Regulation (GDPR) in May 2018, have also piqued renewed interest in security and identity and access management (IAM) solutions.

Smaller organizations using identity governance and administration solutions
Identity governance and administration solutions have traditionally been deployed by larger organizations. In fact, companies with 5,000 or more employees are projected to contribute the largest revenue growth over the next five years, increasing from $2.4 billion in 2017 to $3.1 billion in 2021.

The proportional importance of this segment is forecast to decline from 75 percent of total access management revenue in 2017 to around 54 percent in 2021.

Small and medium-sized enterprises (SMEs) will steadily increase the amount of IGA solutions they deploy. For example, revenue from companies with between 1 and 499 employees is projected to increase from $106 million in 2017 to $439 million in 2021. This segment managed to grow from 3.3 percent of total revenue in 2017 to 7.6 percent in 2021.

The introduction of more cloud solutions within the IGA market will particularly help SMEs, because cloud-based access management solutions can be more cost effective and scalable for small and medium enterprises.

On-premises hybrid and cloud solutions
As there are a lot of applications running on premises at companies, a significant portion of larger organizations still want some on-premises solutions. Larger organizations are more apt to move to a hybrid model, with some applications running in the cloud as a stepping stone toward full adoption of cloud solutions.

Hybrid solutions are projected to increase from $714 million in 2017 to $1 billion in 2021. In contrast, smaller organizations are more likely to deploy SaaS solutions, which can be more cost-effective than on-premises solutions.

Asia Pacific embracing IGA solutions
Compared to their counterparts in North America and Europe, organizations in the Asia Pacific region have traditionally been more conservative and risk adverse when it comes to utilizing identity governance tasks. More than two-thirds of small and medium enterprises are still practicing traditional spreadsheet-based manual provision tasks.

However, this state of affairs is changing, as more IGA vendors enter the Asia Pacific region to grab growth opportunities created from newly introduced access risks. APAC organizations now have more affordable IGA options, which provide access to localized IGA skills.

Blockchain makes security cheaper and more accessible
Many organizations have isolated and centralized identity management systems, but the current market landscape demands federation and single sign-on (SSO). These systems make identity management, protection and verification very cumbersome, costly and risky for industry enterprises and government agencies. Blockchain has the potential to introduce improvements that can make security more accessible and budget friendly.

With smart contract capabilities, there can even be a secondary market where users benefit from sharing resources back to the network. Smart contracts automatically execute pieces of code carrying valuable data or perform other condition-based executions.

A permissioned blockchain technology provides core capabilities that enable a trusted digital identity network to build and operate the following:

* A shared, append-only ledger, with one version of the facts shared in real time, across all permissioned network participants.
* Smart contracts that ensure verifiable and signed business logic is executed in each transaction.
* Trust between known participants, to verify transactions and ensure records are valid.
* Privacy and security measures that grant access only to permissioned parties.

-- Don Tait, senior analyst, cyber and digital security, IHS Markit, USA.