One Identity has acquired OneLogin, an IAM (identity and access management) provider, in a bid to offer its customers an end-to-end suite of security applications that offer identity correlation, secured access to critical assets, and real-time visibility into suspicious login activity.
One Identity, which is owned by Quest Software, has up to now providedPAM (privileged access management), IGA (identity governance and administration), and ADMS (active directory management and security) applications.
“Our strategic intent of acquiring OneLogin is to really be able to offer an end-to-end identity security portfolio to our customers through one platform rather than having a fragmented approach,” said Bhagwat Swaroop, president of One Identity.
OneLogin has billed itself as a budget option within IAM, offering tools to manage internal, partner, and customer identities.
“While we excel at PAM, IGA, and ADMS, OneLogin shines in IAM and has industry recognition for that," Swaroop said. "Apart from single sign-on and multi-factor authentication, it also has rich capabilities around customer IAM which would season One Identity’s extension into larger markets like banks which manage customer identity for their online banking portals.”
Headquartered in San Francisco, OneLogin was founded in 2009. Its customers include Airbus, British Red Cross, Dell, NASA and Mitsubishi Electric. The terms of the deal were not disclosed by either party.
Joining One Identity provides OneLogin with an opportunity to accelerate its growth by providing additional value for customers of both companies, said Brad Brooks, CEO of OneLogin, in a statement.
“With OneLogin’s robust unified platform for both workforce and CIAM [Consumer Identity and Access Management], combining forces with One Identity’s suite of products including their PAM solution, will allow new and existing customers, on a global scale, to tap into the market’s only unified identity security platform," Brooks said.
Cloud migration highlights need for IAM
IAM manages the access privileges of individual network entities (users and devices) to a variety of cloud and on-premises applications. As enterprises move more and more resources to the cloud, it becomes easy to lose track of potentially thousands of identities, and security increasingly relies on IAM to protect the network.
As a result, there is consolidation brewing in the market for security products, as vendors seek to bolster their IAM-related offerings. Earlier this year for example, Okta acquired Auth0, an identity-management platform for application teams, in a stock transaction valued at approximately US$6.5 billion.
On its part, One Identity claims to manage around 250 million identities for 5,000 organisations, whereas OneLogin boasts a little over 40 million identities for 5,500 customers.
“It’s a marriage of a principally on-premises Active Directory and emerging Azure AD leader with a cloud-first technology complement,” said Jay Bretzmann, program director for security products at IDC.
“The identity security market needs these combinations to move from a siloed on-premises approach to something that serves the needs of organisations transitioning to a new, modern solution that leverages past practices with cloud-first environments. No yank and replace required.”
One Identity and OneLogin products are complementary, emphasised Liz Miller, a vice president at Constellation Research.
Acquisition unifies complementary security suites
“This acquisition makes a lot of sense when you look across One Identity’s existing portfolio of identity solutions,” Miller said. “With a toolset that spans privileged access management and identity governance and administration, the inclusion of identity and access management rounds out the total visibility and identity posture of an enterprise looking to understand, from end-to-end, where access and credential vulnerabilities could exist.”
While consolidation of security tools is not all that is needed for enterprises to get a handle on an insecure identity environment, according to Miller, it is absolutely a step in the right direction for any organisation looking for a single pane of understanding where access, identity, and credentials are concerned.
The core objective of IAM systems is one digital identity per individual or device. Once the identity has been established, it must be maintained, modified and monitored throughout each user’s or device’s access lifecycle.
PAM is a suite of security solutions around privileged accounts that deals with storage, management, authentication, record, audit, and analysis of privileged access. IGA management controls identities and access for on-prem, hybrid, and cloud environments to satisfy audit and compliance initiatives. ADMS offers capabilities such as provisioning, group and roles management, password management, and governance.
One Identity is looking at a gradual integration of OneLogin’s various capabilities as it doesn’t want to compromise the latter’s core engineering and go-to-market strategies, company officials said. To that end, OneLogin is intended to operate as a separate business unit under One Identity for the next six to nine months. During this time, One Identity will work in the background to try and fuse the different aspects of OneLogin’s business into its existing unified platform.
Not much impact, according to Miller, is expected to reflect on the client experience due to the integration except for the mutual clients of the firms, who may see a better streamlining of the solutions and user experience post integration.
Access management (AM) tools have begun to add IGA capabilities to their portfolios, including identity life cycle management, access requests, approval workflows, fulfilment, and identity synchronisation across user directories. This convergence of PAM and AM (and, potentially, IGA) functionality adds new risk mitigation benefits by adding context attributes and signals for enriching AM adaptive access controls, according to Gartner.