According to CSO, “Identity and access management is a critical part of any enterprise security plan, as it is inextricably linked to the security and productivity of organizations in today’s digitally enabled economy.”
IAM technology covers the wide spectrum of identity authorization and user access protocols, including who can log in to your system, how much access they have, the governance of access, and managing user lifecycles.
While this may seem straightforward at first, consider the access parameters that are necessary in today’s complex digital landscape. Businesses are working in a mixed environment of onsite servers, private or public clouds, and SaaS applications, all of which need to be accessible via a frictionless user experience from onsite or remote locations, as well as from a user’s personal device.
Increasingly, businesses are turning to IAM providers to secure their mixed digital assets. The uptick in complexity and the growing prioritization of security both contribute to predictions that the IAM market is expected to grow 12 percent by 2023.
Avatier and RSA are two leading providers of IAM services that you may be considering for your IAM solution. To help you understand how the two platforms differ, let’s compare their features, infrastructure, reviews, and cost. For the sake of argument, we’ll only be looking at RSA’s IAM tools in this comparison. Here’s how the two platforms stack up.
Avatier vs. RSA: Features
Avatier is a singular platform that offers six key areas of IAM functionality.
Single Sign-On tools let businesses streamline user access, improve productivity, and reduce cost. Because access and security is a balancing act, 75 percent of businesses want “advanced authentication and security measures with little to no impact on the customer experience,” according to Experian’s 2018 Global Fraud and Identity Report.
Password Management tools provide enterprise password management while giving users the power to reset and manage passwords. This self-service functionality can result in significant cost savings, eliminating the 30 percent of help desk calls that are password-related. Password Management is enhanced with multi-factor authentication with biometrics, including facial recognition, voice identification, and fingerprint scanning.
Access Governance tools include compliance manager, certification snapshot, audit tools, and real-time governance risk assessment. Plus, Group Requester provides access management through rule-based management. Lifecycle Management tools provide automated provisioning, directory independence, and self-service access requests. Group Self-Service offers rule-based group management, self-service capacity, and redundancy blockers.
On the other hand, RSA’s IAM tools have long been focused on authentication and two-factor access. With RSA SecurID Access, businesses can access risk-based authentication, management controls, assurance levels, and multi-factor authentication available via tokens, mobile push, and other tools.
Through the acquisition of Aveksa in 2013, RSA was able to add identity governance and lifecycle to its IAM tools. This current offering provides user provisioning, self-service access, role management, policy automation, and more.
Avatier vs. RSA: Identity Framework
With an innovative approach to IAM, Avatier’s Identity Anywhere platform is the world’s first Identity-as-a-Container (IDaaC) platform. This framework applies to Avatier’s entire suite of tools, providing streamlined deployment across cloud and on-premise environments.
By using Docker containers technology, Avatier combines the best of the cloud-only tools used by IDaaS with traditional identity solutions for on-site environments. The result is a singular framework that’s scalable, efficient, flexible, and secure.
In addition to multiple deployment options, this technology brings several other advantages. When compared with traditional virtual machines from VMWare and Microsoft, containers run at a much higher density that’s 20 times greater. Additionally, container technology avoids the small differences in computing environments, letting you manage your IAM easily with orchestration scripts while avoiding the security and stability risks that these differences could imply.
In 2017, Avatier was named as an Innovation Leader by KuppingerCole Analysts. Because security threats are ever evolving, the release of the Identity Anywhere streamlined framework in 2018 is the latest way that your business can stay a step ahead of the threats.
For RSA, the company just added a cloud-based Authentication-as-a-Service in 2017. With RSA, you can deploy authentication in the cloud, onsite, or in a hybrid model. However, this approach doesn’t have the advantages of container technology.
Avatier vs. RSA: Reviews and Cost
RSA is the gorilla in the industry. It’s been around since the ’80s, and in 2003, it held a 70 percent share of the two-factor token market. However, in recent years, its market share has been slipping.
In the public financial data that’s available prior to the Dell merge in 2016, we see that revenues from RSA started to plateau around 2012. This could be due to the massive RSA security breach that occurred in 2011, when tens of millions of tokens were compromised. This event cost the company between $66 and $81.3 million and led to at least one business having a security breach, defense contractor Lockheed Martin.
Alternatively, RSA’s market plateau could be due to businesses looking to different IAM providers that offer modern security that’s nimble, easy to deploy, and costs less.
For example, on Gartner, Avatier has received a 4.3 rating while RSA has received a 3.4. In a categorical analysis, we see that Avatier scored 20+ percent better than RSA in ease of deployment, quality of technical support, timeliness of vendor response, and in the product capability categories for policy and role management, and password management.
One estimate put the total cost of ownership for RSA SecurID at $415,268 to deploy two-factor authentication for 1,000 users. About 30 percent of that 7-year estimate is in upfront purchase costs.
Avatier’s Identity Anywhere solutions are priced in a straightforward and scalable way that’s a monthly rate per user per product. In a hosted environment, Avatier’s monthly rates are $1.50 per user for Password Management, $2 per user for SSO, $3 per user for Access Governance, and $5 per user for Lifecycle.
Conclusion
In 2017, stolen and/or weak passwords were the cause of more than 80 percent of hacking-related breaches, making identity and access management a critical area of concern.
According to the 2018 Data Breach Investigations Report by Verizon, the top recommendations to manage ongoing threats include using your employees as your first line of defense, deploying two-factor authentication, and mitigating risk by limiting user access to what’s necessary.
In particular, limiting user access via automated provisioning can make a big impact. For example, one of the reasons that the Sony hack was so bad is that it used the access credentials of power users, such as system engineers or network administrators who had wide-reaching authentication permissions. The degree of impact could have been less if the user account(s) that were breached weren’t those of privileged users. By reducing the number of privileged users, you limit your total security vulnerability.
Avatier is a top-rated IAM provider that’s been recognized as an Innovation Leader. Offering the world’s first Identity-as-a-Container solution, Identity Anywhere is a tool that’s easy to deploy across cloud and onsite locations by using a framework that’s scalable, efficient, flexible, and secure.
While RSA is known primarily as a two-factor authentication provider, it’s expanded its IAM offerings to include identity governance and lifecycle space.
Cost estimates for RSA are typically high, with some use cases citing a $415,268 total cost of ownership for implementing two-factor authentication across 1,000 users over seven years. Avatier’s Identity Anywhere tools are priced per month per user, ranging from $1.50 per month to $5 per month for IAM tools of SSO, Lifecycle, Access Governance, and Password Management.Avatier provides an innovative approach to IAM security. Learn more about how Avatier could help your business.