Key Criteria for Evaluating Enterprise Password Management Solutionsv2.01

An Evaluation Guide for Technology Decision-Makers

Table of Contents

  1. Summary
  2. Enterprise Password Management Primer
  3. Report Methodology
  4. Decision Criteria Analysis
  5. Evaluation Metrics
  6. Key Criteria: Impact Analysis
  7. Analyst’s Take
  8. About Paul Stringfellow

1. Summary

Every organization’s employees are buried in username and password combinations. The sheer volume of passwords we must maintain for our jobs—not even adding in those for personal use—makes it nearly impossible to do so effectively, which in turn leads to poor practices such as reusing passwords, writing them down, or saving them in browsers.

Cybercriminals—who aim to gain access to key systems and sensitive data—are aware of these poor practices, making usernames, passwords, and system credentials highly valuable targets. In fact, compromised credentials remain the most common cause of data breaches with poor password practices being the root cause. Organizations must therefore address this challenge and harden the overall security of user credentials.

Enterprise password management can be an answer to that challenge. Password managers provide a vault that can securely hold users’ sensitive credentials. These solutions manage and automate a number of complex password processes, such as creating unique and complex passwords and automating credential completion, all of which helps reduce complexity and logon friction and improve user efficiency. By automating many of these processes, these solutions enable organizations to enforce more complex and stringent password controls, allowing them to increase password and credential security.

Password management is often the first step in addressing identity security within an organization. However, as the market evolves, customers are beginning to want more than password management. This demand is leading to vendors making password management part of a broader identity platform that can deliver other capabilities, such as single sign-on (SSO), identity lifecycle management, and even passwordless access.

This is the second year that GigaOm has reported on enterprise password management, and the need for effective password practices and credential security to combat cybercriminals has only continued to grow. This year’s report builds on our previous analysis, reflecting the evolution of the market and the impact those changes have on IT decision-making.

The GigaOm Key Criteria and Radar reports provide an overview of the enterprise password management market, identify capabilities (table stakes, key criteria, and emerging technology) and evaluation metrics for selecting a enterprise password management solution, and detail vendors and products that excel. These reports will give prospective buyers an overview of the top vendors in this sector and will help decision makers evaluate solutions and decide where to invest.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.