Saviynt Blog | Security News and Research

Assessing Converged Identity Platforms (CIPs)

Written by Greg Liewer | Mar 8, 2023 8:00:00 AM
CIPs Offer a Variety of Capabilities That Vary Widely Depending on the Vendor and the Initial Problem They Were Designed to Solve. Here’s How To Choose.

The lifecycle of technology innovation and adoption is a never-ending cycle. Technologies are developed to solve a specific problem. The market is then inundated with these point solutions that sooner or later incrementally add functionality. These point solutions then evolve, blend and merge to help solve a larger overarching challenge. And then, the cycle starts again as new point products are developed for a new problem. It’s a technology circle of life so to speak.

This is the same pattern identity security has followed. As networks developed, the need for access management arose, closely followed by the need to govern and administer the growing number of identities with access to applications. Identity security products related to governance, privileged, third-party, and other areas of identity security evolved separately. And as they have matured, they’ve begun to coalesce into converged identity platforms (CIPs).

The reasons capabilities coalesce and converge are associated with the management headaches and cost pressures of having to maintain so many different systems. IT teams don’t have the manpower to learn and manage so many different systems in an increasingly complicated identity landscape, while company leadership is looking to optimize performance and cut costs.

But what constitutes a converged platform? What are the benefits of a CIP? And what should organizations look for when adopting a CIP?

What is a Converged Identity Platform?

In its simplest form, any converged platform is a combination of distinct products and capabilities that share a common delivery framework, management interface (the infamous single pane of glass), and multiple capabilities that seamlessly interact with each other. CIPs offer a variety of capabilities that vary widely depending on the vendor and the initial problem they were solving (i.e. IGA, PAM, third-party governance, etc).

The Three Types of CIPs: Integrated, Dis-Integrated, and Light

Integrated: CIPs have a single underlying platform, where all components share the same codebase and all components are managed from a single, centralized interface. They also have a centralized warehouse that consolidates identities from a variety of authoritative sources into one repository. This repository has visibility into all identities, regardless of where they are located, to perform advanced analytics on what identities have access to and how that access is being used. Machine learning algorithms are able to correlate risk across different security components and provide holistic and preventative SoD management.

Dis-Integrated: CIPs are a combination of different products converged from different platforms, code stacks, and potentially multiple vendors due to M&A activity. These products do not share the same code and when one is updated, it may cause issues with other capabilities and features of the “platform”. Providers of dis-integrated platforms may still require on-premises components to provide comprehensive visibility and feature sets to manage identities in multi-cloud and hybrid environments, creating longer implementation cycles and possible management challenges.

Light CIPs: Light CIPs combine several different components and capabilities, but lack the robust features and functionality of other platforms. Light solutions are good for organizations that utilize straightforward workflows and processes. They may be a good fit for smaller organizations with limited administrative support or those not in highly regulated environments. Depending on the needs of the organization, additional point products may need to be purchased at the same time or in the future to patch over missing capabilities.

The Benefits of a CIP

When assessing CIPs it’s important to look at not only your immediate needs, but those further in the future. If you’re in an industry that doesn’t have a lot of regulatory oversight, a small support team, or that doesn’t have a complex identity environment, a light solution may be the way to go. But planning should also include a best-case attempt at future-proofing your environment to prevent a cycle of ripping, replacing, and migrating technologies as much as possible.


Insufficient planning could result in increased infrastructure and management costs as organizations may have to deploy two or more platforms to create the illusion of a single architecture. Increased management needs, use of professional services for initial setup and maintenance, and downstream impacts on other components when upgrades to one component are made are frequently cited concerns with these types of solutions.

At the end of the day, a CIP should help you:

  • Simplify identity security programs
  • Reduce technology/security stacks
  • Decrease management and maintenance costs
  • Shrink the threat landscape
  • Future-proof technologies and programs
  • Remove manual processes
Saviynt’s Enterprise Identity Cloud (EIC)

Saviynt Enterprise Identity Cloud is a converged identity platform that consolidates management of multiple IAM capabilities, including IGA, privileged access management (PAM), and third-party, application and data access governance in a single solution that unifies identity management. This convergence allows large organizations to quickly adopt a full-featured, identity security platform while allowing smaller organizations to efficiently deploy lightly and build to an enterprise deployment as their needs change and grow, without having to rip and replace existing infrastructure, or add more point technologies.

The architecture of Saviynt’s EIC lets organizations leverage existing technologies an organization may have and provides bring-your-own (BYO) capabilities to bring existing technologies with you, including existing access management systems.

Adopting a converged identity platform should help organizations simplify their IT and security stacks while providing strong identity security management. Reducing the number of different platforms and technologies needing management speeds the identification and remediation of negative findings. By consolidating capabilities and maintaining as much flexibility as possible, organizations can simplify management, increase productivity and ROI, and future-proof technology stacks.