IGA provider Omada stresses intelligence, management upgrade in next generation of Omada Identity Cloud

New capabilities include peer analysis into Segregation of Duties controls, a new Active Directory connector, and their first connector for Google.

Denmark-headquartered Omada has released the next generation of their Omada Identity Cloud IGA Software-as-a-Service offering. The advances in the cloud-native offering focus on new intelligence and management features, and include new peer analysis capabilities, improved Active Director connectivity, and the company’s first Google Connector, for Google Workspaces.

Omada plays in the IGA [Identity Governance and Administration] space, which used to be called IAM [Identity and Access Management]. IGA layers on top of synchronization, providing birthright access when a new user comes on board, but also handles access certification. Omada Identity Cloud lets organizations  manage identity lifecycle, policy and role management, access requests, and access certification and fulfillment with automated provisioning and service tickets. Many configurable models are available out of the box.

The company has been in business for twenty years.

“We have always been in IAM, with a focus on trying to be complementary to the entire Microsoft strategy, running in conjunction with Microsoft doing the IAM components,” said Rod Simmons, Vice President of Product Strategy at Omada. “After 20 years, this Microsoft strategy is still a piece of the business, but we now cover the full IAM and IGA stack.”

Like all long-time enterprise software companies, Omada started out on prem, but their cloud version is now a majority of their deployments.

“Cloud is transitioning to the majority,” Simmons said. “We launched our cloud version a year and a half ago, and it is now over 50-50 in our deployments. About 80% of our new sales are cloud.”

Simmons said that while all vendors have their own unique aspects, Omada emphasizes two key pieces on best practices. IdentityPROCESS+ is a comprehensive, best practice process framework for IGA, while Omada IdentityPROJECT+ is how we actually help customers with the project.

“Strong context is another differentiation for us,” he said. “Typically, employees have different personas with different types of access. We understand the context to grant the right access. Our easy connectivity is another differentiation. IGA was always heavy on code, which made upgrades hard. Our upgrade strategy is also different. The customer can pause major updates if they want, to give them time for testing and documentation changes.”

Customers are typically enterprise and midmarket.

“The sweet spot is 2000 employees up, where automation starts to make real sense,” Simmons indicated. “It’s also important in regulated markets with compliance. If you sell in Europe, you have a need for IGA.”

Omada has a hybrid channel strategy, which includes both reseller and MSP partners. They are also aggressively recruiting channel partners outside of their continental Europe base, where they are strongest. They are particularly looking for high quality partners in North America, the United Kingdom and Ireland.

“Our primary focus is integration partners, who can do implementations,” Simmons said.  Omada released their updated Partner Program earlier this year, and offers partners learning paths aligned to different technical and sales roles, for pre-sales, sales, solution design and architecture, implementation and administration skills.

The new version of Omada Identity Cloud adds peer analysis and in-line external risk checks built upon Omada’s Segregation of Duties [SoD] controls. SoD breaks down tasks into multiple tasks, to prevent any single person being solely in control of tasks that constitutes risks. Payment and approval of invoices would be an example. SoD separates them into individual tasks.

“The idea is to look for to toxic combinations you don’t want to exist,” Simmons stated. “What we have done here is extend that so that when you are determining access policy for an individual, you can see if their peers have access to what they are asking for. It provides more intelligence.”

The new version provides extended Active Directory connectivity through a new connector. This was simply a case of modernizing a tool that hadn’t kept up with user requirements today.

“Our first Active Directory connector limited customer flexibility to get everything they wanted,” Simmons said. “So we went back, and looked at how to make synchronization faster, and improve customer support around it. It now provides finer grain control for customers doing filtered connectivity, and has much faster import speed. It mirrors new, more modern connectors in the product.”

Omada has fewer customers on Google Cloud than on AWS or Azure, so it hasn’t had the same priority for a connector. This release adds the first one however, with a connection for Google Workspace. It now rounds out connectivity for the three largest cloud platforms.

“Customers on Google could use us there before,” Simmons noted. “We have a universal one, and we customized it for customers who needed Google. “This is the first officially supported Google connector, however, and it will make things easier for customers who use that platform.”

The new release also improves configurability with dynamic filtered views and forms that improve the user experience, without the need for custom code.

“Configuration is so important,” Simmons said. “We recently onboarded a partner who has worked with a competitive product, and we walked through the stack. He was amazed he didn’t have to walk through 15 different screens, or to write hundreds of lines of Java script to get what was wanted.”