Sean Ryan

Senior Analyst

Author Insights


S&R Forum 2021: Passwordless Authentication Adoption Is Gaining Momentum

Sean Ryan November 8, 2021
Passwordless authentication, in the form of inherence factors (e.g., fingerprint, facial) or in the form of possession factors (e.g., device, app, token/certificate) and supplemented by other factors (e.g., location, user behavior), is an emerging authentication technology that will protect organizations from brute force attacks, credential stuffing, phishing, and social engineering tactics. If carefully selected and […]

Perspectives On One Identity’s Acquisition Of OneLogin

Merritt Maxim October 8, 2021
On October 4, 2021, identity and access management (IAM) vendor One Identity announced plans to acquire identity-as-a-service (IDaaS) vendor OneLogin for an undisclosed amount. Founded in 2009, OneLogin is an established pure-play IDaaS vendor that primarily serves midmarket enterprises, with a unified platform for employees, partners, and customers, and has raised over $170 million in […]

Security Recommendations 2021: Taking Stock For The Long Term

Sean Ryan March 23, 2021
After a tumultuous period of reactive steps, now is the right time for security and risk pros to get their long-term plans back on track.

Okta Acquires Identity Orchestration And CIAM Vendor Auth0 For $6.5B

Andras Cser March 4, 2021
Forrester analysts take a detailed look at what's driving the unprecedented premium being paid in this acquisition.

GRC And IAM — Better Together

Sean Ryan February 11, 2021
Struggling to define where GRC ends and IAM begins? Get a clear breakdown of how the two functions should work together in a broader risk management strategy.

It Is A Privilege To Announce The Forrester Wave™: Privileged Identity Management (PIM), Q4 2020

Sean Ryan November 19, 2020
Bad puns in the title of this blog post aside (queue the rolling of the eyes, sigh, and slight smirk), we are pleased to announce that “The Forrester Wave™: Privileged Identity Management (PIM), Q4 2020” is now live. While PIM vendors have been adding new capabilities and improved user experience over the past two years, […]

Dealing With The Access Hoarders In Your Organization

Sean Ryan November 11, 2020
Anyone who has seen the show Hoarders knows how people who fill their houses with unneeded stuff can literally bury themselves in junk. Security and risk (S&R) pros who manage employee access to apps, databases, and systems should notice the Hoarders parallel when it comes to IT access: Many employees unknowingly acquire access over time, […]

CyberArk Scoops Up Idaptive

Sean Ryan May 14, 2020
Read Forrester's take on CyberArk announcing its acquisition of identity-as-a-service vendor Idaptive.

Security Recommendations 2020: What To Focus On

Sandy Carielli April 27, 2020
Our team of security and risk analysts spent the past few months brainstorming and curating tactical and strategic advice designed to improve your security programs for 2020 and beyond . . . and then along came the COVID-19 global pandemic. In the midst of this, firms are undergoing a shuffle of priorities to accommodate a […]

Privileged Identity Management Solutions Must Secure Growing Diversity Of Use Cases

Sean Ryan April 9, 2020
Last week, Forrester published its latest overview of the privileged identity management (PIM) market, which can be found here. In it, we provide an overview of the 17 leading PIM vendors and categorized each vendor as either a PIM specialist or PIM suite provider , along with a market segmentation based on geography and annual […]

A Spike In Home Workers Raises MFA Resilience Questions

Sean Ryan March 17, 2020
Building a parallel VPN entry point or swapping MFA vendors is costly. Plus, there is the increased risk of expired tokens, user confusion, and system upkeep. In short, these challenges are daunting to implement and introduce new challenges. Take these four steps to develop an MFA resilience plan.

Passwords Belong In Time Capsules, Not IT Ecosystems

Sean Ryan March 5, 2020
Threats from ever savvier cybercriminals demand better, more comprehensive responses.

Rock ‘N’ Role — The Art Of Managing Employee Roles And Access For Dynamic Business Models

Sean Ryan February 13, 2020
Access control in the era of dynamic business is a growing challenge for security pros. Learn about the new scenarios that need to be addressed and the solutions available to S&R pros today.

Decade Retrospective: Cybersecurity From 2010 To 2019

Jeff Pollard December 17, 2019
From the Intel-McAfee deal to the Sony Pictures breach, VP and Principal Analyst Jeff Pollard reviews the past decade’s cybersecurity highlights and lowlights.

Two-Factor Authentication (2FA) Or Multifactor Authentication (MFA)? That Is The Question

Sean Ryan October 29, 2019
We, as security practitioners, need to be mindful about what we mean when we say “2FA” or “MFA.” These terms are often used interchangeably. The confusion is understandable, since 2FA is a subset of MFA. However, just like Halloween candy, MFA (including 2FA) comes in many flavors. Let’s unpack these terms and consider the various […]

Meet Your New Identity And Access Management Research Analyst

Sean Ryan October 8, 2019
As of September, I’m the new identity and access management (IAM) analyst on Forrester’s security and risk research team. I am grateful to have joined a very talented group of analysts at a company that is fun, intellectually stimulating, and committed to high-quality, objective research. In my role, I will be taking over some of […]