Blog posts by Bettina Buthmann
The European Identity & Cloud Awards 2014 were presented last night by KuppingerCole at the 8th European Identity & Cloud Conference (EIC). These awards are honoring outstanding projects and initiatives in Identity & Access Management (IAM), Governance, Risk Management and Compliance (GRC), and Cloud Security. Numerous projects have been nominated by vendors and end-user companies during the last 12 months. Winners have been chosen by KuppingerCole analysts among the most outstanding examples of applications and ideas in the areas of IAM, GRC, and Cloud security. Additionally, one Special Award and the Lifetime Achievement Award have been given.
In the category Best Identity and Access Management Project, the award was granted to the UK Ministry of Defence for a project that enables flexible collaboration between suppliers, including small vendors.
The European Identity Award for the category Best Access Governance and Intelligence Project goes to Banca Intesa Beograd. They implemented an Access Intelligence solution that provides insight into access risks not only for IT administrators, but for the various business departments. Thus, the workload for producing reports on access rights and risks for both auditors and the business is significantly reduced.
Another award has been given to NXP Semiconductors, based in the Netherlands. The category of this award is Best Cloud Security Project. NXP Semiconductors has implemented a Cloud-based IAM solution, managing access of users to a number of Cloud applications, based on a Cloud service provided from within Europe and thus avoiding legal and regulatory complexity.
The award for Best Innovation/New Standard in Information Security in 2014 goes to Kantara Initiative for the UMA (User Managed Access) standard. This new standard allows users to regain control over their data and has a significant potential for improving privacy on the Internet.
In addition, there has been a Special Award for Best Innovation for Security in the API Economy. The API Economy describes fundamental changes in the way organizations and systems interact over today's Internet, based on machine-to-machine communication via “Application Programming Interfaces” (APIs). The award went to IETF (Internet Engineering Task Force) for the new JWT/JOSE specifications that build the ground for secure API-based communications and is essential for future secure mobile communications and the IoEE (Internet of Everything and Everyone).
Finally, KuppingerCole presented the Lifetime Achievement Award to Ann Cavoukian, Information and Privacy Commissioner for Ontario, Canada. Ann Cavoukian has developed the concept of “Privacy by design” that describes fundamental concepts for privacy and seeks to proactively embed privacy into the design specifications of information technology, organizational practices, and networked systems.
The European Identity & Cloud Awards 2013 were presented tonight by the analyst group KuppingerCole at the seventh European Identity & Cloud Conference. This award is honoring outstanding projects and initiatives in Identity & Access Management (IAM), Governance, Risk Management and Compliance (GRC), and Cloud Security. Numerous projects have been nominated by vendors and end-user companies during the last 12 months. Winners have been chosen by KuppingerCole analysts among the most outstanding examples of applications and ideas in the areas of IAM, GRC, and Cloud security. Additionally, four Special Awards and the Lifetime Achievement Award have been given.
In the category “Best Identity and Access Management Project”, the award goes to Virgin Media for the implementation of highly polished access control mechanisms with IAM technologies for the WiFi network of the London Underground metro system. This project went live for the 2012 Summer Olympics and had to meet very demanding requirements for high performance user authentication.
In the category “Best Access Governance and Intelligence Project” two awards have been presented to Deutsche Bank AG and Swiss Reinsurance Company Ltd. Both companies have developed outstanding projects in the Access Governance field. Deutsche Bank AG has implemented complex access rules across the borders of business units, thus taking the leading role in the worldwide financial industry. Swiss Re has implemented a complete infrastructure for dynamic access permissions management, an important milestone in their architecture.
The award for the “Best Cloud Security Project” went to Evry ASA for their multitenant IAM infrastructure in the cloud with an impressively sophisticated security model, which, among other mechanisms, also supports authentication with national ID cards.
In the “Best Approach on improving Governance and mitigating Risks” category, the award has been presented to UKH (University Hospital) Hamburg-Eppendorf. They have protected their internal PC systems from unauthorized privileged access, while ensuring that IT service operators can still easily access the systems for support tasks. The project has provided massive improvements in sensitive data protection.
OAuth 2.0 has received the award in the “Best Innovation/New Standard in Information Security”. OAuth 2.0 is the most important new standard in the IAM field, which already enjoys broad recognition and support by the leading vendors on the market.
This year, the “Lifetime Achievement” award has been presented again, and this time it went to Kim Cameron, who has greatly contributed to the Identity Management field with his “Seven Laws of Identity” and who continues to shape the IAM field with new ideas.
Finally, four special awards have been presented.
A special award “Bridging the Organizational Gap between Business and IT” has been presented to Volkswagen Financial Services. VWFS AG has developed an outstanding and exemplary approach to the organizational structure for their Access and Identity Management Program, thus ensuring their business/IT alignment.
Another special award for “Rapid and Lean Implementation of IAM/IAG” went to E.ON Global Commodities. Their impressive Access Governance project demonstrates the possibility to implement IAM projects quickly in the most complicated application environments.
A special “Rapid Re-design and Re-implementation of the entire IAM” award has been presented to Schindler Informatik AG. This company has not only built an identity provisioning infrastructure for their project, but also performed a client migration to the new Windows version and restructuring of their Microsoft Active directory, working on several complex projects in parallel. At the same time, their HR has been standardized, forming a reliable information source for their IAM.
Finally, HypoVereinsbank has been awarded for their “Integration of Provisioning and Access Governance in a Complex Banking Environment” project for its business focus, global scale and groundbreaking approach to efficient onboarding of business applications.
The European Identity Awards 2012 honoring outstanding projects and initiatives in Identity Management, GRC (Governance, Risk Management and Compliance) and Cloud Security were presented yesterday by the analyst group KuppingerCole at their annual event, the European Identity Conference 2012 in Munich. Winners were chosen from a shortlist of exemplary projects and initiatives compiled by the analysts at KuppingerCole, end-user companies and vendors during the last 12 months. Award winners have all distinguished themselves through exceptional efforts in Identity and Access Management (IAM), Governance, Risk Management and Compliance (GRC), and Cloud Security.
In the category "Best Identity and Access Management Project" the award went to Siemens AG. Siemens was awarded for their project DirX HRS service, which allows the use of hybrid cloud environments in a secure and verifiable way. The project is based on a flexible, scalable, standards-based architecture and uses dynamic, complex workflows to model the business rules for access approval.
In the category "Best Access Governance and Intelligence Project", the award goes to Europol. Europol has implemented a strategic IAM (Identity and Access Management) project, enabling centralized auditing across all IAM-modules. It is expandable to implement future requirements in a highly sensitive environment with a large number of external partners. It also involves real-time monitoring.
In the category "Best Cloud Security Project" two differently designed projects were awarded.
One award goes to Daimler AG for its project to secure its enterprise wide, cloud-based collaboration solution with strong authentication and an approach that ensures that sensitive credentials always remain within the corporate IT.
The second award goes to Sanofi S.A. for their approach to support for identity federation, which was implemented in a very short time frame and is characterized by a high level of acceptance of business users. This defines the foundation for further, timely support of business requirements in an agile business environment.
In the category "Best Approach to improving governance and mitigating risks", the prize goes to the Aéroports de Paris SA, the operator of the Paris airports. The company has implemented a privilege management solution that supports compliance requirements and integrates with security scanning solutions for the systems. This compliance processes have been optimized and complexity reduced.
The award for "Best Innovation / New Standard in Information Security" goes to OpenID Connect as a standard to support the authentication of users, which makes it easier to meet this requirement on the Internet and cloud environments.
The "Lifetime Achievement Award" goes to Prof. Dr. Reinhard Posch, CIO for the Austrian Federal Government, for his far-reaching, exemplary and successful efforts to implement identity and access management in public administration and in interaction with citizens.
Finally, a "Special Mobile Security Award" was given to Swisscom. The recipient of this award has been distinguished for its mobile ID solution, which, based on industry-standard hardware (SIM cards), enables secure authentication and other security services on mobile devices. Designed for easy use by business customers and – later - private users, the system is supported through managed services. This approach is an excellent example of how security can be increased in this critical area in a practical way.
The European Identity Award 2011 honoring outstanding projects and initiatives in Identity Management was presented on Wednesday by the analyst group KuppingerCole at their annual event, the European Identity Conference 2011 in Munich. Winners were chosen from a shortlist of exemplary projects and initiatives compiled by the analysts at KuppingerCole during the last 12 months. Award winners have all distinguished themselves through exceptional efforts in Identity and Access Management (IAM), Governance, Risk Management and Compliance (GRC), and Cloud Security.
The European Identity Award highlights implementations and programs that the analysts of KuppingerCole believe have the potential to advance the awareness for and business value of digital identity in the context of business and commerce.
In the category Cloud Provider Offerings the winner is WSO2 for providing a multi-tenant Identity as a Cloud Service with OpenID and XACML support, build on an open-source platform, with several innovative features and migrating an on-premise solution to a full cloud service.
A special award for Integrated Identity & Access Management, a key topic of this year’s EIC, gone to Telefonica O2 Czech Republic for their successful deployment of a large scale IAM implementation covering provisioning, SSO, Audit, efficient application on-boarding, and more.
As best GRC (Governance, Risk Management & Compliance) project the BT Managed Fraud Service has been selected, a shared service providing real-time assessment of online transactions and analyzing fraud.
In the category Privacy the winners are Qiy and connect.me, delivering Innovative approaches to manage the personal identity in the Internet.
Two awards were granted in the category Identity-related eGovernment projects. One goes to Postecom for their CECPAC project, a certified, free mail platform open to all Italian Citizens for their communications with Public Administrations. The other goes to tunnistus.fi and the KATSO consortium for their Government to Citizen/Business services established in Finland, now used by more than 70% of the Finnish companies.
European Identity Award for outstanding projects, innovations and advancements in the field of digital identity management was presented by the analyst group Kuppinger Cole at a festive ceremony at the European Identity Conference 2010, the leading European venue for Identity and Access Management (IAM) and Governance, Risk Management and Compliance (GRC) in Munich. Awards were given in six categories. Besides the award for “best innovation” in IAM or GRC, the categories include best program or initiative in internal projects, B2B, B2C, Cloud Computing and eGovernment/eHealth.
In the category “Best IAM Project in Cloud Computing”, the award went to three projects run by single hosting providers or as multi-client cloud services. The first went to Orange FT Group of France for their innovative solution involving authentication of multiple identity and service providers within federated environments. Another award went to BasisOne, a hosting provider based in South Africa with a strong focus on SAP solutions, for an infrastructure project involving IAM technology provided by Novell. The third award was received by Piaggio Group of Italy for a hosted IAM solution based on products by Engiweb and focusing on defined, enterprise-wide business processes.
On the occasion of the European Identity Conference 2009 (EIC), the leading European event for Identity and Access Management (IAM) and GRC (Governance, Risk Management, and Compliance), the analyst firm Kuppinger Cole conferred the European Identity Award. The award recognizes outstanding projects as well as innovations and additional developments of standards.
There are six categories for the award. In addition to best innovation in the areas of IAM and GRC, and the best new or improved standards, the best projects of the past 12 months for the categories internal projects, B2B, B2C, and eGovernment are honoured.
Manufacturers, system integrators, consultants, and user enterprises were encouraged to propose candidates for the award. Kuppinger Cole also included projects they had encountered during their own analyses activities. Up to three outstanding projects and innovations were selected as recipients of the awards from the group of proposed candidates.
In the category "Best innovation", the award went to the OpenSSO initative, founded and supported by Sun Microsystems. Their project, OpenSSO Fedlet has provided a lean solution for the Identity Federation. Another award goes to the companies Yubico and AXSionics for their respective innovations in the area of strong authentication, which provide easier solutions for use on the internet and in the context of user-centric identity management. Another award in that category went to Microsoft for their Geneva project, in which federation becomes part of user containers - in the view of Kuppinger Cole, one of the most significant enhancements for future use and dissemination of the Identity Federation.
The European Identity Award for the category "Best new or improved standard" went to the Aristotle Project for ArisID, an important enhancement of IGF (Identity Governance Frameworks) and CARML, which enhances user-friendliness of these important standards for IAM and GRC. This particular innovation had been promoted and supported by Oracle. The standardization initiative OAuth (Open Authentication) receives an award for their streamlined approach for authentication standardization, which finds a lot of market interest. The last award in this category goes to the Information Card Foundation (ICF) for standardizing the important approach of Information Cards for future identity management.
One of the awards in the category "Best internal IAM/GRC project" went to Enel SpA, the largest energy supplier in Italy, for their nationally implemented large-scale project with full IAM and GRC integration, in which sophisticated SoD controls are used, and for which role management was widely implemented. Another award goes to Deutsche Bank AG for their GRC implementation in the financial sector, which provided fast implementation of control functions for user authorizations. And last but not least, one award goes to ECCO Sko A/S, a Danish shoe manufacturer, and Helvetia Insurance in Switzerland. These companies provided solutions for IAM and GRC implementations for the integration into other systems, e.g. Lifecycle Management and License Management (ECCO) and their respective procurement workflows (Helvetia).
One of the awards for "Best IAM/GRC project for B2B" went to Citi for their Global Transaction Service, which supports secure transactions for their B2B customers. The next award went to the Swedish BankID Consortium for their successful solution in the area of electronic ID, which can be utilized by their employees, partners, and clients, and has already been well established. The last award in this category goes to swissgrid ag, which recognized their approach for identity management in the electricity sector, where challenges are growing continuously more complex due to deregulation, and solutions need to be realized far beyond the boundaries of individual enterprises.
One of the European Identity Awards in the category "Best IAM/GRC project for B2C" goes to the Department of the Interior of the Czech Republic for their project CzechPoint, a kiosk-based approach, with which citizens can utilize eGovernment functions, and which significantly simplifies processes for both citizens and the state. Another award goes to the London Borough of Newham for their first implementation of Information Cards in eGovernment, which simplifies access to their services for citizens (clients).
One further award in the category "Best IAM/GRC project for eGovernment" went to the city of Cologne; their project successfully transformed their internal IAM solution with a strong service management component into a common service center, which can also be utilized by other communities in the region.
Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]