Blog by Martin Kuppinger

How to Grant Access Right
Find out about the importance of context for Identity Risk Management.  Watch the insightful interview Martin Kuppinger had with David Pignolet from SecZetta on the EIC 2021.
Read More
Rest in Peace, Kim Cameron
Digital identity thought leader Kim Cameron´s passion for fundamentally influencing the way we think about, and deal with privacy and digital identity, has brought us where we are today and will endure forever. On 30 th November, 2021, Kim passed away after his courageous battle with cancer. We will continue to honor him by living by his ideals that he expressed back in 2005 with his 7 Laws of identity . User Control and Consent, Minimal Disclosure for a Constrained Use, Justifiable Parties, Directed Identity, Pluralism of Technologies, Human Integration, Consistent...
Read More
Managing Access and Entitlements in Multi-Cloud Multi-Hybrid IT
Introducing DREAM (Dynamic Resource Entitlement and Access Management) Paradigm for managing all access of everyone and everything to all resources consistently in a multi-cloud multi-hybrid environment. Policy-based, automated, consuming the current state of services & infrastructure. Shifting from identity & security siloes to a holistic, integrated concept. Start tactically now with CIEM, PAM, etc., but go on to strategic measures. Managing identities, managing entitlements, and managing access has become way more complex than ever before, in dynamic, multi-cloud,...
Read More
Making DevSecOps a Reality and Going Beyond – Introducing SODAS (Secure Operations & Development of Agile Services)
A paradigm for aligning Development, Delivery, Infrastructure Setup & Management, and Operations in a seamless manner, with identity & security always at the forefront. Policy-based, automated, and with well-segregated but aligned responsibilities. DevOps, an integrated approach for development and operations of software and services, and DevSecOps, adding a security angle, have been around for close to a decade. While DevOps became an established principle, combining agile software development and the subsequent operations, DevSecOps – despite being intensively...
Read More
IT for the Digital Age: Introducing BASIS – Business-Driven Agile Secure IT as a Service
A paradigm for unified delivery of IT services to the business demand, based on automated, policy-based management, and supported by the unification of heterogeneous multi-cloud multi-hybrid IT environments following a services-based approach. Businesses need to reinvent themselves continually in the Digital Age. Every business is a Digital Business today, that needs to deliver and improve Digital Services that differentiate it from the competition. This requires an IT that is built to deliver to the business demand in an agile, yet secure and well-controlled manner. This will work...
Read More
CIO Advice: How to Make Your Digital Business Fly
Doing IT right is the premise for delivering time-to-value in the Digital Journey. Success requires an agile IT for delivering secure Digital Services on time. Virtually all organizations have become digital at least to a certain extent in the past three decades since the World Wide Web (already an old-fashioned term) took off. But we are still on that journey. There is a good reason not to name this Digital Transformation, but Digital Journey. It is not about transforming from the analog to the digital state, but an ongoing journey. This journey is driven by ever-changing business...
Read More
Microsoft further strengthens Identity and Security offerings by CloudKnox Security acquisition
Microsoft last week announced another acquisition, a few days after announcing the acquisition of RiskIQ . This next acquisition is CloudKnox Security , a vendor offering unified privileged access and cloud entitlement management. These technologies, sometimes also referred to as CIEM (Cloud Infrastructure Entitlement Management), are essential for getting a grip on entitlements and access to cloud resources in multi-cloud and multi-hybrid environments. Permission Management for hybrid cloud infrastructures The CloudKnox Cloud Permissions Management Platform delivers a range of...
Read More
Where Workflows, Service Management, Digital Identities, and Work From Home Meet
Simplifying access to IT services by building on platforms for IT workflows and beyond ServiceNow, over the past few years, has emerged as one of the leaders in the ITSM (IT Service Management) market and beyond to what today is named ESM (Enterprise Service Management). In fact, the evolution of that market has helped ITSM leave the bunker of IT, and become a strategic element for businesses. ESM today is much bigger and more important than ITSM ever was The reason is that ESM supports organizations in business process optimization, based on central platforms with centralized...
Read More
Informatica is Moving Data Management to the Cloud
Introducing Intelligent Data Management Cloud (IDMC) as a Comprehensive, Cloud-Native, and Cloud-First Approach to Data Management Data is the new gold, the new oil, or whatever. In the cloud, you only own the data, but not the applications, systems, or networks anymore. Data is essential for Digital Transformation. There is so much data that is sprawling that it is hard to keep control of it. And, within the SaaS and PaaS tenants, data is what belongs to the tenant. Many organizations fail in managing this data sprawl and implement appropriate Data Governance. Data Is Ubiquitous:...
Read More
Managing Access to Your Business Applications: Breadth vs. Depth
I’ve been in IT long enough to remember when business applications were home-grown and written in COBOL. In the early stages of my career, I even gave computer classes on the standard algorithms for good COBOL programming, such as sorting and grouping. In the more than three decades since, I’ve seen SAP R/3 being discussed as the revolutionary approach for business applications, moving these from mainframes into client/server models. I’ve seen the emergence of the first SaaS applications, with some such as Salesforce or Ariba still being around. I’ve seen the...
Read More
SailPoint to Strengthen Their SAP Access Control and SoD Control Capabilities by Acquiring ERP Maestro
This week, SailPoint announced their intent to acquire ERP Maestro , a SaaS-based solution for monitoring SoD controls and manage access controls in business applications such as SAP. This announcement fits well into the SailPoint strategy of expanding their core offerings IdentityIQ and IdentityNow with additional SaaS services, such as AI-based identity analytics and, now, capabilities for in-depth management and control of access in business applications. Acquisition will help SailPoint in further expanding their offerings for business applications This acquisition also fits...
Read More
Centrify & Thycotic: Will 1+1 be 2? Or less? Or more?
TPG Capital acquiring Thycotic in addition to Centrify, but leaving many questions unanswered Mergers and acquisitions are not uncommon in the tech industry, specifically in software. Even in the specialized area of Privileged Access Management (PAM), currently a $1.4bn market according to the KuppingerCole market sizing data, there have been several acquisitions in recent years. Despite its relatively small size, competition within the PAM market is fierce and it attracts startups and investors who realize that PAM has performed a growth spurt in the last years. This was due to both...
Read More
Previous 1 2 3 4 5 6 7 Next