Blog posts by Martin Kuppinger

Blog

Is Your Software GDPR-Compliant? Is That the Right Question?

I hear this question being asked more and more  of vendors and of us analysts, whether a vendor’s software is GDPR compliant. However, it is the wrong question. The correct question is: “Does the software allow my organization to fulfill the regulatory requirements of EU GDPR?”. Even for cloud services, this (as “Does the service allow…”) is the main question, unless PII is processed by the cloud service. If an enterprise implements a software package, it still has the requirement for complying with EU GDPR. It is the data controller. If it uses...

Blog

It’s not about security vs. safety – it is about security and safety

When you’ve ever been involved in discussions between IT Security people and OT (Operational Technology, everything that runs in manufacturing environments) people – the latter not only security guys – you probably observed that such discussions have a tendency of not being fruitful because they start with a fundamental misunderstanding between the two parties. IT security people think about security first, which is essentially about protecting against cyber-attacks and internal attackers and the “CIA” – confidentiality, integrity, and availability....

Blog

Cognitive Security – the next big thing in security?

There are good reasons for the move towards “Cognitive Security”. The skill gap in Information Security is amongst the most compelling ones. We just don’t have sufficient skilled people. If we can computers make stepping in here, we might close that gap. On the other hand, a lot of what we see being labeled “Cognitive Security” is still far away from really advanced, “cognitive” technologies. Marketing tends to exaggeration. On the other hand, there is a growing number of examples of advanced approaches, such as IBM Watson – the latter...

Blog

Ping Identity Acquires UnboundID

Today, Ping Identity announced the acquisition of UnboundID . The two companies have been partnering already for a while, with a number of joint customers. After the recent acquisition of Ping Identity by Vista Equity Partners , a private equity firm, this first acquisition of Ping Identity can be seen as the result of the new setup of the company. The initial announcement by Vista Equity Partners already included the information that both organic and inorganic – as now has happened with UnboundID – growth is planned. The acquisition of UnboundID is interesting from...

Blog

Not So Dead Yet: Why Passwords Will Survive All of Us

There is probably no single thing in Information Security that has been claimed being dead as frequent as the password. Unfortunately, it isn’t yet dead and far from dying. Far from it! The password will survive all of us. That thesis seems standing in stark contrast to the rise of strong online identities. Also, weak online identities such as device IDs or the identifiers of things as an alternative to username and password will not make the password obsolete. We all know that passwords aren’t really save. Weak passwords such as the one used by Mark Zuckerberg –...

Blog

A Good Day for US Cloud Service Providers. And for Their Customers.

Back in 2014, a US court decision ordered Microsoft to turn over a customer’s emails stored in Ireland to an US government agency. The order had been temporarily suspended from taking effect to allow Microsoft time to appeal to the 2nd US Circuit Court of Appeals. I wrote a post on that issue back then and described the pending decision as a Sword of Damocles hanging atop of all of the US Cloud Service Providers (CSPs). While that decision raised massive awareness back then in the press, the news that hit my desk few days ago didn’t get much attention. In the so-called...

Blog

Blockchains go mainstream – IBM and Crédit Mutuel Arkéa blockchain implementation for KYC

IBM and the French Crédit Mutuel Arkéa recently launched the completion of a blockchain project that helps the bank verifying customer identities and remain compliant with KYC (Know Your Customer) requirements. In contrast to common, transaction-focused use cases for blockchain implementations, the focus in that case is on having a tamper-resistant, time-stamped ledger that supports the bank in identifying their 3.6 million customers. Customers, even more in banks with a lot of branch offices, have a variety of systems for managing customer identities. With the...

Blog

Know and Serve Your Customer: Why KYC is not enough

Know and Serve Your Customer: Why KYC is not enough Today’s connected businesses need to communicate, collaborate and interact with their customers in a way that’s more flexible than ever before. Knowing and, based on that knowledge, optimally serving the customer is key to success in the Digital transformation. Customer-facing IAM needed With the accelerating digital transformation, we intrude deeper into the subject of customer identity management than ever before. Several external drivers change economic partnerships, such as a different competitive landscape,...


KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Stay Connected

Subscribe to our Podcasts

KuppingerCole Podcasts - watch or listen anywhere


How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00