KuppingerCole Blog

Blog

Identity Access – The Immature Industry

Allan Foster thinks the identity and access management industry is an immature industry mostly because it is still thinking in siloes. He will elaborate on this idea in his keynote Access Control – The New Frontier on Thursday, May 12, 2022, 9:10 am at the European Identity and Cloud Conference 2022 . To give you a sneak preview of what to expect, we asked Allan some questions about his presentation. You have been involved in Identity for many years now. Have we solved all the Identity Problems? Well, wouldn't that be nice, right? We wouldn't even have to have a...

Blog

Zero Trust: CISOs No Longer Need to Choose Between Usability and Security

Among the longstanding challenges that information security leaders have grappled with for years, one stands out: the difficulty of balancing user experience and security. The traditional tug-of-war between ease of access to business-critical applications and resources and robust protection from hackers has never been easy. Until now. The unprecedented demands that the COVID-19 pandemic have placed on IT and security teams have tested their flexibility, inventiveness and resolve. But they’ve also had a silver lining. Across industries — particularly in those that are...

Blog

Google is Buying Mandiant to Boost Customer Protection Against Multi-Cloud Threats

Yesterday, Google has announced its intent to acquire Mandiant , a leading provider of cybersecurity defense and response services, for $5.4 billion – the company’s second-largest acquisition to date. When the deal is closed, Mandiant will join Google Cloud, further expanding its new parent company’s portfolio of security services, both in its own cloud and across multi-cloud and hybrid environments. To be completely honest, my initial reaction was somewhat akin to “Oh, poor Mandiant, they just won’t leave it alone…” After all, the company...

Blog

Autonomous Machines Transforming Business

Comprehending the Current and Future Transformation of Business by Autonomous Machines Self-driving cars! Not so fast, autonomous devices include much more than just vehicles. Autonomous devices perform their function using data it collects from its surroundings and acts based on its analysis of that input . This is often combing AI/ML and edge computing so that the device can operate without direct commands from an operator. It is not automatic, where it follows a rule-based logic that do not account for changes in the environment. Autonomous devices are often closely associated...

Navigator

Implementing Decentralized Identity

The world is becoming digital, which means we increasingly need an effective, trusted, and convenient way to prove our identity as we interact with digital services from governments, retailers, and other service providers because we can no longer easily use things like driver’s licenses in a digital environment. A digital equivalent that could be held by individuals and accepted by all service providers would make it much easier and safer to do business online. Digital citizen IDs can be used to access some government services, but they are not widely accepted. We need a...

Blog

Global Identity Networks: How to Leverage Them for Business Benefit

The organization that is ready to onboard pre-verified customers should pay attention to global identity networks. The organization that is ready to provision, authenticate, authorize their employees, contractors, suppliers, etc. remotely and based on credentials verified by trusted service providers should pay attention to global identity networks. The organization that is ready to manage identities with data minimization built into credential sharing, and transparent audit trails to check the validity of those credentials should pay attention to global identity networks. Global...

Navigator

Access Controls for Business Applications

Critical businesses applications are no longer confined to on-prem SAP installations, with organizations moving rapidly to cloud-based systems offered by SAP and other vendors, which means many businesses are having to rethink their access-related risk management capabilities. For many organizations, critical systems are now found both on-prem and in the cloud. This makes it challenging to meet compliance requirements for managing risks, which typically includes managing access controls and SoD (segregation of duty) controls, as well as implementing adequate Access governance....

Blog

No Security Without Confirmation

Today's organizations require a tool for authenticating, encrypting data, or signing documents to ensure security and trust. Konstantin Krasovsky, from Indeed Identity, and Martin Kuppinger discussed what challenges lay ahead for organizations. Watch the interview now to find out more.

Navigator

Privacy and Consent Management

As discussed in the previous edition of KC Navigator, data is the lifeblood of the modern enterprise. However, that data needs to be well managed to deliver value to the business, and at the same time to ensure compliance with local and international data privacy regulations. This not only means providing adequate protection for personal data, but also means ensuring that you have obtained the necessary consent to use that data in the ways you are using it.  Privacy and Consent Management software tools have emerged to help modern enterprises cope with these challenges. These...

Blog

Identity Fabrics: Developing your IAM Program from Vision to Strategy

Are you bothered by the ubiquitous dichotomy between delivering to urgent demand and delivering to a strategy for your organization’s IAM (Identity & Access Management)? The one good news on that is that you are not alone. But there is more good news: You can get both, without unreasonable extra effort and without endlessly delaying any delivery. It is work and it will require some investment in time and maybe in money. But it works and it is an already proven approach. Not every practice qualifies for “best” practice The magic word in that is “best...