News Archive

Executive View

Executive View: Centrify Privilege Service - 71326

Centrify Privilege Service is a shared account password management and access auditing solution, available as a service or for deployment in the cloud or on-premise.  

More

Executive View

Executive View: RSA Identity Governance and Lifecycle - 72503

RSA Identity Governance and Lifecycle is a complete solution for managing digital identities, both inside and outside the enterprise. The RSA solution covers all aspects of governance from attestations to policy exceptions and identity lifecycle, from provisioning to entitlement assignment to access reconciliation to removal.

More

Blog

The importance of consent management: CIAM vs. GDPR

Consumer identity and access management solutions are bringing value to the organizations which implement them, in terms of higher numbers of successful registrations, customer profiling, authentication variety, identity analytics, and marketing insights.  Many companies with deployed CIAM solutions are increasing revenue and brand loyalty.  Consumers themselves have better experiences interacting with companies that have mature CIAM technologies.  CIAM is a rapidly growing market segment. CIAM systems typically collect (or at least attempt to collect) the following...
More

Webinar

Feb 21, 2017: Privileged User Monitoring as Key Element of Counter-Measures

The IT landscape is undergoing its biggest change at least since the introduction of the PC. Cloud services and mobile devices stand for the hyper-connected enterprise, where everyone has access to everything, and where services reside somewhere, in the organization and in the cloud. This extends the risk surface. It is no longer about protecting some centralized servers in a well-secured data center, but about a sprawl of systems and services. More

Executive View

Executive View: Watchful Software RightsWatch - 70848

RightsWATCH automatically classifies and protects any file format in accordance with corporate policy based on content, context or metadata-aware policy rules, extending the Microsoft Right Management facility to ensure that sensitive and confidential information is identified and classified appropriately.

More

Blog

The Role of Artificial Intelligence in Cyber Security

Over the last few weeks I’ve read a lot about the role AI or Artificial Intelligence (or should I better write “Artificial” Intelligence?) will play in Cyber Security. There is no doubt that advanced analytical technologies (frequently subsumed under the AI term), such as pattern matching, machine learning, and many others, are already affecting Cyber Security. However, the emphasis here is on “already”. It would be wrong to say “nothing new under the sun”, given that there is a lot of progress in this space. But it is just as wrong to ignore the...
More

Blog

Grizzly Steppe – what every organization needs to do

On December 29th, the FBI together with CERT finally released a Joint Analysis Report on the cyber-attacks on the US Democratic Party during the US presidential election.  Every organization, whether they are based in the US or not, would do well to read this report and to ensure that their organization takes account of its recommendations.  Once released into the wild – the tools and techniques and processes (TTPs) used by state actors are quickly taken up and become widely used by other adversaries.  This report is not a formal indictment of a crime as was the case...
More

Executive View

Executive View: SAP HANA Cloud Platform Identity Authentication and Provisioning - 70290

SAP HANA Cloud Platform Identity Authentication and Provisioning is a cloud- based platform for provisioning and managing digital identities and access for SAP solutions and more.  

More

Blog

PSD II, Adaptive Authentication, and Multi-Factor Authentication

The upcoming updated Payment Services Directive (PSD II) will, among other changes, request Multi-Factor Authentication (MFA) for all payments above 10€ which aren’t done electronically. This is only one major change PSD II brings (another major change are the mandatory open APIs), but one that is heavily discussed and criticized, e.g. by software vendors, by credit card companies such as VISA, and others. It is interesting to look at the published material. The major point is that it only talks about MFA, without going into specifics. The regulators also point out clearly that...
More

Advisory Note

Advisory Note: Plant Automation Security - 71560

Industrial Computer Systems (ICS) are increasingly coming under attack as hackers are realizing the economic and reputational benefit of a successful operations technology system compromise. Organizations seeking to exploit their plant automation systems to drive business processes are deploying communications paths to their ICSs and raising the risk profile of their organizations.

More

Executive View

Executive View: TechDemocracy CRS&G Cyber Risk Governance Services Framework - 72536

Achieving risk governance and resilience, while ensuring protection from Cyber risks by creating a standards-based process framework focusing on a risk based approach and implemented using a complementary software platform.

More

Blog

Do you need a better IAM system to meet the GDPR requirements?

GDPR, the EU General Data Protection Regulation, is increasingly becoming a hot topic. That does not come as a surprise, given that the EU GDPR has a very broad scope, affecting every data controller (the one who “controls” the PII) and data processor (the one who “processes” the PII) dealing with data subjects (the persons) residing in the EU – even when the data processors and data controllers are outside of the EU. Among the requirements of EU GDPR are aspects such as the right to be forgotten, the right to edit the PII stored about one self, or the...
More

Blog

Accenture to acquire French IAM System Integrator Arismore

Just before Christmas Accenture Security announced the acquisition of French IAM system integrator Arismore, a company with about 270 employees and an estimated turnover of €40M. This makes Arismore a leading IAM system integrator in France, while also being involved in IT transformation initiatives. The acquisition follows other deals such as the acquisition of Everett by PWC earlier in 2016. Arismore is of specific interest because it also owns a subsidiary, Memority, which launched an IDaaS offering back in 2014. Memority is one of the various IDaaS offerings that are largely...
More

Executive View

Executive View: FSP Identity Governance and Administration Suite - 71324

Die FSP Identity Governance & Administration Suite ist eine Lösung zur Verwaltung des Identitäts- und Zugriffslebenszyklus und bedient somit den Markt für Identity Provisioning und Access Governance. Ein besonderer Vorteil des Produkts ist die Kombination von rollenbasierter und richtlinienbasierter Zugriffssteuerung in einer einzigen Lösung.

More

Blog

Is your software GDPR compliant? Is that the right question?

I hear this question being asked more and more  of vendors and of us analysts, whether a vendor’s software is GDPR compliant. However, it is the wrong question. The correct question is: “Does the software allow my organization to fulfill the regulatory requirements of EU GDPR?”. Even for cloud services, this (as “Does the service allow…”) is the main question, unless PII is processed by the cloud service. If an enterprise implements a software package, it still has the requirement for complying with EU GDPR. It is the data controller. If it uses a...
More

Blog

What Value Certification?

In the past weeks, there have been several press releases from CSPs (Cloud Service Providers) announcing new certifications for their services.  In November, BSI announced that Microsoft Azure had achieved Cloud Security Alliance (CSA) STAR Certification. On December 15th, Amazon Web Services (AWS) announced that it had successfully completed the assessment against the compliance standard of the Bundesamt für Sicherheit in der Informationstechnik (BSI), the Cloud Computing Compliance Controls Catalogue (C5). What value do these certifications bring to the customer of these...
More

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

Jennifer Haas, Communications Manager:
+49 211 23707731

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

Learn more

IoT, IIoT & the Identity of Things

The industrial IoT segment continues to grow steadily. With all the new companies rushing to the market, it’s quickly becoming crowded, which inevitably leads to mergers and acquisitions, forming partnerships and growing ecosystems – in other words, the IIoT market is finally showing the signs of maturity. By the way, let the term “industrial IoT” not confuse you: IIoT is not limited by just industrial applications; it is going to expand into various market sectors. In fact, we cannot even define a clear border between the “consumer" and “industrial” [...]