News Archive

Blog

Why CIO should put GRC on the New Year’s resolution list

GRC (Governance, Risk Management, Compliance) is one of the best-known and least understood buzzwords in IT today. As is too often the case, a variety of stakeholders have seized on the expression and defined it any way they choose. Nevertheless, GRC belongs right up there on your list of New Year’s resolutions because it is (or should be) an essential part of overall IT strategy. As the term itself implies, GRC covers a range of crucial topics which all deserve to be examined separately and closely. Governance is the umbrella phrase since it describes the overall concept of proper (as in...

Blog

Will IBM change the way we do PAM (or PIM or PUM)?

I've blogged several times about PAM (Privileged Account/Access Management) in the last few months, stating that I expect more integration of PAM with existing IAM applications (Here, here, here, and here). Now IBM is moving forward on this with their PIM offering. It's interesting to observe what IBM is doing these days. There hadn't been that many news from IBM for a pretty long time. But this year IBM has increased its speed significantly. The release of TIM 5.1 with many significant improvements, their approaches around risk and compliance with tight integration to TIM as well as other...

Blog

CapEx and OpEx – the latest thing in IT buzzwords

Talking with IT decision makers these days, it seems that two new terms keep cropping up, namely the abbreviations “CapEx” and “OpEx”. They stand, of course, for “capital expenditures” and “operational expenditures”. Both have been borrowed from economic parlance but are now widely used in IT Speak, too. Broadly, CapEx is something you want to avoid, while OpEx is something you want to keep under control. To do that, IT people have two available options, one of them simple, the other kind of tricky. The easy one is leasing which means avoiding the need to tie up tight budget in expensive...

Webcast

Provisioning Trends: Schlank, voll automatisiert, kostengünstig

Kuppinger Cole Webinar recording

Webcast

How to Start: Recertification or Active Access Controls First?

Kuppinger Cole Webinar recording

Webcast

How to Efficiently Implement SoD Controls: Which Level Works?

Kuppinger Cole Webinar recording

Webcast

XACML: The Holy Grail of Access Governance?

Kuppinger Cole Webinar Recording

Blog

The simple cloud API - a step forward?

Some few weeks ago, the "Simple Cloud API" has been announced. The company behind this is Zend technologies, which calls itself "The PHP Company". More important is the fact that Microsoft and IBM are amongst the supporters of Simple Cloud API. That means that there is a significant momentum behind that approach from the very beginning. One could argue that this is just another standard or API besides so many approaches we've seen recently. However, the Simple Cloud API is somewhat unique for some reasons: It is focused on PHP. You may like PHP or not but it is an important language for...

Webcast

5 Golden Rules for Efficiently Implementing Access Governance

Kuppinger Cole Webinar Recording

Webcast

Getting the Big Picture: How Access Governance fits into IT Governance and Risk Management

Kuppinger Cole Webinar Recording

Webcast

The Three Elements of Access Governance: Recertification/Attestation – Access Control – Privileged Access Management

Kuppinger Cole Webinar Recording

Vendor Report

Vendor Report: TESIS SYSware

TESIS SYSware, part of the TESIS group, is a private company located in Munich. The group consists of three divisions that are involved in a variety of IT fields. TESIS SYSware’s (hereafter referred to as TESIS) core business is in IT security and identity management. They are a provider of standardized software for these markets. The company’s focus is on password, privileged account and access management solutions for Windows file servers. As a specialized provider in the IAM market, TESIS is not well known. However, TESIS has powerful products and, for a company of its...

Blog

Vendors - lemmings or another species?

I had several interesting discussion with some vendors about the future of some market segments in the IAM market. And when I look at these markets (and many other IT markets, including the emerging cloud market) one thing becomes obvious: Established vendors tend to act as sort of lemmings. What do I mean by that? There is an idea that appears to be successful for one vendor. Then other vendors tend to follow without really analyzing whether this is really the best approach. They frequently claim that their customers are requesting that type of solutions. But: Their customers are...

Blog

No Information Security Without Identity

IT professionals often have trouble convincing the budget managers that the often costly projects in Identity and Access Management (IAM) are really necessary. That should come as no surprise, since most of them belong to the category “IT infrastructure”, and it’s always hard to show a true ROI on something as fundamental as that. However, in lean times like these the boss man is more inclined than ever to demand a return any type of expenditure. So what is the poor IT guy to do? One way is to use "soft" sales arguments, and that's why compliance has become so popular recently. It...

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

Modern Cybersecurity Trends & Technologies Learn more

Modern Cybersecurity Trends & Technologies

Companies continue spending millions of dollars on their cybersecurity. With an increasing complexity and variety of cyber-attacks, it is important for CISOs to set correct defense priorities and be aware of state-of-the-art cybersecurity mechanisms. [...]