News Archive

Webinar

Apr 03, 2009: Controlling the Impacts of Recession on IT Security

As the recession is severely hitting most industries, type and quality of security threats are changing quickly. In this webinar, Martin Kuppinger will describe these threats and their impact on Identity and Access Management, GRC, Privileged Account Management, Data Leakage Prevention, and Information Rights Management.

Blog

The wild ride that was TEC 2009

I just came back from this year's Expert conference, TEC 2009. Last year it was still called the "Directory Expert's Conference" (DEC). This year the conference has been extended to include training on Microsoft Exchange as well, hence the name change. And of course not to forget that Quest has taken over Netpro - but has this really changed the scope or focus of TEC? Not at all, as was very immediately visible from the start, with a very funny introductory video. It started off just like a very glitzy marketing presentation that turned quickly into a hyperbole of fuzzy marketing buzzwords...

Workshop

May 05, 2009: Information Card Foundation (German Chapter) Meeting

Vendor Report

Vendor Report: Econet

Die econet AG ist ein in München ansässiges Unternehmen, das 1994 gegründet wurde. Der Fokus des in Privatbesitz befindlichen Unternehmens liegt auf der Unterstützung von IT-Geschäftsprozessen und IT-Diensten. Der Ansatz zielt auf die Verbindung von Identity Management und Service Management und eine Unterstützung von GRC-Anforderungen ab. Spezifische Stärken liegen in der Risikoanalyse und im Risikomanagement, in Integration mit dem Lösungsportfolio des Unternehmens. Econet zählt mit seinem Ansatz zu den interessanten und innovativen Anbietern...

Product Report

Product Report: Siemens DirX Access

Siemens hat auf einer zugekauften und signifikant weiterentwickelten Technologiebasis den Einstieg in den Markt für Web Access Management und Identity Federation erfolgreich bewältigt. Mit der Version 8.1 von Siemens DirX Access wird eine technisch ausgereifte Lösung mit einem flexiblen, modularen Architekturkonzept angeboten. Siemens DirX Access 8.1 deckt alle Standardanforderungen an Lösungen in diesem Segment ab und geht insbesondere in der Federation-Unterstützung, bei der Sicherheit für Web Services und bei den Möglichkeiten der Anwendungsintegration...

Product Report

Product Report: Engiweb IDEAS

Engiweb is one of the European vendors in the IAM and GRC space, based in Italy. The company is owned by Engineering Ingegneria Informatica, the largest system integrator in Italy with operations as well in some other countries. Engiweb is a one-product company, entirely focusing on their platform IDEAS which is focused around role management, authorization management, and other features. The product is, in the Kuppinger Cole notion, best positioned as part of the market segment of Identity/Access-oriented GRC platforms. Engiweb is, from our perspective, one of the European vendors of...

Vendor Report

Vendor Report: IBM’s IAM and GRC offerings

IBM is amongst the vendors which have entered the IAM market early. Right now, IBM can deliver in most areas of the IAM market, with only few missing elements in their overall portfolio. In the GRC market, the current focus of IBM is more towards SIEM-related GRC issues and log analysis, whilst IBM offers no specific platform for IAM-GRC. Anyhow, we expect IBM to be able to provide solutions through partnerships if required. Besides this, the approach chosen by IBM positions the company pretty well for the emerging trend towards GRC platforms which support any aspect of GRC require-ments...

Blog

There are many facets of Privileged Account Management

The PAM/PIM/PUM (Privileged Account/Identity/User Management; I prefer PAM) market is one of the boom markets in IT. I've blogged about that recently (here and here). And I've talked with many vendors in that market segment about what they are currently delivering and about what they have in mind for the future. These briefings and the ongoing analysis on PAM proves my thesis that it is still a relatively immature market (not saying that all the products are immature - there are some really good tools out there...). The PAM market currently is in the typical situation of all emerging...

Blog

Cloud Computing – just a hype or change of paradigm?

In a webinar on Thursday I’ll talk about the hype and reality of Cloud Computing. It is interesting to observe that Cloud Computing made it beyond the IT magazines and into the business/economic publications. But the promises you find there (at least in German publications) are probably somewhat overhyped. From my perspective, there are some things to note: Cloud Computing is, in many areas, built on existing approaches – anyhow, there are many new aspects in it Cloud Computing will change the IT landscape of organizations fundamentally Cloud Computing will provide new business...

Blog

The Cloud

One of the key IT topics is the “cloud”. This term which is somewhat “cloudy” is definitely relevant. But, like most new trends, it isn’t really new. Many services within the cloud are here for many years. Look at salesforce.com, to name just one example. Or have a look at web hosting. Some things have been called “outsourcing” before. For sure the approach of the cloud goes well beyond classical outsourcing. But there are many lessons which can be learned for example from outsourcing: Clearly defined SLAs, defining the location where services are provided from to comply with...

Blog

Innovations in the world of LDAP

I've recently been to Sun's directory labs in the the beautiful city of Grenoble, France to talk about what Sun has in store with their two directory servers: DSEE and OpenDS. I've used many predecessors of DSEE (starting with the good old Netscape Directory Server) on several projects over the last decade and used to know it inside out. I've grown quite fond of it, and so has everybody else I know who has used the product. I wasn't exactly sure why Sun embarked on its OpenDS project. Why reinvent from scratch what is already a perfectly great product? This question was on my mind, and I...

Webcast

Wer war Root? Was Sie über Privileged Account Management (PAM) wissen sollten

Kuppinger Cole Webinar recording

Webinar

Mar 26, 2009: Cloud Computing – Opportunities & Risk

Besides having been around as a buzzword for quite some time now, current economic challenges seem to strongly increase interest in leveraging cloud computing for the enterprise, finding new competitive advantages, and of course reducing investments into internal infrastructures. In this webinar, Martin Kuppinger will discuss with you Kuppinger Cole´s "Roadmap to the Cloud" - a guideline on how to prepare for cloudsourcing initiatives.

Congress

May 04 - 07, 2010: CLOUD 2010

Kuppinger Cole are proud to announce the Cloud Computing Flagship Event for Europe: CLOUD 2010. Making Cloud Computing work for your enterprise, how to prepare for it and what the risks involved with a cloud strategy are - Join us in Munich for an exciting event beyond the hype.

Congress

May 04 - 07, 2010: European Identity Conference 2010

With its world class list of speakers, a unique mix of best practices presentations, panel discussions, thought leadership statements and analyst views, EIC has become an absolute must-attend event for enterprise IT leaders from all over Europe.

Blog

Deep dive into unknown depth (of PKI and HyperV technology)

Recently, we announced that a report on strong authentication with tokens would be released. The response to that was tremendous - from either side of the market. Some (customer) companies pre-registered to get it, some vendors called back to make sure their products were included, and guess what: NOT all of them were included. This led to two things: me going back to square one and getting briefings with all "new" vendors" and rewriting some portion of the report as well as me tinking: "if I do not know these vendors try to get into the market - how should the market (aka customers)...

Blog

Dynamic authorization management

Authorization management is becoming increasingly popular. But there are, in fact, two very different approaches: Static authorization management, where changes are provisioned to the target systems. Dynamic authorization management, where authorization decisions are externalized to authorization engines at runtime. The latter require changes to the applications, but they lead to the externalization of authentication and authorization (and hopefully as well auditing) from applications. Everything can be easily managed from outside of the applications. Whilst static authorization...

Press Release

Terminblocker: European Identity Conference 2009

Vom 5. bis 8. Mai 2009 findet in München die European Identity Conference (EIC) 2009 statt. Im Rahmen der Jahresveranstaltung von Kuppinger Cole, die in diesem Jahr zum dritten Mal durchgeführt wird, treffen sich Analysten und Vordenker der Branche mit IT-Experten und -Entscheidern, um die neuesten Trends kennenzulernen und den Markt rund um Identity Management, Governance, Risk Management und Compliance (GRC) und Cloud Computing zu diskutieren und zu formen. Mit einer Liste hochkarätiger Sprecher und einem einzigartigen Mix aus Best Practice Präsentationen,...

Press Release

Save the date: European Identity Conference 2009

The European Identity Conference 2009 (EIC) will take place from May 5-8, 2009, in Munich. Now in its third year, Kuppinger Cole´s flagship event is the place to meet with thought leaders, experts and decision makers to learn about, discuss and shape the market in most significant technology topics such as Identity Management, Governance, Risk Management and Compliance (GRC) and Cloud Computing. With its world class list of speakers, a unique mix of best practice presentations, panel discussions, thought leadership statements and analyst views, EIC has become an absolute must-attend...

Blog

Privileged Account Management

Over the course of the last few months, PAM (Privileged Account Management), also called PIM (Privileged Identity Management) or PUM (Privileged User Management) became increasingly popular. The main driving force behind this increase in popularity are the auditors, which more frequently look at the state of privileged accounts and, in many cases, detect and criticize shortcomings in that area. Privileged accounts include administrative accounts (UNIX/Linux root accounts, Windows administrators), system accounts, service accounts, and technical users. It is important not to limit the scope...

Webcast

Fraud Prevention and Multi-factor Authentication

Kuppinger Cole Webinar recording

Webcast

Getting Attestation Right - Improving Audit Performance, Lowering Costs

Kuppinger Cole Webinar recording

Blog

The cloud becomes popular

At this year's CeBIT trade show in Hannover, Germany, cloud computing is the hot topic. That is no surprise to me, given that cloud computing is the trend within IT. Cloud computing is still fundamentally changing IT. In fact, cloud computing isn't really new. Services in the internet are out there for many years. You just have to look at vendors like salesforce.com and others which have their roots in the pre-year-2000 internet bubble. What really changes are three other aspects: There is a more consistent view on cloud computing - and vendors are filling the gaps in the cloud...

Vendor Report

Vendor Report: Oracle

Oracle has, largely through making acquisitions, transformed itself over the past few years into one of the leading suppliers in the IAM (Identity and Access Management) and GRC (Governance, Risk Management, Compliance) areas. Within these IT market segments, the Company is now in a position to deliver solutions covering the majority of requirements and it maintains one of the broadest service portfolios of all suppliers, even if there continue to be sporadic gaps. This situation does however create challenges in relation to the integration requirement. Many of the acquired products...

Blog

The need for a holistic approach to IAM, GRC, DLP, PAM, and IRM

IT is very well-known for first its ability to create three-letter acronyms and second the mix-up of different marketing terms, leading to overlapping and sometimes pretty unclear market segments. Besides, many vendors try to convince people that their (and only their) solution is sort of the holy grail for all problems. This situation becomes very obvious when you look at technologies like IAM, GRC, DLP, PAM, and IRM. These are tightly linked together – and none of these approaches solves all your problems. Thus, it requires an integrated strategy and approach to really address your...

Blog

Novell acquires again

Novell recently announced two “acquisitions”. In fact these aren’t really acquisitions in the sense of Novell buying entire companies but the result is pretty the same. Novell, in one case, signed a perpetual source code license for Enterprise Single Sign-On with ActivIdentity. Novell’s solution SecureLogin is based on the ActivIdentity product. With the new deal, Novell not only OEMs a product but owns the source code and is able to forge the development. Thus, Novell can move faster and in exactly the direction which is relevant to Novell, for example with tighter integration into...

Blog

Getting Attestation Right

In a webinar this Thursay (March 5th) I'll talk about my thoughts about attestation, with focus on approaches that as well provide quick wins as are valid from a long-term perspective. What I currently observe is that attestation is sold as sort of panacea for all GRC issues. What is true is that attestation is important. But some approaches might only provide a positive feeling without much real impact. I frequently miss the support of multi-layered attestation which really covers all levels of IT security. I also frequently wonder about what happens after attestation. It is fine to do...

Webcast

Risk Management Trends

Kuppinger Cole Webinar recording

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]