News Archive


Stronger and simpler authentication

I've seen many approaches for strong authentication - most of them are either too expensive, too complicated, or they aren't really appealing. The latter is true for approaches like "passfaces" have to pick one or some known faces from different pictures. Many approaches are complicated to deliver. And many of the token-based approaches are complex from a logistics perspective and are expensive. However, many of these approaches and especially combinations of for example hardware tokens and soft-tokens will work for many use cases. But there are other approaches which are interesting as...


The flowering of the identity store

The Personal Data Eco-System (diagram by Iain Henderson and Drummond Reed) Another reason I really love Twitter: It takes you places you might never have found on your own. Take a recent post by xmlgrrl, a.k.a. Eve Maler of Sun Microsystems, a terse pointer to a posting by Iain Henderson of Mydex on entitled "The Personal Data Eco-System" which provides by far the best theoretical overview that I, at least, have seen on the true nature and function of personal data. The text is an abstract of a session Ian and his pal Drummond Reed of Concordance, who is also a trustee...


Saving with security

This is true in many areas. Single solutions popularly labeled and sold under the name “Data Leakage Protection/Prevention” are mostly just conscience salvers. They may deal with a certain concern, but don’t solve the overall security problem. In fact most of them leave gaping holes. Most of the issues addressed by DLP products can be resolved through group policy rules in Windows. Central management through true Endpoint Security/Protection solutions are by far the best way to handle your company’s wide range of client security issues. Another area in which poor...


Get the Big Picture - Managing Access beyond SAP for Cross-Enterprise Identity Governance

Kuppinger Cole Webinar recording


Pricing models for the cloud

Even while I don't share his understanding of the term "private cloud" (I don't believe in that term) , I like what Chuck Hollis of EMC has blogged about "Monetizing the cloud". There are so many open questions around the valid business models for as well cloud providers as consumers for cloud services. And everyone will have to learn a lot - and learning from others might help to avoid mistakes. By the way I also wouldn't limit the cloud discussion to "providing infrastructure" - it goes well beyond that and covers virtually any type of IT service. There will room to discuss thinks like...


Why is IBM TIM 5.1 just a minor release?

IBM yesterday has announced its Tivoli Identity Manager 5.1. If you read the list of new features you might end up with the same question like me: Why is it only version 5.1, e.g. a minor (.1) release instead of TIM 6? Amongst the new features are fundamental things like Role Management, SoD support, attestation and, last not least, support for some Privileged Account Management (or Privileged Identity Management, the term IBM is using). With other words: IBM has significantly expanded the feature set of its product, mainly adding a lot of IAM-GRC features to what TIM delivers. Given that...


Jul 22, 2009: Externalizing Identity into the Cloud

Externalizing Identities from applications into a service oriented layer within the enterprise IT architecture has been discussed a lot within the last years, mainly in the light of reducing application development costs and to devolve all those identity silos captured in enterprise applications. With cloud computing and *aaS picking up momentum, the externalization of identity management into such a service layer finally seems to be rewarded with enough attention to move far up on many CIO´s priority lists. Join this free webinar moderated by Dave Kearns to learn more about the different...


Parallels wants to bring SaaS to the masses

Just got back from my favorite neighborhood watering hole in Munich, the Cafe Wienerplatz, where I met with Soeren von Varchmin, who recently moved in next door after spending a few years in Seattle. Soeren is VP SaaS at Parallels, a company that describes itself as "worldwide leader in virtualization and automation software that optimizes computing for consumers, businesses and providers". His job is to bring together Internet Providers and Services Providers (ISVs) by providing a common plattform to provision, manage and integrate applications and services over the Internet. His vision...


It's not about the cloud - it's about Cloud IT

The biggest problem around cloud computing is the lack of a valid and well accepted definition. Definitions like "scalable services delivered via the internet" fail for example when thinking about "private clouds" which aren't used via the internet (but at least based on using the same standards). And, by the way, not every cloud service will have to be highly scalable - there will be more and more very specialized services where functionality is key, not a massive scalability. But the more you dive into the topic of cloud computing it becomes obvious that this cloudy thing of "cloud"...


Messbare Vorteile für Sicherheit und Kosten durch Single Sign-On mit starker Authentifizierung

Kuppinger Cole Webinar recording


Hooray, LDAPcon 2009 is coming up!

I was delighted when I saw that LDAPcon is happening again this year. I went to the first event in Cologne, Germany 2007, and was very impressed. When you have the "creme de la creme" from the LDAP community talking about their favourite topic, you're guaranteed an interesting and exhiliarating time - assuming that LDAP and directories are your thing. I still remember last time how Howard Chu gave us a musical demonstration of how a well-performing directory should perform - on the violin! I don't think anybody forgot that. We also got a very good overview of the different open source...


UnboundID launches frontal attack on Sun - good idea??

I recently received a press release from UnboundID announcing the availability of a new "synchronization server". This software keeps two LDAP servers in sync (as the name suggests) - bidirectionally. In theory very useful, and it's free too. But there's a small trick: the synchronization server supports both Sun's DSEE (Directory Server Enterprise Edition) and the new Unbound ID Directory Server. In the release, Unbound ID makes no secret of what this software should be used for: to migrate away from Sun's directory toward Unbound ID's competing solution. UnboundID is a start-up based out...


Jun 25, 2009: Get the Big Picture – Managing Access beyond SAP for Cross-Enterprise Identity Governance

In this free webinar, you’ll learn how an integrated identity governance approach can more effectively improve your risk posture with enterprise-wide policy enforcement, access certifications and role management across all relevant systems. By having a single view into user access rights, you will greatly improve your visibility into risky or non-compliant areas and automate your processes for managing these risks.


Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected


AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]