News Archive

Webinar

Oct 13, 2009: The Role of Entitlement Management in Governance, Risk and Compliance Management

Modern IT infrastructures empower their users and thereby introduce new risks. The effectiveness and efficiency of control frameworks and GRC programs are therefore becoming an increasingly important focus area for IT and business managers alike. Yet, GRC initiatives tend to be reactive, striving to optimize monitoring, surveillance and auditing capabilities and the GRC overhead keeps growing. Instead we need risk-intelligence built into our IT-infrastructures. This is what Entitlement Management helps achieve. Entitlement Management provides real-time enforcement of policy-based access...

Webinar

Sep 29, 2009: Beyond Role Based Access Control - the ABAC Approach

In this webinar we discuss the original ideas behind RBAC and why large RBAC projects often lead to role explosion problems and therefore fail in their initial ambitions. We also introduce the concept of Attribute Based Access Control (ABAC) which overcomes some of the well-known problems with RBAC and enables a fine-grained and contextual (adaptive) access control. ABAC meets the requirements of modern IT-infrastructures where dynamically changing needs must be captured and dealt with in real-time. This Webinar is supported by Axiomatics.

Webinar

Oct 23, 2009: Ein Passwort für alles - Enterprise Single Sign-on

Es gibt kaum einen Anwender, der nicht schon einmal sein Passwort vergessen hat und das Helpdesk mit einem Passwort Reset beschäftigen musste. Die Arbeit des Helpdesk nimmt exponentiell zu, wenn die Anwender sich mehrere unterschiedliche Passwörter für unterschiedliche Anwendungen merken müssen, die auch noch mit unterschiedlichen Intervallen geändert werden müssen. Projekte, die sich der Vereinfachung der Authentifizierungsprozesse annehmen, sind deshalb im Unternehmen sehr sichtbar, und ein RoI lässt sich in aller Regel bereits durch die verringerten Helpdesk-Lasten schlüssig nachweisen....

Webinar

Oct 09, 2009: Sicherheit mit automatisiertem Provisioning

Nicht nur in grossen Unternehmen ist die Benutzerverwaltung durch ständige Änderungen und Ergänzungen eine ressourcenzehrende Herausforderung. Auch wenn die Prozesse für die Provisionierung von Benutzerkonten in den unterschiedlichen Anwendungen sauber definiert sind - manuelles Arbeiten birgt enorme Sicherheitsrisiken beispielsweise in Form verwaister Benutzerkonten. In diesem Webinar sprechen wir über die Möglichkeiten, diese Sicherheitsrisiken durch automatisiertes Provisioning zu minimieren.

Webinar

Sep 17, 2009: Minimizing Business Risks through Enterprise Single Sign-on

Receiving approval for project budgets has been difficult in these days, especially if there isn´t a very visible and almost immediate return on investment. Simplifying the way how users login to the applications they need for their daily business is an area, where plenty of low hanging fruits provide such immediate RoI i.e. through the reduction of password reset helpdesk calls. In this webinar, Joe Skocich from IBM and Martin Kuppinger talk about commonly overlooked considerations when evaluating SSO solutions, and how to short term tactical RoI considerations with long term business risk...

Webcast

Vereinfachung der Berechtigungsanalyse und -Verwaltung

Kuppinger Cole Webinar recording

Blog

Quick Wins in Identity Management

In times of economic downturn, the pressure is on to save costs and increase efficiency. Everybody working in the IT sector will be familiar with projects being put on hold, spending frozen, colleagues being laid off. Unsurprisingly, most of those left working in IT departments see their workload and working hours increased, as they are being asked to deliver more with less resources. These are the typical signs of a dire economy, that may or may not be starting to turn around slowly: but those particular problems are not going away any time soon. With the current squeeze on cost and...

Blog

Novell takes off into the Cloud

Novell has very recently announced a new product entitled "Cloud Security Services" - a comprehensive set of software that allows cloud providers to connect customers to their infrastructure in a safe and efficient way. This product is the first one that is not marketed to enterprises - instead it is sold to cloud service providers, who will license it for their customers. Cloud computing is generating much interest. A recent statistic by Google has shown that hits for the phrase "cloud computing" are growing steadily. Why? In search for productivity and efficiency, enterprises...

Advisory Note

Overview Report: SAP Security – Getting the Whole Picture

SAP Security is a wide field. Most SAP Technology Experts think that SAP Security is all about authorizations, user management, roles, profiles and all that highly complicated stuff. But it is like with protecting a house: if you only look at who has which keys for the doors, but forget to close the windows, then your security might be pretty weak. Therefore, it is important to get "the whole picture" about SAP security. Consequently, in this report we highlight all the relevant technical and organizational activities that you should think about when you care about the security...

Vendor Report

Cloud Vendor Report: Citrix

Citrix Systems (Citrix) is an established IT vendor which started with Terminal Server products in Windows environments, allowing users to access sessions which are running on a Windows Server remotely. Based on the success of these market-leading technology, Citrix has consequently expanded its portfolio over the course of the years to address as well more complex virtualization and “application delivery” issues as well as to enter the emerging Cloud Computing market. In the latter market, Citrix acts as a virtualization and management infrastructure vendor as well as an...

Product Report

Product Report: Siemens DirX Identity 8.1

Siemens hat sich mit der seit 2007 verfügbaren Version 8.0 von DirX Identity als einer der technisch führenden Anbieter im Bereich des Enterprise Provisioning etablieren können. Mit der seit August 2009 erhältlichen Version 8.1 hat Siemens die Funktionalität wiederum erheblich erweitert. Das Pro-dukt zählt zu den technisch marktführenden Lösungen. Zudem hat Siemens für den Bereich seiner Sicherheitslösungen inzwischen wieder eine klare und sinnvolle organisatorische Struktur geschaffen, nachdem es im Rahmen der Umstrukturierung des...

Blog

Social OX - changing the way we work with social networks

Open-Xchange, a provider of open source messaging and groupware, has announced its concept of Social OX, OX standing for Open Xchange and the concept of a "personal information hub". The idea is to provide an approach where someone can maintain its "contacts" centrally and exchange that information with social networks like LinkedIn, Plaxo, Xing, FaceBook, MySpace, and others. The idea is to consolidate, manage, and re-use personal and social network data. The concept supports publishing data to others and consuming shared data. In effect, that information will become exchangeable, in...

Webcast

Zugriffsmanagement richtig gemacht

Kuppinger Cole Webinar recording

Seminar

Sep 22, 2009: Governance, Risk und Compliance – mehr als nur Regeln

Zuverlässigkeit ist das wichtigste Merkmal einer guten Identitäts- und Sicherheitsmanagementlösung. Mit der schriftlichen Niederlegung der Management- und Sicherheitsverfahren allein ist es aber nicht getan – Sie müssen die Gewissheit haben, dass Sie mit der gewählten Lösung auch alle Richtlinien und Vorschriften erfüllen, umsetzen und kontrollieren können. Das Ziel heißt „Making IT Work As One!“

Blog

Is PAM (or PIM or PUM) moving into Provisioning?

These days I have been talking with Siemens on enhancements for their DirX Identity product, a provisioning tool (and, by the way, a pretty good one). Amongst the new features is some support for Privileged Account Management (PAM). That’s interesting. I’ve blogged some time ago about the possibility of provisioning vendors starting to acquire PAM vendors and adding these capabilities to their provisioning products. Siemens didn’t acquire but implemented some own technology. They mainly focus on providing one-time passwords for the use of privileged accounts and re-setting these...

Webinar

Sep 18, 2009: Sicherheitsrichtlinien zuverlässig durchsetzen

Auf dem Papier ist es in der Regel gar nicht so schwierig, durch entsprechende Richtlinien einen zufriedenstellenden Grad an Sicherheit zu erreichen. Jedoch zehren in der Praxis fehlende Ressourcen, enge Budgets und nicht zuletzt die immer komplexer werdende Infrastruktur an einer effizienten Um- und Durchsetzung dieser Richtlinien. In diesem Webinar beschreiben wir Ihnen in Zusammenarbeit mit Novell, welche Ansätze für eine automatisierte Überwachung der Sicherheit von IT-Systemen am Markt existieren und worauf Sie bei der Einführung achten müssen.

Blog

Identity – Last Man Standing?

Somehow the Hofbraeukeller in Munich, one of my favorite city’s nicest beer garden restaurants, seems to lend itself particularly well to long, meandering discussions of identity management. It’s the place the U.S. participants at the European Identity Conference regularly gather for their pre-conference pigs’ feet feast, and since it’s conveniently located around the corner from where I live, I often use it as a meeting place for visitors from all over the world. I mean, if you’re in Bavaria, by all means go to a Bavarian place for lunch instead of one of the ubiquitous sushi stalls. I...

Blog

Is PAM (or PIM or PUM) moving into Provisioning?

These days I have been talking with Siemens on enhancements for their DirX Identity product, a provisioning tool (and, by the way, a pretty good one). Amongst the new features is some support for Privileged Account Management (PAM). That's interesting. I've blogged some time ago about the possibility of provisioning vendors starting to acquire PAM vendors and adding these capabilities to their provisioning products. Siemens didn't acquire but implemented some own technology. They mainly focus on providing one-time passwords for the use of privileged accounts and re-setting these passwords...

Press Release

Analystengruppe Kuppinger Cole nimmt sich dem Cloud-Chaos an

Die Analystengruppe Kuppinger Cole hat einen aktualisierten Market Report zum Thema Cloud Computing veröffentlicht.
Cloud Computing ist die nächste grundlegende Evolutionsstufe der IT und weit mehr als ein Hype. Cloud Computing führt zu einer flexiblen, skalierbaren IT, bei der Services sowohl intern bereitgestellt als auch extern bezogen werden können, ganz nach Bedarf und Rahmenbedingungen.

Blog

Licensing for the cloud - the Skype case

These days, there were several articles in different media stating that eBay might discard its Skype service. The reason is that they haven't acquired the underlying P2P core technology. This is still owned by Joltid. And Joltid plans to terminate that license agreement. One doesn't need to be a prophet to guess that the real reason behind that situation is about money... However, eBay definitely is in a difficult situation. They might find a deal with Joltid. They might discard the Skype service with its 16 million users - which probably won't be that lucky about. They might develop an...

Blog

Microsoft: minimum disclosure about minimum disclosure

A good year ago, Microsoft acquired an innovative company called U-Prove. That company, founded by visionary Stephan Brandt, had come up with a privacy-enabling technology that effectively allows users to safely transmit the minimum required information about themselves when required to - and for those receiving the information, a proof that the information is valid. For example: if a country issued a digital identification card, and a service provider would need to check whether the holder over 18 years of age, the technology would allow to do just that - instead of having to transmit a...

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]