News Archive

Blog

Choosing the Right Cloud

Adopting Cloud computing can save money, but it is important to choose the right Cloud solution for your business need. KuppingerCole have produced a Scenario Report – Understanding Cloud Computing to help you make the right choice. The Cloud provides an alternative way of procuring IT services that offers many benefits including increased flexibility as well as reduced cost.  It extends the spectrum of IT service delivery models beyond managed and hosted services to a form that is packaged and commoditized. The Cloud is not one thing; it covers a wide spectrum of types of service and...

Training

Jul 10, 2012: Enterprise Role Management Done Right: How to Successfully Implement Role Management – if you need it

Enterprise Role Management still is a key topic when it comes to efficiently manage large groups of users. The art of clearly defining projects for role discovery and implementation, architecture model development and lifecycle maintenance with regards to scope and resources is your most important takeaway from this training.

Blog

Back to the (digital) future

My colleague Martin Kuppinger recently published “Intention and Attention – how Life Management Platforms can improve Marketing”, which discussed the role of Life Management Platforms (see Advisory Note: Life Management Platforms: Control and Privacy for Personal Data) within the “Intention Economy” (the subject of Doc Searls new book). In chatting with Martin about this we also brought up our other colleague, Craig Burton’s ideas on the Open API Economy. This all reminded me of a presentation I’d done back in the fall of 2000 for a barnstorming tour on behalf of Business Layers, the...

Blog

Smart Data: The better Big Data – using the Open API Economy concepts to better deal with your data

IT vendors these days are making a lot of noise about “Big Data”. That comes as no surprise, since Big Data allows selling masses of expensive hardware, software, and services. But does it really make that much sense for the customer? The sales pitch for Big Data is that companies can better do business based on that approach. They can do better marketing based on analyzing more data about their customers. They might provide better security services on analyzing more data. They might need it to deal with machine-generated data in the connected vehicle. However: better marketing is not...

Blog

Is API Growth in a Stall?

Intro Last year when we published the API Economy document, we showed the growth rate of APIs over time. Examining the numbers from the same source — the ProgrammableWeb — in 2012 it appears as if the hockey stick growth of over 100% each year is starting to slow down. What is really happening? The numbers Figure 1 shows the original numbers we published in the Open API Economy report. It shows a compound annual growth rate of roughly 100% each year starting in 2005. The source of the numbers is the ProgrammableWeb. Figure 1: 100% Annual Growth Rate. Source: The ProgrammableWeb Figure 2...

Blog

The Future of IT Organizations – why IT needs a marketing department

Some weeks ago we published a report called “The Future of IT Organizations“. This report talks about how to restructure IT Organizations, following the basic structure we propose for IT in the KuppingerCole IT Paradigm. That paradigm is first described in the KuppingerCole Scenario “Understanding IT Service and Security Management”. From our perspective, IT organizations have to change fundamentally in order to redefine the way we do IT to better deal with challenges like Cloud Computing. When looking at the future of IT, there is one area which I find particularly interesting. Some of...

Webcast

EIC 2012 Session: Database Firewalls - Advancing Security for Enterprise Data

Martin Kuppinger, KuppingerCole
Dr. Steve Moyle, Oracle
Sebastian Rohr, KuppingerCole

April 19, 2012 16:30

Webcast

EIC 2012 Session: Exchanging Metadata through Different Federations on a Global Scale

Nicole Harris, Head of Identity Management, JISC Advance

April 19, 2012 15:40

Webcast

EIC 2012 Session: Federation or Synchronization – the Future of the Cloud

Andrew Nash, Google
Darran Rolls, SailPoint
Travis Spencer, Ping Identity

April 19, 2012 15:20

Webcast

EIC 2012 Session: What Federation is About – in Theory and in Practice

Dave Kearns, KuppingerCole

April 19, 2012 15:00

Webcast

EIC 2012 Session: Security for Virtualized Environments, Privileged Users and PCI Compliance

Guy Balzam, CA Technologies
Stephan Bohnengel, VMware
Giovanni Ciminari, Telecom Italia

April 19, 2012 14:30

Webcast

EIC 2012 Session: From Virtualization to the Cloud and Beyond

Craig Burton, KuppingerCole
Martin Kuppinger, KuppingerCole

April 19, 2012 14:00

Blog

Intention and Attention – how Life Management Platforms can improve Marketing

Life Management Platforms will be among the biggest things in IT within the next ten years. They are different from “Personal Data Stores” in the sense of adding what we call “apps” to the data stores and being able to work with different personal data stores. So they allow to securely working with personal data by using such apps which consume but not unveil that data – in contrast to a data store which just could provide or allow access to personal data. They thus are more active and will allow every one of us to deal with his personal data while enforcing privacy and security. Regarding...

Blog

IIW and VRM Report

At the first of the month I attended IIW 14 in Mountain View. I also attended the VRM workshop on the 30th. The VRM workshop was hosted by Ericsson. The IIW was held at the Computer History Museum. Before I summarize what happened at those events, I want to give a little background on IIW. IIW IIW uses a format referred to as an “unconference.” The main purpose of an unconference is to avoid the traditional design of a conference. A way I have heard it described is the format developed by Harrison Owen. Legend has it that Owen noticed that during a conference, most of the real activity and...

Webcast

EIC 2012 Session: The Kuppingercole IT Model and the API Economy

Craig Burton, KuppingerCole
Kim Cameron, Microsoft
Martin Kuppinger, KuppingerCole
Fulup Ar Foll, KuppingerCole
Dr. Steven Willmott, 3Scale

April 19, 2012 11:30

Webcast

EIC 2012 Session: VRM and the Intention Economy - Now What?

Craig Burton, KuppingerCole
Scott David, K&L Gates LLP
Marcel van Galen, Qiy
Drummond Reed, Connect.Me
Doc Searls, Berkman Center for Internet and Society
Phil Windley, Kynetx

April 19, 2012 10:30

Webcast

EIC 2012 Session: IT Strategies and Information Security in Banks - The Regulator´s View

Dr. Markus Held, Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin)
April 18, 2012 11:30

Blog

Entitlement Management – has it really been an academic exercise?

Recently I read a blog post from my appreciated and well known analyst colleague Kevin Kampman at Gartner Group talking about entitlement management. That post had some points which made me wonder. I’ll pick some of the quotes: “One of access control’s biggest challenges is that it has often been an academic exercise. Maybe we can move the discussion forward by thinking about what is needed, not just what is possible.”  “For any object, a set of conditions should be met to provide access such as time, attribute, role, etc. it seems we need a more flexible way to characterize all of the...

Webcast

EIC 2012 Session: Access Governance Case Study - Friends Life Realizes Quick Time To Value

Julia Bernal, Group Business Security & Data Protection Manager, Friends Life
April 18, 2012 17:30

Webcast

EIC 2012 Session: Identity & Access Management as a Key Element for a Value focused Security Strategy

Ralf Knöringer, Atos IT Solutions and Services GmbH
Hassan Maad, Evidian
Shirief Nosseir, CA Technologies
Christian Patrascu, Oracle
Peter Weierich, iC Consult GmbH

April 18, 2012 17:00

Webcast

EIC 2012 Session: How to successfully get business to participate in IAM and Access Governance

Dr. Martin Kuhlmann, Omada
Edwin van der Wal, Everett

April 18, 2012 15:30

Webcast

EIC 2012 Session: Delivering Actionable Recommendations to Senior Management based on a Structured Risk Identification and Evaluation Process

Dr. Waldemar Grudzien, Association of German Banks
Berthold Kerl, Deutsche Bank AG
Prof. Dr. Sachar Paulus, KuppingerCole

April 18, 2012 15:00

Webcast

EIC 2012 Session: Munich Re’s Identity & Access Management - Experience Report and Best Practices

Wolfgang Zwerch, MunichRe
April 18, 2012 14:30

Webcast

EIC 2012 Session: IAM Governance in the New Commerzbank

Dirk Venzke, Director, Commerzbank AG
April 18, 2012 14:00

Webcast

EIC 2012 Session: How to Address Regulatory Needs Fast and Lean

Dr. Waldemar Grudzien, Association of German Banks
Dirk Venzke, Commerzbank AG
Dr. Horst Walther, Kuppinger Cole
Wolfgang Zwerch, MunichRe

April 18, 2012 12:00

Webcast

EIC 2012 Session: Facing the Online Threats against Retail and Banking Customers - What are the Future Perspectives?

Prof. Dr. Sachar Paulus, Senior Analyst, KuppingerCole
April 18, 2012 11:00

Webcast

EIC 2012 Session: Cyber Crime, Cloud, Social Media... - IS Threats for Banks are Constantly Increasing. What Should We Be Doing?

Berthold Kerl, Deutsche Bank AG
April 18, 2012 10:30

Blog

Preventing, or surviving, data leaks

Just last week it was reported in The Guardian that “Computer hackers have managed to breach some of the top secret systems within the [UK] Ministry of Defence.” If the department charged with protecting the country can’t protect its own secrets then what chance does your organization have? This is just the latest (at the time I’m writing this) in a seemingly ever escalating number of security breaches, data thefts and data losses. So much so, in fact, that Data Loss Prevention (DLP – also called Data Leak Prevention) is the fastest growing segment of the Security, Identity and Access...

Press Release

Analystenhaus KuppingerCole liefert Unterstützung für die Migration von „Legacy Identity Provisioning“

Düsseldorf, 09. Mai 2012  - Mit dem Report Migration Options and Guidelines for Oracle Waveset ergänzt das Analystenunternehmen KuppingerCole den bereits vor einigen Tagen veröffentlichten Report Migration Options for your Legacy Provisioning . Der Report Migration Options for your Legacy Provisioning liefert im Überblick die wichtigsten Handlungsempfehlungen für Unternehmen, die sich vor der Herausforderung sehen, ihre bestehenden Identity Provisioning-Lösungen zu ersetzen.

Advisory Note

Advisory Note: Dealing with privacy risks in mobile environments - 70224

The ongoing trend of IT consumerization and deperimeterization has a profound effect on modern society. Mobile devices are becoming increasingly sophisticated and their numbers are growing exponentially. Social networking has made sharing information all too easy and controlling its spread nearly impossible. Growing adoption of cloud-based services, while having obvious advantages, means that more and more sensitive information is now stored and managed by third parties, and users are no longer in direct control over it. Combined with the inconsistency and largely reactive nature of...

Blog

Dynamic Authorization Management Best Practices

Due to a last minute speaker change I had to prepare a short presentation on „Dynamic Authorization Management – Best Practices from our Advisory“ for EIC 2012. When we found a replacement for the speaker, I didn’t give that presentation. However I will do a webinar on that soon and I want to provide some of the content here, as sort of an appetizer. Dynamic Authorization Management is about dynamically deciding to approve or not authorization requests provided by services (like applications) based on policies and attributes (roles, application used, context, whatever,…). It includes...

Advisory Note

Business Report: Key Risk/Performance Indicators IAM and GRC - 70204

The concept of Key Performance Indicators is well established at the corporate level, using scorecards as a tool for providing a quick overview on the progress of organizations towards their goals. Key Risk Indicators add risk metrics to that view, relating the progress of indicators to changes in risks. The report provides selected Key Risk Indicators (KRI) for the area of IAM and GRC. These indicators are easy to measure and provide a quick overview of the risk status and its changes for organizations. The indicators can be combined into a risk scorecard which then can be continuously...

Blog

Bring Your Own Identity? Yes. And No.

Recently I read a blog post  by Nick Crown, Director of Product Marketing at UnboundID. He talked about “Bring Your Own Identity” which he thinks is more groundbreaking and disruptive than BYOD (Bring Your Own Device). I would say yes, there is a value in BYOI, but: -          this is definitely not as groundbreaking and disruptive as BYOD -          this is only a small piece in a much larger puzzle and it definitely will not end with a two-tiered identity infrastructure as proposed in Nick Crown’s blog post -          there’s definitely no need to introduce yet another marketing...

Advisory Note

Advisory Note: Migration Options and Guidelines for Oracle Waveset - 70610

This document extends the Advisory Note #70,607 “Migration Options for your Legacy Provisioning” and focuses on Oracle's Waveset Identity Provisioning system which is also historically known as Sun Identity Management/Manager or, in short, SIM, which before the acquisition of Waveset by Sun was named Waveset Lighthouse. The product will usually be called Waveset IDM (Identity Management) throughout this report, using Sun Identity Management or Waveset Lighthouse only when it is relevant to differentiate between historical releases. Identity provisioning systems are systems...

Blog

The digital divide in Identity Management

My dear friend Mia Harbitz of the Interamerican Development Bank (www.iadb.org) has recently linked me to of what I felt to be one of the most important papers on “Identity Management” since I work in this field. The paper does not analyze the pros and cons of doing bottom-up or top-down role design, nor does it dive into the depths of Access Governance and streamlining reconciliation efforts in your organization. It investigates what any of you claim (and probably experienced yourself) to be a birth-right: your own personal identity! We all know the fuzz around Google+ and the headache it...

Webcast

EIC 2012 Keynote: Interview - What are the Privacy and Information Security Challenges 2012 and Beyond?

Roy Adar, Vice President of Product Management, Cyber-Ark
Dr. Nigel Cameron, CEO, Center for Policy on Emerging Technologies
Martin Kuppinger, KuppingerCole
Shirief Nosseir, Marketing Manager, CA Technologies
Jim Taylor, VP Identity and Security Management, NetIQ
April 17, 2012 15:40

Webcast

EIC 2012 Keynote: Conflicting Visions of Cloud Identity

Kim Cameron, Creator of the Laws of Identity and Microsoft Identity Architect, Microsoft
April 17, 2012 15:20

Webcast

EIC 2012 Keynote: eID new challenges with Digital Agenda and Cloud Computing

Prof. Dr. Reinhard Posch, CIO for the Austrian Federal Government, Republic of Austria
April 17, 2012 15:00

Webcast

EIC 2012 Keynote: "Che cosa sono le nuvole?” (What are the clouds?)

Dr. Emilio Mordini, CEO, Centre for Science, Society and Citizenship CSSC
April 17, 2012 14:40

Webcast

EIC 2012 Opening Keynote

Dr. Nigel Cameron, CEO, Center for Policy on Emerging Technologies
Martin Kuppinger, KuppingerCole
April 17, 14:00

Webcast

EIC 2012 Closing Keynote

Dave Kearns, Senior Analyst, KuppingerCole
Prof. Dr. Sachar Paulus, Senior Analyst, KuppingerCole
April 19, 2012 17:30

Webcast

EIC 2012 Keynote: Trust and Complexity in Digital Space

Dr. Jacques Bus, Secretary General, Digital Enlightenment Forum
April 19, 2012 9:30

Webcast

EIC 2012 Keynote: The Future of Attribute-based Credentials and Partial Identities for a more Privacy Friendly Internet

Prof. Dr. Kai Rannenberg, T-Mobile Chair of Mobile Business & Multilateral Security, Goethe University in Frankfurt
April 19, 2012 9:00

Webcast

EIC 2012 Keynote: How Identity Management and Access Governance as a Service make your Cloud Work and your Business more Agile

Ralf Knöringer, Manager Business Unit IAM, Atos IT Solutions and Services GmbH
April 19, 2012 8:30

Webcast

EIC 2012 Keynote: How to build a Secure and Open Cloud

Stephan Bohnengel, Sr. Specialist Systems Engineer Security, VMware
April 18, 2012 18:40

Webcast

EIC 2012 Keynote: Top Challenges and Threats Security Managers Should Watch Out For

Prof. Dr. Eberhard von Faber, Security Strategy and Executive Consulting, T-Systems
April 18, 2012 18:20

Webcast

EIC 2012 Keynote: How Mobility Clouds the Future and SOA / Web 2.0 gives way to the Cloud API

André Durand, Founder & CEO, Ping Identity
April 18, 2012 18:00

Webcast

EIC 2012 Keynote: Information Security Governance in Banks: Delivering Actionable Recommendation to Management

Berthold Kerl, Managing Director, Head of Information & Technology Risk Governance, Deutsche Bank AG
April 18, 2012 9:30

Webcast

EIC 2012 Keynote: Securing Critical Banking Infrastructures in the Age of Cyber Warfare

Dr. Waldemar Grudzien, Director, Department Retail Banking and Banking Technology, Association of German Banks
April 18, 2012 9:00

Webcast

EIC 2012 Keynote: Leveraging Identity to Manage Enterprise Change and Complexity

Jim Taylor, VP Identity and Security Management, NetIQ
April 18, 2012 8:30

Webcast

EIC 2012 Keynote: Identity Management & Cloud Security - There’s a Workflow for That

Patrick Parker, Founder and CEO, The Dot Net Factory
April 17, 2012 19:10

Webcast

EIC 2012 Keynote: Scaling Identity, Access, and Audit Controls to Internet Proportions

Mike Neuenschwander, Sr. Director, Oracle
April 17, 2012 18:50

Webcast

EIC 2012 Keynote: Free Customers: The New Platform

Doc Searls, Berkman Fellow, Berkman Center for Internet and Society at Harvard University
April 17, 2012 18:30

Webcast

EIC 2012 Keynote: What About Bring your own Device?

Dr. Barbara Mandl, Senior Manager, Daimler AG
April 17, 2012 18:10

Webcast

EIC 2012 Keynote: How do Today’s Technology Challenges make Real IAM Possible?

Jonathan Sander, Director of IAM Business Development, Quest Software
April 17, 2012 17:50

Webcast

EIC 2012 Keynote: What Standards Have Done and Will Do for Cloud Identity

Dr. Laurent Liscia, Executive Director, OASIS
April 17, 2012 17:30

Webcast

EIC 2012 Keynote: Externalized Authorization - What is it Good for?

Peter Weierich, Senior Strategy Consultant, iC Consult GmbH
April 17, 2012 17:10

Webcast

EIC 2012 Keynote: Cloud, Consumerization & Identity: Time to Transform the Security Model

Shirief Nosseir, Marketing Manager, CA Technologies
April 17, 2012 16:50

Webcast

EIC 2012 Keynote: Ripped from the Headlines – The ‘Privileged’ Connection – Solved!

Roy Adar, Vice President of Product Management, Cyber-Ark
April 17, 2012 16:30

Blog

CLOUD COMPUTING DEADLY SINS

Adopting Cloud computing can save money, you need to avoid the seven deadly sins. The Cloud provides an increasingly popular way of procuring IT services that offers many benefits including increased flexibility as well as reduced cost. It extends the spectrum of IT service delivery models beyond managed and hosted services to a form that is packaged and commoditized. However - many organizations are sleepwalking into the Cloud. Moving to the Cloud may outsource the provision of the IT service, but it does not outsource the customer’s responsibilities. There are issues that may be...

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]