News Archive


IAM@IBM: Finally back to leadership

It has been somewhat quiet around IBM’s IAM offering for the past few years. Having been one of the first large vendors entering that market, other vendors had overhauled IBM, being more innovative and setting the pace in this still emerging market. This seems to be over now and IBM is showing up amongst the IAM leaders again. Since IBM launched its IBM Security division as part of their software business and moved the IAM product from the Tivoli division into that new division, things have changed. The IBM Security division not only is responsible for the IAM products, but a number of...

Business & Technology Breakfast

Dec 03, 2013: Moving from Prohibition to Trust in Access Control: Identity Management for Government in the On Premises and Cloud Era

Managing and governing access to systems and information, both on-premise and in the cloud, needs to be well architected to embrace and extend existing building blocks and help organizations moving forward towards a more flexible, future-proof IT infrastructure. Join KuppingerCole APAC in this Breakfast Debate to find out how to best move from old school, prohibition based security to trust in access control.


The World is your Datacentre

I’ve worked in Security for many years, specialising in Network and Data Security, largely by chance, following my interests and the market in equal measure. I started with authentication tokens and SSL acceleration devices back in the early 2000s, the latter market mutated into key and certificate management, encryption of various types hanging off these monolithic management devices. Some of the SSL accelerators turned into load balancers and proxies, even SSL VPNs. It was a technology that spawned a number of others. In 2009, I prophesised that encryption was finally going to make a...


Jan 16, 2014: Zugriffsrechtsmanagment - Risiken erfolgreich minimieren

Aussagen von Auditoren zu Risiken durch privilegierte Nutzer sind nicht wirklich nötig, um ein besonderes Augenmerk auf privilegierte Zugriffe zu werfen.


Secure Information Sharing – a lot of new momentum

During the last few months, we have seen – especially here in Europe – a massive increase in demand for methods to securely share information, beyond the Enterprise. The challenge is not new. I have blogged about this several times, for instance here and here. While there have been offerings for Information Rights Management or Enterprise Rights Management for many years - from vendors such as Microsoft, Adobe, Documentum or Oracle, plus some smaller players such as Seclore - we are seeing  a lot of action on that front these days. The most important one clearly is the general...


Moving Access Governance to the Next Level: Beyond Check-box Compliance

KuppingerCole Webinar recording


Dogged Determination

Some colleagues and I got into a short discussion about the FIDO alliance last week. That’s the Fast Identity Online Alliance, which was formed in July 2012 with the aim of addressing the lack of interoperability among strong authentication devices. They also wish to do something about the problems users face with creating and remembering multiple usernames and passwords. According to their web site, “the FIDO Alliance plans to change the nature of authentication by developing specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords...


Auditing access to sensitive information in SAP systems

In a recent SAP Insider article, SAP unveiled some interesting news around security auditing and information protection. In SAP NetWeaver Application Server (AS) ABAP 7.40 they included a new functionality called Read Access Logging (RAL). The current version supports Web Dynpro ABAP, web service, and RFC calls. Support for ABAP Dynpro is planned for a later release. SAP also has announced availability for release 7.31 near-time and is planning further “downports” to earlier versions. What does this feature provide? RAL allows you to log access to defined sensitive data in these systems,...

Advisory Note

Advisory Note: Life Management Platforms: Control and Privacy for Personal Data - 70745

Life Management Platforms (LMPs) combine personal data stores, personal cloud-based computing environments, and trust frameworks. They allow individuals managing their daily life in a secure, privacy-aware, and device-independent way. In contrast to pure personal data stores, they support concepts, which allow interacting with other parties in a meaningful way without unveiling data. This concept of ‘informed pull’ allows apps to consume information from the personal data store as well as from third parties and to use that information for decision making, without unveiling data...

Product Report

Product Report: CA GovernanceMinder™ - 70837

CA Technologies acquired Eurekify, a leading provider of role mining and role engineering, in November 2008. Using that technology, CA Technologies has built the current product CA GovernanceMinder. The product is tightly integrated with CA IdentityMinder™, the Identity Provisioning product provided by CA Technologies, and follows the same architectural and user interface paradigms. However, it supports other Identity Provisioning products as well. Features are increasingly also supported by the CA CloudMinder™ offering for cloud-based delivery models. Role mining is still...


Dec 10, 2013: Best Practice Webinar: Business Ready IAM with Sony Computer Entertainment and Simeio Solutions

In the age of BYOD, mobile, connected & extended enterprise, securing the perimeter isn´t enough anymore to keep the bad guys out. Organizations are leveraging the power of Identity and Access Governance to enable business, for both the enterprise and with their customers. It is important to have a sound foundation that aligns with your business strategy, while keeping pace with market trends and customer needs.

Press Release

KuppingerCole to open UK office

London, UK and Wiesbaden, Germany, November 2013 - The United Kingdom’s and Scandinavian continuing fight against identity-based “cybercrime” takes a leap forwards today as internationally renowned Identity and Access Management (IAM) specialist Peter Cummings joins forces with Governance, Risk and Compliance (GRC) and IT Security specialist Rob Newby to form KuppingerCole Analysts UK Ltd, a local subsidiary of KuppingerCole. KuppingerCole UK Ltd will also service the Scandinavian Market with Identity related Services.

Press Release

KuppingerCole (Asia Pacific) formed as part of Global KuppingerCole Analyst Team

Wiesbaden, Singapore & Gold Coast (Australia), November 8, 2013  – KuppingerCole today announces the formation of an exciting new development in the KuppingerCole history leveraging the capability of the KuppingerCole Research and Analyst team to companies and organizations in the Asia Pacific and Australasian markets. This announcement is that KuppingerCole Analysts have formed a Joint Venture with Australia´s leading vendor independent Identity & Access Management (IAM) consulting company Internet Commerce Australia ( to form KuppingerCole (Asia...


Negotiating the Cloud Standards and Advice Jungle

KuppingerCole Webinar recording

Vendor Report

Vendor Report: Courion Corporation - 70920

Identity, Security, and Risk Management as part of a broad solution portfolio. Well thought out IAM and IAG Business Case solution instead of a purely technical one. Choice of on-premise or cloud-based platform allows complete solution for all size businesses...


BYOI Revisited

Some time ago, in the wake of Wired journalist Mat Honan’s story of his account compromise (“How Apple and Amazon Security Flaws Led to My Epic Hacking”), I wrote about  BYOI – Bring Your Own Identity – and how “In the enterprise, there’s even less reason to support today’s BYOI.” Some time before that, my colleague Martin Kuppinger had also addressed this issue (“Bring Your Own Identity? Yes. And No”), dismissing the BYOI idea as simply a small piece of a much larger system. But I think we need to re-address this issue. First, the term “BYOI” as it’s commonly used is misleading. It’s not...

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected


AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]