News Archive

Blog

Do we really want an unsecured connected vehicle?

I read an interesting article about the future of vehicles and their connectivity in the Geo magazine, sort of the German counterpart to the National Geographic magazine. The article was quite interesting; however, I did not find anything about security. This is not a new experience: most of the articles and discussions about the concept of connected vehicles and their integration into the smart grid (plus all the discussions about smart grids and smart infrastructures) still are security-agnostic. Do we really want to drive unsecured connected vehicles? Do we really want to live in a...

Blog

Information Stewardship and BYOD news for you

Two documents crossed my desk this week – a survey and a “planning guide” – which fit nicely with two recent papers from KuppingerCole, illustrating a need and (unknowingly) confirming our conclusions. The first is about the current buzzword acronym BYOD (for “Bring Your Own Device”) which my colleague Martin Kuppinger just released an advisory note about (“today it’s almost exclusively mobile devices - smartphones, tablets, ‘phablets,’ etc. - that are referred to with BYOD: a focus that is too narrow...”) but which appears to be with us at least for the near term.  The new piece is a...

Blog

How to license Identity and Access Management software?

Recently I had some conversations with both vendors and customers about licensing models for IAM (Identity and Access Management) software. Historically, most licensing models were (and still are) based on the number of users, typically “named” users (rather than “concurrent” users). License models based on the number of concurrent users are rather unusual for IAM. Nowadays, I observe some shift towards models that are based on the number of connections or even processor-based. The number of connections is a metric that shows up in federation products, where the connection typically is...

Webcast

Extending Data Governance Beyond the Database

KuppingerCole Webinar recording

Press Release

Neuer KuppingerCole Leadership Compass Access Governance: Wer sind die Marktführer im Access Governance-Markt?

Wiesbaden, 21. März 2013  - Überblick und Entscheidungshilfe zugleich: Der KuppingerCole Leadership Compass bietet einen umfassenden Überblick der am Markt verfügbaren Anbieter von Access Governance Lösungen. Access Governance gehört zu den am schnellsten wachsenden Marktsegmenten des IAM-Marktes (Identity and Access Management). Während es noch vor wenigen Jahren lediglich eine Handvoll Anbieter in diesem Bereich gab, bieten dieser Tage fast 20 Hersteller Software-Produkte für Access Governance an.

Webinar

Apr 26, 2013: Benutzer- und Berechtigungsmanagement für den Mittelstand leicht gemacht

Das Benutzer- und Berechtigungsmanagement ist ein Thema für Unternehmen jeder Größenordnung. Während große Unternehmen meist schon seit längerer Zeit den Schritt hin zu einer zentralen Infrastruktur für IAM (Identity and Access Management) gemacht haben, ist die Situation im Mittelstand häufig noch durch das Fehlen einer Gesamtlösung geprägt. Systeme wie das Active Directory, SAP, Produktionssysteme und andere wichtige Business-Systeme werden unabhängig voneinander verwaltet. Das Risiko für die Informationen ist entsprechend hoch – gerade auch für das geistige Eigentum, das Firmenwissen,...

Webcast

Protecting Information in an Unstructured World

KuppingerCole Webinar recording

Blog

Looking at vendors from various angles – KuppingerCole Leadership Compass

Having published our second KuppingerCole Leadership Compass (on Access Governance) some ten days ago – with many others in the pipeline – I want to look at a blog post Michael Rasmussen, a former Forrester analyst and now an independent GRC expert, published in October 2012. I do not want to comment on the Gartner Magic Quadrant and MarketScope or the Forrester Wave. I also do not fully share the opinion of Michael Rasmussen on these. His major complaint is that documents like the ones mentioned tend to be too mono-dimensional for the needs of the customer. From my perspective, there is a...

Blog

What happened recently in Security?

When looking through the security related news of the past two weeks, there is very little that is surprising. Again, the usual topics such as discussions about whom to accuse of cyber-attacks and about newly found attack vectors have led to a series of news articles. There also have been ongoing discussions around privacy. However, as I have said and stated in my previous security blog post: Most topics remain the same. Some weeks it is about routers, this time reports about security weaknesses in connected HP printers and some other routers (TP-Link) spread the news. However, there have...

Blog

The Façade Proxy

Securing BYOD With the rapidly emerging cloud-mobile-social Troika coupled with the API Economy, there are so many questions about how to design systems that can allow application access to internal information and resources via APIs that will not compromise the integrity of enterprise assets. And on the other hand, how do we prevent inappropriate personal information from propagating inappropriately as personal data stores and information is processed and accessed? Indeed, I have read so many articles lately that predict utter catastrophe from the inevitable smart phone and tablet...

Advisory Note

Advisory Note: BYOD - Bring Your Own Device - 71003

Bring Your Own Device (or “BYOD” for short) may seem like the latest hype, but in fact it isn’t really all that new. Employees have been bringing their smartphones or iPads to work for quite some time now, mostly with their employers’ explicit (or at least implicit) consent. And ever since, IT departments have been worrying about losing control and how to halt the spread of privately owned mobile devices. You could even argue that BYOD started back in the early days of the PC, when the first “own” devices came into play and when IT departments started...

Webcast

SAP Identity Management und GRC: Miteinander statt nebeneinander!

KuppingerCole Webinar recording

Webinar

Apr 09, 2013: European Identity & Cloud Conference 2013 Preview

The European Identity & Cloud Conference (EIC) 2013 once again will be Europe´s most important event exploring the future of information technology. Join us in this webinar for a compehensive preview on this year´s key topics and speakers.

Webinar

Apr 16, 2013: Rapidly Evolving Identity & Access Management to Meet Today´s B2C & Cloud Challenges

The world of Identity and Access Management is growing in scope, and must change and adapt faster than ever before. CIOs are under pressure to shift from employee-centric IAM to consumer-facing IAM that drives top-line revenue. As a result, they are quickly learning that legacy enterprise IAM solutions are not designed to solve today´s web challenges (enterprise, cloud, social, mobile).

Webcast

European Identity & Cloud Conference 2013 - Agenda Preview

KuppingerCole Webinar recording

Blog

The future of healthcare

Recently the Massachusetts Institute of Technology (MIT) held a conference on the “Future of Health and Wellness.” One of the major takeaways from the conference (according to CIO magazine) was “6 Innovations That Will Change Healthcare.” These are: Reality Mining: Using Data to Influence Healthy Behavior Social Networking: For Best Results, Group Like-Minded People Usability: Give Users Something Familiar Home Care: Make It Easy, Involve Everyone Emotion Sensors: For the Willing, Anything Can Be Monitored Wellness Counseling: Sometimes, People Like Talking to Computers That’s...

Webcast

BYOD, Social Networking, Cloud - sicher und kalkulierbar

KuppingerCole Webinar recording

Leadership Compass

Leadership Compass: Access Governance - 70735

Access Governance is as of now the fastest growing market segment in the broader IAM (Identity and Access Management) market. Some vendors also use the term IAG (Identity and Access Governance). Another recent term is Access Intelligence (or Identity and Access Intelligence). While a few vendors try to establish this as a new market segment, we understand enhanced analytical capabilities just as an important feature within Access Governance. Few years ago, there have been only a handful of vendors in the Access Governance market. The large players acquired some vendors, others entered...

Blog

CeBIT – Shareconomy without connectivity?

Yesterday I spent a day at the CeBIT fair, still the world’s largest IT fair. Besides the many interesting meetings I had previously scheduled, I started thinking about the CeBIT “Leitthema” – their “claim of the year”. This year it has been “Shareconomy”. I still do not know what this term shall mean. There is some fuzzy description at the CeBIT homepage, but in contrast to topics like “Cloud” and “Managing Trust” in 2011 and 2012 respectively, Shareconomy – described as “sharing and using information, resources and experience based on new forms of collaboration” – is a very amorphous...

Blog

Why we need Dynamic Authorization Management

One of the topics I’ve been evangelizing for years is Dynamic Authorization Management. Dynamic Authorization Management is about externalizing authorization decisions outside of applications. It is about using an “application security infrastructure” which performs the authorization decisions (and manages other aspects of security like authentication, the administration of users etc.). It is about relying on security services instead of implementing security in every application. Dynamic Authorization Management is often associated with XACML (eXtensible Access Control Markup Language)....

Blog

What happened recently in Security?

When I’ve started writing this series of blog posts recently I thought that I will have sufficient material for a weekly post. However, when looking consequently at the security news of various sources it becomes obvious that there are a few recurring topics: New (and old) waves of attacks and new and old types of malware New exploits – the target of choice differs, the topic always remains the same Discussions about privacy Vendors with inappropriate security patch policies Yes, sometimes there are interesting announcements from vendors. However, besides the new big data approaches...

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]