News Archive

Press Release

Analyst Group KuppingerCole publishes Information Security Predictions and Recommendations for 2014

Wiesbaden, Germany, December 19th, 2013 – Analyst Group KuppingerCole published its annual report on Information Security Predictions and Recommendations, providing an expert’s view on what to expect in the Information Security market in 2014.

Press Release

Europäisches Analystenunternehmen KuppingerCole veröffentlicht Prognosen zum Thema Informationssicherheit und gibt Handlungsempfehlungen

Wiesbaden, 19. Oktober 2013 - Die Analystengruppe KuppingerCole hat ihren Jahresreport 2014 mit den Prognosen zum Thema Informationssicherheit veröffentlicht und liefert damit eine unabhängige Expertensicht auf aktuelle Trends und Entwicklungen.

Webcast

Big Data - The Holy Grail for Information Security?

KuppingerCole Webinar recording

Webinar

Mar 20, 2014: Das neue ABC: Agile Business, Connected. Wie sie die neuen Business-Anforderungen wirkungsvoll unterstützen

Die “Identity Explosion” stellt Unternehmen vor neue Herausforderungen. Statt sich beim IAM (Identity und Access Management) primär um die Mitarbeiter zu kümmern, muss man im „Extended Enterprise“ auch Geschäftspartner und oftmals Millionen von Kunden verwalten und ihnen kontrollierten Zugriff auf interne Systeme ebenso wie Cloud-Lösungen geben.

Webinar

Feb 18, 2014: Marketing will das Facebook-Login. Und was ist mit der Informationssicherheit?

Unternehmen verändern sich schneller denn je. Die Zusammenarbeit mit Kunden und Geschäftspartnern in neuen Geschäftsmodellen führt zu immer neuen Anforderungen an die IT. Diese muss reagieren und die Business-Innovationen unterstützen, statt sie zu behindern. BYOI (Bring Your Own Identity) und Social Logins sind sichtbarer Ausdruck dieser Innovationen und deshalb von hohem Gewicht.

Webinar

Jan 28, 2014: Informationen schützen, Risiken reduzieren: Privilegierte Zugriffe kontrollieren

Geschäftliche Informationen machen einen wesentlichen Teil des Unternehmenswertes aus. Diese Informationen sind aber gefährdeter als jemals zuvor. Diese Gefahr entsteht aber keineswegs nur durch externe Angriffe, sondern in hohem Maße immer noch durch interne Anwender mit umfassenden Berechtigungen.

Blog

KuppingerCole Predictions and Recommendations 2014

On Monday this week, we have published the KuppingerCole Predictions and Recommendations for 2014. They differ from other publications of people looking into the crystal ball in one important aspect: we not only provide our predictions, but also recommendations. More on that below. Information Security is in constant flux. With the changing threat landscape, as well as a steady stream of innovations, demand for Information Security solutions is both growing and re-focusing. Based on new offerings and changing demand, KuppingerCole predicts several major changes in the Information Security...

Blog

2013 – The End of Innocence?

Many people have begun thinking of 2013 as the Year That Changed Everything, at least in the area of privacy. From the Snowden leaks thru the many iterations of Facebook’s privacy policy, from the implications of the Internet of Things through Google’s troubles with the EU’s various Data Privacy laws it seems that privacy was on everybody’s mind. In January, NSA contractor Edward Snowden made contact with The Guardian and the Washington Post and by now we’re all familiar with the revelations of state-sponsored surveillance he revealed. Primarily concerned with the US government, and...

Advisory Note

Advisory Note: Information Security Predictions and Recommendations 2014 - 71299

Recommendations for investing in Information Security in 2014. Predictions of the trends and hypes in Information Security in 2014. Advice on which of these trends and hypes to follow.

Product Report

Product Report: Microsoft Windows Azure Active Directory - 70977

Directory Services, Identity Federation, and Access Management from the Cloud in a single integrated solution. Extend your Active Directory infrastructure to the Cloud and manage business partners, customers, and Cloud service access in a combined service.

Blog

SDN is NOT the next big thing. SDCI is.

I have read many predictions recently that SDN (Software Defined Networking) is the next big thing in IT. Wrong. It is not. It is just a small piece in a bigger story. And just looking at SDN is not sufficient. The next big thing is SDCI – Software Defined Computing Infrastructure. This is about “software-defining” everything. Hardware virtualization – “software defining hardware”, so to speak – is a reality. Software Defined Storage is becoming increasingly popular. SDN is another element. A number of vendors, such as VMware, talk about a Software Defined Cloud Datacenter. I don’t like...

Webcast

Business Ready IAM with Sony Computer Entertainment and Simeio Solutions

KuppingerCole Webinar recording

Blog

Cloud Standards – Complex but not a Jungle according to ETSI!

In September 2013 the European Commission (EC) published the strategy to “to create single set of rules for cloud computing and increase EU GDP by €160 billion annually by 2020”. This strategy identified a number of key actions one of these being “Cutting through the Jungle of Standards”.   Following a request from the European Commission, the European Telecommunications Standards Institute (ETSI) launched the Cloud Standards Coordination (CSC) initiative.  In November 2013 ETSI published its final report from the CSC initiative.    According to this report “the Cloud Standards landscape is...

Seminar

Feb 19, 2014: Identity & Access Management Experts Day

Deep dives into technology & architectures: The Identity & Access Management Experts Day is the place, where you meet with Identity & Access Management experts for in-depth discussion on the future of Identity Management, Cloud Computing and Information Security.

Business & Technology Breakfast

Feb 18, 2014: Managing Identities and Access to Information for Cloud, Mobile and Social Computing

Cloud Computing, Mobile Computing and Social Computing - each of these trends have been around for some time. But what we see now, is the convergence of those forces, creating strong new business opportunities and changing the way we use information technology to interact with our customers and to run our enterprises. It is all about the shift of control into the hands of users, far beyond of what we used to call consumerization. Identity and access is the key element in this paradigm shift and this KuppingerCole Business & Technology Breakfast is a great place to discuss these topics. It...

Business & Technology Breakfast

Jan 23, 2014: Moving from Prohibition to Trust: Identity Management in the On Premises and Cloud Era

Managing and governing access to systems and information, both on-premise and in the cloud, needs to be well architected to embrace and extend existing building blocks and help organizations moving forward towards a more flexible, future-proof IT infrastructure. Join KuppingerCole APAC in this Breakfast Debate to find out how to best move from old school, prohibition based security to trust in access control.

Blog

Smarter Risk

According to IBM a consistent way to manage all types of risk is the key to success for financial services organizations.  To support this IBM will be rolling out their Smarter Risk offering during Q1 2014.  Failure to properly manage risk has been alleged to be the cause of the financial crisis and, to force financial services organizations to better manage risk, the regulators around the world are introducing tougher rules. The underlying causes of the damaging financial crisis can be traced back to the management of risk.  Financial services organizations need to hold capital to protect...

Webcast

Time to Review and Rethink: Does Your Current IAM Still Suit Your Needs?

KuppingerCole Webinar recording

Blog

Is there really no way to avoid shared user accounts?

In various discussions over the past month, mainly in the context of Privilege Management, I raised the (somewhat provocative) claim that shared accounts are a bad thing per se and that we must avoid these accounts. The counterargument  I got, though, was that sometimes it is just impossible to do so. There were various examples. One is that users in production environments need a functional account to quickly access PCs and perform some tasks. Another is that such technical user accounts are required when building n-tier applications to, for instance, access databases. Administrators...

Executive View

Executive View: Stormpath Identity API - 71013

Information security in general and identity management in particular have become a critical, more and more sophisticated, and costly component for almost every online service. Developers must either invest a lot of effort to implement and maintain it or integrate a third party solution. Currently, the market for such solutions is very large and mature, but solutions from traditional vendors like Oracle, Microsoft or IBM are usually prohibitively expensive for smaller businesses and require months of integration effort. This is why demand for completely managed Authentication and User...

Blog

Safer, stronger authentication

In my last post (“Dogged Determination”) I briefly mentioned the FIDO alliance (Fast Identity Online) with the promise to take a closer look at the emerging internet password-replacing-authentication system this time. So I will. But first, an aside. It’s quite possible that the alliance chose the acronym “FIDO” first, then found words to fit the letters. Fido, at least in the US, is a generic name for a dog which came into general use in the mid 19th century when President Abraham Lincoln named his favorite dog Fido. Choosing a word associated with dogs harkens back to the internet meme...

Blog

Security Advice for Industrial Control Systems

Last week, the German BSI (Bundesamt für Sicherheit in der Informationstechnik, the Federal Office for IT Security), published a document named “ICS-Security-Kompendium”. ICS stands for “Industrial Control Systems”. This is the first comprehensive advisory document published by the German BSI on this topic so far. The BSI puts specific emphasis on two facts: ICS are widely used in critical infrastructures, e.g. utilities, transport, traffic control, etc. ICS are increasingly connected – there is no “air gap” anymore for many of these systems It is definitely worth having a look at the...

Blog

IAM@IBM: Finally back to leadership

It has been somewhat quiet around IBM’s IAM offering for the past few years. Having been one of the first large vendors entering that market, other vendors had overhauled IBM, being more innovative and setting the pace in this still emerging market. This seems to be over now and IBM is showing up amongst the IAM leaders again. Since IBM launched its IBM Security division as part of their software business and moved the IAM product from the Tivoli division into that new division, things have changed. The IBM Security division not only is responsible for the IAM products, but a number of...

Business & Technology Breakfast

Dec 03, 2013: Moving from Prohibition to Trust in Access Control: Identity Management for Government in the On Premises and Cloud Era

Managing and governing access to systems and information, both on-premise and in the cloud, needs to be well architected to embrace and extend existing building blocks and help organizations moving forward towards a more flexible, future-proof IT infrastructure. Join KuppingerCole APAC in this Breakfast Debate to find out how to best move from old school, prohibition based security to trust in access control.

Blog

The World is your Datacentre

I’ve worked in Security for many years, specialising in Network and Data Security, largely by chance, following my interests and the market in equal measure. I started with authentication tokens and SSL acceleration devices back in the early 2000s, the latter market mutated into key and certificate management, encryption of various types hanging off these monolithic management devices. Some of the SSL accelerators turned into load balancers and proxies, even SSL VPNs. It was a technology that spawned a number of others. In 2009, I prophesised that encryption was finally going to make a...

Webinar

Jan 16, 2014: Zugriffsrechtsmanagment - Risiken erfolgreich minimieren

Aussagen von Auditoren zu Risiken durch privilegierte Nutzer sind nicht wirklich nötig, um ein besonderes Augenmerk auf privilegierte Zugriffe zu werfen.

Blog

Secure Information Sharing – a lot of new momentum

During the last few months, we have seen – especially here in Europe – a massive increase in demand for methods to securely share information, beyond the Enterprise. The challenge is not new. I have blogged about this several times, for instance here and here. While there have been offerings for Information Rights Management or Enterprise Rights Management for many years - from vendors such as Microsoft, Adobe, Documentum or Oracle, plus some smaller players such as Seclore - we are seeing  a lot of action on that front these days. The most important one clearly is the general...

Webcast

Moving Access Governance to the Next Level: Beyond Check-box Compliance

KuppingerCole Webinar recording

Blog

Dogged Determination

Some colleagues and I got into a short discussion about the FIDO alliance last week. That’s the Fast Identity Online Alliance, which was formed in July 2012 with the aim of addressing the lack of interoperability among strong authentication devices. They also wish to do something about the problems users face with creating and remembering multiple usernames and passwords. According to their web site, “the FIDO Alliance plans to change the nature of authentication by developing specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords...

Blog

Auditing access to sensitive information in SAP systems

In a recent SAP Insider article, SAP unveiled some interesting news around security auditing and information protection. In SAP NetWeaver Application Server (AS) ABAP 7.40 they included a new functionality called Read Access Logging (RAL). The current version supports Web Dynpro ABAP, web service, and RFC calls. Support for ABAP Dynpro is planned for a later release. SAP also has announced availability for release 7.31 near-time and is planning further “downports” to earlier versions. What does this feature provide? RAL allows you to log access to defined sensitive data in these systems,...

Advisory Note

Advisory Note: Life Management Platforms: Control and Privacy for Personal Data - 70745

Life Management Platforms (LMPs) combine personal data stores, personal cloud-based computing environments, and trust frameworks. They allow individuals managing their daily life in a secure, privacy-aware, and device-independent way. In contrast to pure personal data stores, they support concepts, which allow interacting with other parties in a meaningful way without unveiling data. This concept of ‘informed pull’ allows apps to consume information from the personal data store as well as from third parties and to use that information for decision making, without unveiling data...

Product Report

Product Report: CA GovernanceMinder™ - 70837

CA Technologies acquired Eurekify, a leading provider of role mining and role engineering, in November 2008. Using that technology, CA Technologies has built the current product CA GovernanceMinder. The product is tightly integrated with CA IdentityMinder™, the Identity Provisioning product provided by CA Technologies, and follows the same architectural and user interface paradigms. However, it supports other Identity Provisioning products as well. Features are increasingly also supported by the CA CloudMinder™ offering for cloud-based delivery models. Role mining is still...

Webinar

Dec 10, 2013: Best Practice Webinar: Business Ready IAM with Sony Computer Entertainment and Simeio Solutions

In the age of BYOD, mobile, connected & extended enterprise, securing the perimeter isn´t enough anymore to keep the bad guys out. Organizations are leveraging the power of Identity and Access Governance to enable business, for both the enterprise and with their customers. It is important to have a sound foundation that aligns with your business strategy, while keeping pace with market trends and customer needs.

Press Release

KuppingerCole (Asia Pacific) formed as part of Global KuppingerCole Analyst Team

Wiesbaden, Singapore & Gold Coast (Australia), November 8, 2013  – KuppingerCole today announces the formation of an exciting new development in the KuppingerCole history leveraging the capability of the KuppingerCole Research and Analyst team to companies and organizations in the Asia Pacific and Australasian markets. This announcement is that KuppingerCole Analysts have formed a Joint Venture with Australia´s leading vendor independent Identity & Access Management (IAM) consulting company Internet Commerce Australia (www.inca.com.au) to form KuppingerCole (Asia...

Press Release

KuppingerCole to open UK office

London, UK and Wiesbaden, Germany, November 2013 - The United Kingdom’s and Scandinavian continuing fight against identity-based “cybercrime” takes a leap forwards today as internationally renowned Identity and Access Management (IAM) specialist Peter Cummings joins forces with Governance, Risk and Compliance (GRC) and IT Security specialist Rob Newby to form KuppingerCole Analysts UK Ltd, a local subsidiary of KuppingerCole. KuppingerCole UK Ltd will also service the Scandinavian Market with Identity related Services.

Webcast

Negotiating the Cloud Standards and Advice Jungle

KuppingerCole Webinar recording

Vendor Report

Vendor Report: Courion Corporation - 70920

Identity, Security, and Risk Management as part of a broad solution portfolio. Well thought out IAM and IAG Business Case solution instead of a purely technical one. Choice of on-premise or cloud-based platform allows complete solution for all size businesses...

Blog

BYOI Revisited

Some time ago, in the wake of Wired journalist Mat Honan’s story of his account compromise (“How Apple and Amazon Security Flaws Led to My Epic Hacking”), I wrote about  BYOI – Bring Your Own Identity – and how “In the enterprise, there’s even less reason to support today’s BYOI.” Some time before that, my colleague Martin Kuppinger had also addressed this issue (“Bring Your Own Identity? Yes. And No”), dismissing the BYOI idea as simply a small piece of a much larger system. But I think we need to re-address this issue. First, the term “BYOI” as it’s commonly used is misleading. It’s not...

Executive View

Executive View: Oracle Big Data Solutions - 70993

Smart information is big data analyzed to provide answers to business questions. Oracle provides a range of integrated software and hardware tools needed to acquire and analyze big data into smart information. These tools have a particular focus on enterprise concerns including information security and the exploitation of the masses of data already held within corporate data warehouses.

Blog

Oracle OpenWorld ’13 Part 2 of 2 – going for more than the Americas Cup?

It is now nearly a month since Oracle OpenWorld 2013 closed and Oracle Team USA made an incredible win in the 34th Americas Cup. Both events have been amazing experiences with OpenWorld attracting more that 65000 attendees and Oracle Team USA coming back from certain defeat to a mind-blowing win. While I am a huge sailing fanatic, and probably could go on for days about the Americas Cup, in this blog post I will focus on what I believe the key messages from Oracle at OpenWorld were and also what it says about where Identity and Access Management is going. I came to Oracle OpenWorld with a...

Advisory Note

Advisory Note: Infrastructure as a Service Market Report - 71021

This report provides an overview and analysis of the market for Infrastructure as a Service (IaaS). IaaS provides basic computing resources that the customer can use over a network to run software and to store data. This report shows that there is a range of IaaS service providers with strengths in various areas.

Webinar

Dec 04, 2013: Time to Review and Rethink: Does your Current IAM Still Suit your Needs? And did it Deliver what you Expected?

Many organizations have started their journey into the world of IAM several years ago.

Webcast

Identity Information Quality

KuppingerCole Webinar recording

Blog

Getting the security you need

Lately I’ve been writing a lot about how you should be improving your authentication and authorization. I’ve been haranguing you to get Risk-Based Access Control (RiskBAC) sooner rather than later. There has been some push back. It’s a truism in IT and security that “technology is easy, it’s the people that are hard.” Well, when moving to RiskBAC, the technology – or its implementation – isn’t easy. So if the technology isn‘t easy what does that say about the people? Darn near impossible, that’s what. There are, also, two different people problems. The first is users. While we’d like...

Press Release

Neue Advisory Note von KuppingerCole: The Future of IT Organizations liefert ein Orientierungsmodell für die IT-Organisationsentwicklung

Wiesbaden, 18. Oktober 2013 - In der kürzlich veröffentlichten Advisory Note The Future of IT Organizations betrachtet KuppingerCole die geänderten Anforderungen an IT-Organisationen insbesondere im Kontext von agilen Unternehmensstrukturen. 

Press Release

New KuppingerCole Advisory Note: The Future of IT Organizations provides a standardized model to move your IT Organization and IT Infrastructure to the next level

Wiesbaden, October 18, 2013 – In the recently announced Advisory Note The Future of IT Organizations KuppingerCole identifies and describes the challenges organizations and IT are facing, based on the fundamental evolutions in IT.

Webcast

Extended Enterprise - The New Scope of Information Security

KuppingerCole Webinar recording

Executive View

Executive View: RSA Adaptive Authentication - 70889

Adaptive Authentication uses risk-based policies to evaluate a user’s login and post-login activities against a range of risk indicators. Systems then ask for additional assurance of the users’ identities when a risk score or policy rules are violated. This risk and context-based authentication and authorisation methodology provides transparent authentication for the majority of the users, and provides an appropriate level of risk mitigation for those who are in untrusted positions. The level of assurance for a given identity depends on the risk of identity theft calculated...

Webinar

Nov 19, 2013: Moving Access Governance to the next level: Beyond check-box compliance

Identity Access Governance and Intelligence (IAG/IAI) is one of the key disciplines of today’s Information Security. While many organizations still are in the deployment phase and focus on fulfilment of regulatory compliance in some selected systems, the challenges already have changed. It is not sufficient to govern access in SAP environments or some few other IT systems to really tackle all of today’s Information Security challenges. The threat landscape is changing and attacker tactics have fundamentally changed, resulting in adversaries that are more formidable than ever before, and who...

Webcast

Strategic Information Security Investment Planning - The Legal Perspective

KuppingerCole Webinar recording

Blog

Salesforce Identity

Today Salesforce.com announced the general availability of Salesforce Identity – what does this mean for customers and the IAM market? In some ways this is not a completely new product, Salesforce.com CRM customers have been using much of this for some time.  However what is announced today extends the functionalities of this way beyond what previously existed.  Salesforce Identity provides a web single sign on capability that can be white labelled and which can be based on authentication by Salesforce.com or a number of other trusted identity providers.  The Salesforce.com authentication...

Blog

Identity Information Quality: Recertify the Identity

One of the challenges many organizations are facing in their IAM infrastructure is “Identity Information Quality”. That quality, especially in larger organizations, varies depending on the source it comes from. This challenge is not limited to the enrollment process, but also all subsequent processes. While the creation of new digital identities in IAM systems (at least for employees) is frequently driven primarily through imports from HR systems, changes of attribute values might be triggered from many different sources. Many organizations spend a lot of time and money to improve HR...

Advisory Note

Advisory Note: The Future of IT Organizations - 71200

Prepare your IT Organization for the major evolutions affecting every business. Become ready to deal with today’s and tomorrow’s approaches to Cloud Computing. Build a competitive on-premise IT if you still need on-premise IT (and most will). Stay in control of your Business Services, IT Services, and Information Security.

Executive View

Executive View: EmpowerID 2013 - 70005

EmpowerID was founded in 2005 and is based out of Dublin, Ohio. EmpowerID was previously known as a niche player, with products like the Active Directory (AD) Self-Service Suite, which provides web-based white pages and password reset for AD...

Vendor Report

Vendor Report: SafeNet - 70876

SafeNet’s Comprehensive data-centric security portfolio looks at business cases instead of solely technical solutions, and extends protection and ownership across the data lifecycle as it is stored, created, shared, accessed,and moved. The organisation looks forward to future-state virtual and Cloud deployments at the same time as making it possible integrate with current-state architectures.

Blog

Mobile Security: Virtualization on the smartphone

LG recently announced a new platform called GATE that will enable some LG business smartphones to run two mobile operating systems in parallel. LG appears, with this feature, to be reacting to the security concerns many organizations have around BYOD (Bring Your Own Device). Virtualization is one of the smartest options for enhancing the security of mobile devices, as we discussed in the KuppingerCole Advisory Note “BYOD”. By virtualizing the smartphones and providing two segregated environments, users can access both their business and their private environment, with the business apps...

Webcast

Approaches and Elements of Maturity Benchmarking in Information Security

KuppingerCole Webinar recording

Executive View

Executive View: Evidian Enterprise SSO - 70823

Despite being one of the more traditional and well-established areas of Identity and Access Management (IAM), and despite the fact there is still an obvious business benefit and quick-win potential in Enterprise Single Sign-On (E-SSO)  there are still many organizations that have not deployed an E-SSO solution. Enterprise Single Sign-On (E-SSO) is a well-established technology. Even with all the progress in the area of Identity Federation, providing standards-based Single Sign-On across applications and organizations, E-SSO still is a relevant technology. This is also true in light...

Blog

Avoiding Data Breaches and Managing Big Data

Today information is the foundation upon which businesses are built and organizations need to prosper.  However, given its value, information is not treated with sufficient respect by everyone in the organization.  It sometimes seems that the only people that understand the value of information are those who are trying to steal it! Big data makes this problem worse - in addition to the vast quantity of data from the Internet of Things and social media, so much unstructured information is now being created within organizations.  Who owns this data and who is responsible for its security? I...

Webcast

Wie Sie Ihre Daten unausspionierbar transportieren und speichern

KuppingerCole Webinar recording

Webcast

Verschlüsselung richtig einsetzen

KuppingerCole Webinar recording

Blog

Apple finally gets something right

Apple’s new iPhone (the 5S model) is equipped with the Touch ID fingerprint reader. Its release just a couple of weeks ago has generated more discussion (and bloviating) about biometrics, fingerprints in particular, than all other fingerprint systems together. Not only that, but it’s forcing me to do something I’ve rarely – if ever – done before: say something nice about Apple. In the twenty years I’ve been writing and opining about technology I’ve occasionally ranted about Apple, its products, its management and its fans, but for the first time, today, I can say bravo Apple. Bravo Apple...

Webcast

How Mature is Your Cloud?

KuppingerCole Webinar recording

Blog

The Future of the Cloud

As a UK member of ISACA as well as an industry analyst I was privileged to participate in a round table on the subject of the future of the cloud and the results of this were published in a supplement to the Guardian newspaper on September 27th. Here is a summary of my thoughts on this subject: The cloud is about efficiency and economies of scale.  The successful CSPs (Cloud Service Providers) will be those that can provide value for money to their customers.  For large enterprises the cloud will add complexity by becoming yet another platform to be accommodated.  However for SMEs the...

Whitepaper

Whitepaper: Migrating to the CA Technologies Solution for Identity Management & Access Governance - 71001

Recommendations for migrating from legacy Identity Provisioning to CA Technologies Identity Management and Access Governance solutions. Technical issues in migration, planning for migration, best practices, and potential benefits.

Executive View

Executive View: IBM SmartCloud Services - 70785

IBM offers a range of cloud products and services that include Infrastructure as a Service, Platform as a Service and Business Process as a Service under the SmartCloud™ brand.  IBM recently acquired SoftLayer Technologies Inc, and at the same time announced the formation of a new Cloud Services division.  This executive view provides an overview of IBM SmartCloud IaaS and PaaS offerings together with an assessment their strengths and challenges in the light of these changes.

Press Release

Michael Bürger verstärkt das Businessteam von KuppingerCole

Wiesbaden, 1. Oktober 2013 - Im Rahmen der Expansion des Analystenhauses KuppingerCole nach Osteuropa verstärkt Michael Bürger das Businessteam des Unternehmens als Partner und übernimmt die Verantwortung für die Region Osteuropa.

Press Release

Michael Bürger is joining the KuppingerCole Business Team

Wiesbaden, October 1, 2013 – As a part of the analyst company KuppingerCole’s expansion towards Eastern Europe, Michael Bürger joins the company as a partner and assumes responsibility for the EECIS region.

Blog

Azure Active Directory: What is the Graph API?

In Azure Active Directory (AAD) there is a Graph API. This is the main API to access AAD. The idea of a Graph API is not entirely new. The one provided by Facebook is already well established. But what is this really about and why does AAD provide such an API? First of all, I neither like the term “Graph API” nor “API” itself very much. Both are, from my perspective, far too technical. They are fine for people with a good background in mathematics and computer science, but not for typical business people. A graph is a mathematical concept describing nodes and their connections. The...

Leadership Compass

Leadership Compass: Access Management and Federation - 70790

With the growing demand of business for tighter communication and collaboration with external parties such as business partners and customers, IT has to provide the technical foundation for such integration. Web Access Management and Identity Federation are key technologies for that evolution. They enable organizations to manage access from externals and to external systems, including cloud services, in a consistent way. Organizations have to move forward to strategic approaches on enabling that integration, supporting the Extended Enterprise. While Web Access Management technologies...

Webcast

Authorization as a Calculated Risk

KuppingerCole Webinar recording

Blog

Oracle OpenWorld '13 Part 1 - Midway Report

Whilst the majority of the IT press is focusing on the big announcements being made here at Oracle OpenWorld, such as in-memory storage and the extended collaboration between Oracle, EMC and Microsoft, I would like to focus a bit more on the Identity & Access Management news. There are several new innovations from Oracle which have not got the same attention as the keynotes, even though many of them are, in my opinion, game-changing and could have a significant impact on the business world. In this post I will cover them briefly, and in the following weeks I will be going into more...

Webcast

The Business Side of the API Economy: Enabling the Agile, Connected Enterprise

KuppingerCole Webinar recording

Blog

A recipe for PII

PII, Personally Identifiable Information (also phrased as Personal Identity Information) is at the heart of identity security and privacy. Yet, like almost all terms in the Identity sphere, it suffers from multiple overlapping definitions leading to misunderstandings, heated discussions and a distinct lack of clarity. Major sources of these problems are codified definitions from national laws, standards bodies and government agencies (such as the US National Institute for Standards and Technology). There’s not much I can do about government definitions, no matter how wrong they are. But I...

Blog

Understanding Azure Active Directory

Some time ago Microsoft unveiled its Azure Active Directory (AAD). During recent weeks, I have had several discussions about what AAD is. First of all: It is not just an on-premise AD ported to Azure and run as a Cloud service. Despite relying in its inner areas on proven AD technology, it differs greatly from on-premise AD. It is a new concept, going well beyond a classical directory service and integrating support for Identity Federation and Cloud Access/Authorization Management. In fact you can use three flavors of AD today: The classical on-premise AD The on-premise AD running on...

Press Release

Andrew Nash is joining the KuppingerCole Analyst Team

Wiesbaden, September 17, 2013  – Identity Expert Andrew Nash just joined KuppingerCole as Fellow Analyst. Besides his very strong background in dealing with consumer identities, he has a long-term experience in PKIs, secure web services, and other identity and security related topics. “We are very pleased to welcome Andrew on board. Andrew is an experienced and well-known thought leader in Identity Management and Information Security and will add furthermore expertise to our team of leading Information Security experts”, Martin Kuppinger, Founder and Principal...

Webinar

Oct 08, 2013: Verschlüsselung richtig einsetzen

Die NSA und ihre Helfer in Europa und Deutschland haben gewaltige Möglichkeiten, sich in Ihr berufliches und privates digitales Leben unbemerkt einzuschleichen. Die jüngsten Enthüllungen zur Entschlüsselungspraxis der NSA und den Zugriff auf Smartphones steigern einerseits die Beunruhigung. Andererseits aber liefern sie genügend Details über die Praxis staatlichen Hackertums, um eine Verteidigungslinie definieren zu können. Prof. Dr. Sachar Paulus, Krypto-Experte und KuppingerCole Senior Analyst, gibt Ihnen 5 Tipps, wie Sie einen wesentlichen Teil staatlich organisierter Angriffe auf Ihre...

Webinar

Dec 19, 2013: Big Data - The Holy Grail for Information Security?

With an increasing number of fraud incidents, customer data losses and other breaches on one side, and the disappearance of the classical perimeter because of the need to finally extend the enterprise to partners and customers on the other side, introducing Big Data for Security Analytics seems to be the logical next level for your information security strategy. In this webinar, KuppingerCole´s Principal Analyst Martin Kuppinger will talk about the benefits and challenges using Big Data for security analytics, and he will draw your attention to the additional risk that may come along with...

Webinar

Oct 08, 2013: Wie Sie Ihre Daten unausspionierbar transportieren und speichern

Die neuesten Enthüllungen über die Angriffe westlicher Geheimdienste, allen voran der NSA, auf kryptografische Implementierungen sorgen verbreitet für Unsicherheit darüber, wie man sich mit welchen heute verfügbaren Werkzeugen noch wirksam vor dem Ausspionieren schützen kann. In diesem Webinar sprechen KuppingerCole Senior Analyst Prof. Dr. Sachar Paulus und Lutz Emrich vom SIZ über die Auswahl und den Einsatz solcher Werkzeuge. Dieses Webinar baut auf unser einführendes Webinar mit dem Titel "Verschlüsselung richtig einsetzen" auf.

Webinar

Oct 22, 2013: Identity Information Quality

Identity Information Quality has been a challenge since the early days of IAM, and it remains top of the list in many projects. Good quality of identity information is the foundation of any information security initiative. In this webinar, we will discuss strategies and solutions to improve identity data quality.

Webinar

Oct 09, 2013: Approaches and Elements of Maturity Benchmarking in Information Security

Information Security is hard to measure. If your security strategy fits well into your organization´s needs, then the risks are low and there is hardly anything happening that you could measure. Or, the other way round - the more you can measure, the more your job is at risk. True? Join us in this webinar to find out.

Webinar

Nov 05, 2013: Negotiating the Cloud Standards and Advice Jungle

The cloud is a hot topic and most SDOs (Standards Defining Organizations) have at least one initiative in this area. This plethora of initiatives has confronted the users of cloud services as well as CSPs (Cloud Service Providers) with a jungle of frameworks, standards, advice and certifications. In this webinar, KuppingerCole´s Senior Analyst Mike Small will provide a summary of these and some practical advice on their relevance and usability.

Webinar

Oct 17, 2013: Extended Enterprise - The New Scope of Information Security

Managing access to information and services deployed anwhere for employees, partners and customers in any context on any type of device owned by any party involved - there couldn´t be a much more challenging task. In this webinar, KuppingerCole´s Principal Analyst Martin Kuppinger will introduce you into the new concept of managing the "explosion" of identities and devices.

Webinar

Oct 15, 2013: Strategic Information Security Investment Planning - The Legal Perspective

The ever increasing challenge of meeting regulatory compliance is putting more and more pressure on your information security budget? Then it may be time to include some legal arguments to convince your management that you need to spend more on information security. In this webinar, KuppingerCole´s Fellow Analyst, Lawyer and Data Protection expert will help you finding these arguments.

Blog

I ♥ Biometrics

If you’ve followed my writings for very long, you know I’m a strong believer in biometric authentication. (See, for example, this Network World column from over a dozen years ago) Why? Well, for one reason, unlike a password or a hardware token, you can’t misplace or lose a biometric (fingerprint, facial scan, keyboard dynamics, etc.) – it’s always with you. Now, there’s another biometric system for you to look at. Bionym, Inc. has announced Nymi, a biometric reader that goes a step further than most others. Nymi is a bracelet with two electrical contacts – one on the underside, which is...

Webinar

Oct 04, 2013: How Mature is Your Cloud?

Cloud services are outside the direct control of the customer organization and their use places control of the IT service and infrastructure in the hands of the CSP (Cloud Service Provider). A structured approach is essential to ensure organizational readiness for the cloud, to select the right service to meet business needs and other non-functional requirements like security and compliance and to enable that service to be assured. This webinar gives an introduction into cloud maturity assesment basics and is a great preparation for the KuppingerCole Information Risk & Security Summit...

Product Report

Product Report: SAP GRC Access Control 10 - 70737

The standard solution for managing Access and the related risks in SAP environments. Implement SoD controls, keep privileged users under control, and know what could happen in your SAP systems.

Webinar

Sep 17, 2013: Verschlüsselung richtig einsetzen

Die NSA und ihre Helfer in Europa und Deutschland haben gewaltige Möglichkeiten, sich in Ihr berufliches und privates digitales Leben unbemerkt einzuschleichen. Die jüngsten Enthüllungen zur Entschlüsselungspraxis der NSA und den Zugriff auf Smartphones steigern einerseits die Beunruhigung. Andererseits aber liefern sie genügend Details über die Praxis staatlichen Hackertums, um eine Verteidigungslinie definieren zu können. Prof. Dr. Sachar Paulus, Krypto-Experte und KuppingerCole Senior Analyst, gibt Ihnen 5 Tipps, wie Sie einen wesentlichen Teil staatlich organisierter Angriffe auf Ihre...

Blog

Security is not enough

Since I have worked in this industry, one trend has always been evident – most IT departments can’t, don’t or won’t pay for the very cutting edge developments in security technology. It’s not that they struggle to keep up with these developments, on the contrary, they are the very people who are demanding them, it is that they have different priorities. Technology budget is traditionally focused on performance and delivery rather than security, as that is where the obvious business benefits lie. Security rarely gives a return on investment, it is there to prevent loss; so at best security...

Blog

Eliminating passwords? We’re NEARly there!

I subscribe to a clipping service which delivers pointers to web documents to my inbox for items I’m interested in (described by keywords). Just last week, it pulled in a document about “The Changing role of the Access Control credential.” Well, access control is one of my favorite topics, so I jumped right in to it. Only later did I discover that the article in question had actually been published almost a year ago. (The clipping service is always adding new sources, and scans all of the available documents on the new source so – from time to time – I did get somewhat outdated links)...

Congress

May 13 - 16, 2014: European Identity & Cloud Conference 2014

European Identity & Cloud Conference 2014 is the place where identity management, cloud and information security thought leaders and experts get together to discuss and shape the Future of secure, privacy-aware agile, business- and innovation driven IT.

Press Release

Analyst Company KuppingerCole has released a new Report on Secure your Cloud against Industrial Espionage

Wiesbaden, August 23, 2013 – KuppingerCole offers advice on protecting your Cloud from industrial espionage with practical advice regarding managing technical risk within a Cloud environment.

The analyst group KuppingerCole has published the advisory note “Secure your Cloud against Industrial Espionage”. 

Webinar

Sep 24, 2013: The Business Side of the API Economy: Enabling the Agile, Connected Enterprise

Today’s businesses have to be far more agile than ever before. Competing on global scale, economic turmoil, rapid innovation and other factors put pressure on organizations. One of the results is that businesses have to be better connected with other businesses and customers than ever before. They have to be faster in their own business processes and the processes that connect them with others. They have to make more out of information, by combining information from various sources, including openly available data. Smart information that is based on combining information from various...

Advisory Note

Advisory Note: Secure your Cloud against Industrial Espionage - 70997

Securing your business against industrial espionage is about knowing your competitors and stopping your IP getting into their hands. In a Cloud environment you need to be considering all of the risks around Cloud provision, conflicts of interest, legal environments in remote locations, and of course having a third party processing and controlling your most sensitive information. A vital consideration that needs to be made before committing to a Cloud solution is whether it needs to be done. Consider your requirements, do you need to take everything offsite, should you? Use a...

Executive View

Executive View: MYDIGIPASS.COM - 70860

One of the most important consequences of the ongoing trend of IT consumerization driven by growing adoption of mobile and cloud computing has been the exponential growth of the number of identities businesses and consumers have to deal with. Unfortunately, as the number of ways for individuals and businesses to interact over the Internet is growing, controlling and securing these information flows becomes much more complicated. With all the recent news about malware attacks, industrial espionage, corporate security breaches, and massive leaks of personal information, it is obvious that...

Press Release

Analyst Company KuppingerCole has released a new Report - Managing Risks to Critical Infrastructure

Wiesbaden, August 16, 2013 – KuppingerCole offers advice on managing risks to your critical infrastructure with a comparison of critical national infrastructure and the effects of technical threats.

Advisory Note

Advisory Note: Managing Risks to Critical Infrastructure - 70819

Threats to critical National technical infrastructure such as Finance, Energy, Telecommunications and Government are a result of human nature, although difficult to treat in the abstract, technical controls can be applied to prevent, detect and resist attempts to subvert...

Executive View

Executive View: PingFederate 7 - 70801

Ping Identity is a specialized vendor focusing on Identity Federation and related use cases. Ping calls this “Identity Bridges”. Their portfolio consists of two offerings: PingFederate is their enterprise solution for standards-based federated identity management; while PingOne provides cloud-based single sign-on to public and private cloud applications; and cloud-based SSO enabling for service provider applications. PingFederate and PingOne services can be used standalone, but are complementary. Ping currently adds further capabilities such as APIs for simpler consumption of...

Conference

Nov 27 - 28, 2013: Information Risk & Security Summit 2013

The Information Risk & Security Summit Frankfurt 2013, taking place on November 27 – 28, 2013 at the Frankfurter Innovationszentrum FIZ Conference Lab, Frankfurt/Germany, offers an unseen combination of thought leadership and interactive session formats, tackling the most demanding questions IT professionals are confronted with: How to support the extended & connected enterprise with brilliant services without taking too many too big risks.

Blog

Take strong authentication into your own hands

It was just a couple of months ago that trend-watcher The Next Web announced that Google Chrome had overtaken Microsoft’s Internet Explorer as the Web’s most used browser, a position that IE had held since, well, way back in the last century. So it’s unfortunate that just last week it was revealed (yet again) that Chrome is not very protective of stored passwords. According to a story in the UK’s Telegraph newspaper, a security flaw in Google's Chrome browser allows anyone with access to a user's computer to see all of their stored passwords directly from the settings panel. Software...

Blog

Information Rights Management: Microsoft gives it a new push – just in time to succeed

Information Rights Management is the discipline within Information Security and IAM (Identity and Access Management) that allows protecting information right at the source: The single file. Files are encrypted and permissions for using the files are directly applied to the encrypted and packaged file. This allows protection of documents across their entire lifecycle: At rest, in motion, and in use. Other Information Security technologies might only protect files at rest. Classical file server security can enforce access rights. However, once a user has access, he can do with that file...

Blog

BMC: Reaching the next level - moving from IT to Business Service Management

Some days ago I had a briefing with BMC Software on their new MyIT offering. MyIT is a self-service approach that enables end users to request services. It focuses on the user experience and tries to close the gap between the IT-centric view of services and the view business users have. This aligns well with two areas of KuppingerCole research: One is the Future IT Paradigm by KuppingerCole, our definition of how we expect and recommend that IT organizations change in order to be able to deal with the changes in IT itself – the change from on-premise IT to hybrid models and an increasing...

Blog

Microsoft Surface RT: My experience

I’m aware that this is a somewhat tangential post, as there is no relationship to our KuppingerCole topic of Mobile Security, but clearly it fits into the theme of the Computing Troika, i.e. the changes in Business and IT due to the impact of Cloud, Mobile, and Social Computing. However, the main purpose is to share some of my experiences with the Microsoft Surface RT I’ve been using for quite a while now. I just upgraded to the Windows 8.1 Preview, which is a significant step forward for a simple reason: It includes Microsoft Outlook and I do not need to rely on either the Outlook Web App...

Blog

What happened recently in Security?

When looking at the recent security news, there is one predominant theme: The NSA surveillance disclosure by Edward Snowden. There is some more news, but little “breaking news”. We might count the news about the SIM card flaw, however this seems to be less severe in reality than it was reported at first. I will not comment much on the NSA issue. Both Dave Kearns and me here and here have touched on this topic. There are a lot of political discussions going on, with some accusing others of not telling the (whole) truth about what they knew. Interestingly, here in Germany the opposition is...

Blog

Definitely for attribution

We had a lively webinar last week on “The Future of Authentication and Authorization”. If you missed, you can watch the replay. Essentially, what I was talking about was context aware Risk Based Access Control (RiskBAC). The  day after the webinar, I got involved in a very lively Twitter chat with a handful of the Identirati/Identorati (some spell it one way, some the other, but it’s the collective term for those in the  Identity business in one way or another) about attributes, Attribute Providers (APs), Identity Providers (IdPs) and Relying Parties (RPs). So how are these related?...

Executive View

Executive View: F5 Mobile App Manager - 70802

There are various approaches to tackle the BYOD challenge, from MDM (Mobile Device Management) to specialized, secure apps - for instance for email - virtualization approaches on mobile devices, and network security. However, despite the vendor promises there is no single solution that addresses all the challenges of Mobile Security Management. F5, a leading provider of what they call “Application Delivery Networking”, builds on a combined approach. The product named F5 Mobile App Manager (MAM) is a Cloud-based offering for mobile application and access management. F5 MAM...

Webcast

The Future of Authentication and Authorization

KuppingerCole Webinar recording

Blog

Access Intelligence: Evolution or Revolution?

Access Intelligence, sometimes also called Identity and Access Intelligence (IAI), is one of the hype topics in the Identity and Access Management (IAM) market. Some vendors try to position this as an entirely new market segment, while others understand this as part of Access Governance (or Identity and Access Governance, IAG). The first question is what defines IAI. From my perspective there are two major capabilities required to call a feature IAI: It must use advanced analytical techniques that allow for a flexible combination and analysis of complex, large sets of data. It must...

Executive View

Executive View: Joyent Cloud Services – Security and Assurance - 70636

Joyent offers a range of cloud services that are built on technology that Joyent has engineered rather than on generic virtualization technology. This is claimed to provide greater flexibility, resilience, and performance for cloud customers and their applications. This executive view provides an overview of these services focused on their security and assurance aspects.

Advisory Note

Advisory Note: Rating Methodology for Products and Vendors - 70555

KuppingerCole as an analyst company regularly does evaluations of products and vendors. The results are, amongst other types of publications and services, published in the KuppingerCole Product Reports and KuppingerCole Vendor Reports...

Blog

GEICO prepares to take IAM to new levels

GEICO the third-largest private passenger auto insurer, serving more that 12 million private passenger customers, have selected the Open Identity Stack from ForgeRock to help them take IAM to the next level. The ForgeRock Open Identity Stack is a 100 percent open source identity stack to secure applications and services across clouds, SaaS, mobile, and enterprise systems. GEICO intends to use the stack to support the building of an online customer portal while providing a secure and modern experience for their customers. So what is the important thing to notice in this? Well firstly the...

Blog

How to mitigate risks of industrial espionage in Cloud Computing

Last week I did a webinar concerning the recent news about secret/intelligence services such as the NSA and their activities, e.g. PRISM and others. This is not really news, but the broad and intense public discussion about this is new. In that context, many organizations have raised the question of whether they can still rely on Cloud Computing or whether they would be better off stopping their Cloud initiatives. Businesses raise this question especially as regards the risk of industrial espionage in cloud space – something that is not proven, but appears to be a risk from the perspective...

Blog

Passwords: Identity’s last mile

At last week’s fourth annual Cloud Identity Summit (founded and curated by Ping Identity) people were still buzzing about the hornets’ nest we had stirred up a year earlier at the third summit when we baldly proclaimed “SAML is dead”. SAML, the Security Assertion Markup Language, is part and parcel of the Ping Identity federation products. For the last twelve months I’ve been inundated with examples (many from Ping employees) of how SAML is still being implemented today. Of course, as I noted at the time, the presentation was called “The Future of Authentication” and the context of the...

Blog

Fusion Engines

One of my favorite movies released in 2012 was Cloud Atlas. This is not necessarily an easy movie to watch or explain. That is not the point I bring it up. In one of the films many timelines, there is a post-apocalyptic setting where civilization is very primitive. In this primitive civilization, the two main groups are an islands main inhabitants—goat herders—and “Prescients” that are very advanced and seemingly from a different planet. Twice a year the goat herders and the prescients meet to barter and exchange information. The goat herders are extremely curious about the prescients...

Executive View

Executive View: CloudSigma – Security and Assurance - 70637

CloudSigma is a pure IaaS provider and the CloudSigma platform is built on the Linux KVM hypervisor. The CloudSigma platform provides a number of interesting features including persistent storage for each VM, disk encryption by default, and automatic redundancy and failover. This executive view provides an overview of the CloudSigma platform focused on its security and assurance aspects...

Webcast

PRISM: Wie schütze ich mein Unternehmen wirksam vor Wirtschaftsspionage?

KuppingerCole Webinar recording

Executive View

Executive View: McAfee One Time Password - 70748

In April 2013 McAfee announced the addition of several products addressing Identity and Access Management to its Security Connected portfolio. The products that were previously developed and sold by Intel include McAfee Cloud Single Sign On and McAfee One Time Password. In addition to the products McAfee also introduced the new McAfee Identity Centre of Expertise, which is staffed with experts in identity and cloud security. That service will assist users with support pertaining to identity and access management issues, such as architecture requirements and best practices...

Blog

RSA acquires Aveksa: Will they redefine the IAM/IAG market?

Today RSA Security, a part of EMC [officially it’s “RSA, The Security Division of EMC”], has officially announced the acquisition of Aveksa, a company based in Waltham, MA. The deal closed on July 1st, 2013. Aveksa is a leading provider in the area of Identity and Access Governance (IAG), as depicted in our KuppingerCole Leadership Compass on Access Governance. Aveksa will continue to operate under the current leadership of its CEO Vick Viren Vaishnavi and will be part of the RSA Identity Trust Management business. Aveksa currently has approximately 175 employees. One might ask why RSA did...

Webinar

Sep 26, 2013: Authorization as a Calculated Risk

Access to corporate information often is based on binary, either/or propositions, without the context of an access request being taken into account. The level of assurance that the requesting person is who she claims to be is not determined, missing the opportunity of establishing a metric for the level of security of the connection. In the first part of this webinar, KuppingerCole Senior Analyst Dave Kearns, along with guests from Nok-Nok Labs and Certivox, will show you how going beyond passwords to a risk- and context-based authentication and authorization would help you to reach the...

Webcast

Cloud Assurance & Cloud Risk Awareness in the Light of PRISM

KuppingerCole Webinar recording

Executive View

Executive View: Salesforce Platform as a Service – Security and Assurance - 70751

Salesforce.com is best known as the provider of a cloud based CRM system.  Salesforce also provides a platform which can be used to develop and deploy cloud based applications.  This executive view provides an overview of this platform focused on the security and assurance aspects...

Blog

Do you need an Identity Officer?

I recently saw a query from a major international consumer goods company headquartered in Europe asking “…we have a Privacy Officer, but we are also looking into the possibility for an Identity Officer, someone who is knowledgeable about SSO, identity and so forth. Unfortunately we are fairly new to the entire identity sphere.” It was an interesting question, so I started a dialog with my colleagues at KuppingerCole to see if we could come to some agreement about the need for such a position. Martin Kuppinger voiced the thought many of us had when he said “Yet another ‘Chief whatever...

Blog

Oracle and Salesforce.com announce partnership

Oracle and Saleforce.com CEOs, Larry Ellison and Marc Benioff, hosted a briefing call on June 27th to announce a partnership between these two highly successful companies.  What does this partnership cover and what does it mean? Salesforce.com is built on Oracle technology and so Salesforce is very dependent upon Oracle.  Marc Benioff confirmed that Salesforce has confidence in the latest releases from Oracle including Oracle 12C database, Oracle Linux and Oracle Exadata.  Larry Ellison announced that this partnership will ensure that there will be out of the box integration of...

Executive View

Executive View: Intel Expressway API Manager - 70642

With the Expressway API Manager, Intel is attempting to define a new category of platform. It refers to this new platform as a “Composite Platform” designed to expose APIs to business partners and internal or external developers. The Expressway API Manager platform has a strong set of API management capabilities including developer on-boarding and lifecycle management, integration, routing, data protection, mobile-middleware, and security. The platform consists of an on-premise gateway and SaaS developer portal. Both components are available directly from Intel. The SaaS...

Blog

What happened recently in Security?

The big topic clearly is what Edward Snowden unveiled: The PRISM program and some other nation-state activities on the Internet. In fact, this did not really come as a surprise. There have been discussions and rumors about such activities (and others) for many, many years. Maybe it helps driving forward risk- and information-centric security concepts and end-to-end-security instead of investing in point solutions. I will cover that topic in another blog post soon. Facebook again struggles with privacy However, besides PRISM etc. there have been various other security-related incidents and...

Executive View

Executive View: HP Virtual Private Cloud – Security and Assurance- 70739

The HP Virtual Private Cloud Service offering from HP Enterprise Services is one of the members of the HP Converged Cloud Strategy within the HP Managed Cloud Service Offering family.  This provides everything needed to run applications and to access them securely over a network.  This executive view provides an overview of these services focused on their security and assurance aspects...

Webinar

Jul 09, 2013: PRISM: Wie schütze ich mein Unternehmen wirksam vor Wirtschaftsspionage?

Das organisierte und systematische Ausspionieren von Privatpersonen und Unternehmen durch staatliche Einrichtungen ist zwar nicht neu und keineswegs auf US-Einrichtungen beschränkt. Aber es ist durch die jüngsten Enthüllungen in Zusammenhang mit dem PRISM Projekt der US-Sicherheitsbehörde NSA einmal mehr in unser Bewußtsein gerückt, dass wir durch solche Übergriffe verwundbarer geworden sind und der anrichtbare Schaden nicht selten existenzbedrohliche Ausmaße annimmt. In diesem Webinar gibt Ihnen KuppingerCole Gründer Martin Kuppinger Empfehlungen, wie Sie Ihre wirklichen Gefahren erkennen...

Webcast

European Identity & Cloud Awards 2013: Lifetime Achievement Award

This year, the “Lifetime Achievement” award has been presented again, and this time it went to Kim Cameron, who has greatly contributed to the Identity Management field with his “Seven Laws of Identity” and who continues to shape the IAM field with new ideas.

Webinar

Jul 23, 2013: The Future of Authentication and Authorization

Clearly, there is a trend towards approaches for strong, simple, and flexible authentication, beyond passwords. However, just talking about multi-factor authentication and password vaults is not sufficient. What organizations should evaluate are versatile authentication and, as the next and logical step, context- and risk-based authentication and authorization. That is the real trend. In this webinar, KuppingerCole Senior Analyst Dave Kearns will talk about the bigger picture on the future of authentication and authorization.

Blog

What do you mean by that?

One of my favorite passages from Lewis Carroll is the dialog in "Through the Looking Glass" between Alice and Humpty Dumpty: "There's glory for you!" "I don't know what you mean by 'glory,' " Alice said. Humpty Dumpty smiled contemptuously. "Of course you don't — till I tell you. I meant 'there's a nice knock-down argument for you!' " "But 'glory' doesn't mean 'a nice knock-down argument,' " Alice objected. "When I use a word," Humpty Dumpty said, in rather a scornful tone, "it means just what I choose it to mean — neither more nor less." "The question is," said Alice, "whether you can...

Webinar

Jul 03, 2013: Cloud Assurance & Cloud Risk Awareness in the Light of PRISM

With the recent unveiling of systematic and large scale espionage activities conducted by US government agencies, the level of trust into cloud services run and controlled by 3rd parties has reached a new low. Google, Facebook, Skype, Apple, Verizon and many other service providers did open their databases to NSA and enabled them to search your mails and documents for information considered as valuable in whatever context. In this webinar, KuppingerCole´s Senior Analyst Mike Small will give you an introduction on how to identify the key assurance challenges of the different kinds of Cloud...

Executive View

Executive View: Amazon Web Services – Security and Assurance - 70779

Amazon Web Services (AWS) provides computing infrastructure that enables organizations to obtain computing power, storage, and other on-demand services in the cloud.  This executive view provides an overview of these services focused on their security and assurance aspects...

Executive View

Executive View: IBM Security Intelligence with Big Data - 70743

Detecting and managing covert attacks on IT systems is becoming a serious problem.  Cyber criminals are using increasingly sophisticated techniques to infiltrate organizational IT systems to commit crimes including data theft, denial of service and blackmail.  IBM Security Intelligence with Big Data is a set of products and services that are intended to respond to these challenges. 

Blog

Is the cloud really a "honeypot" for PRISM?

Revelations in the last week around PRISM have shocked many and it is forcing many of us to re-evaluate our position towards providers of cloud services. I don't really believe that it comes as a shock to anyone, that various US Agencies have the ability, nor do I believe that anyone could have doubted that they are actively using that ability to intercept internet traffic and scan it for threats to National Security. What I find shocking is the possible extent of the monitoring and the way it has been done. To me at least an important question has to be asked in the wake of these...

Executive View

Executive View: Omada Identity Management Suite - 70783

Omada, a Danish vendor started as supplier of advanced Identity and Access Management capabilities in year 2000. Today Omada has, in addition to its IAM capabilities, established itself as a vendor for IAG (Identity and Access Governance), providing compliance, overview and control across multiple platforms. The company has grown through the last decade from providing IAM solutions through Microsoft’s FIM Synchronization Engine for customers primarily with a Microsoft and/or SAP infrastructure to where they are today, supporting role management, flexible workflow processes,...

Webcast

Marcel van Galen - Qiy Foundation´s Infrastructure

Session at the European Identity & Cloud Conference 2013

May 16, 2013 17:00

Webcast

James Baker, William Lovegrove - Architecture and functionality of the "EIC App"

Session at the European Identity & Cloud Conference 2013

May 16, 2013 16:30

Webcast

Panel Discussion - From Risk to Value: The Future of Social Media and their Role as Catalysts in Enterprise IAM

Session at the European Identity & Cloud Conference 2013

May 16, 2013 15:30

Webcast

Nadya Onishchenko - Secure Communication Ecosystem as Part of the Life Management Infrastructure

Session at the European Identity & Cloud Conference 2013

May 16, 2013 15:00

Webcast

Mario Hoffmann - Roadmap to Life Management Platforms

Session at the European Identity & Cloud Conference 2013

May 16, 2013 14:30

Webcast

Mike Small - Top Ten Tips for Negotiating and Assuring Cloud Services

Session at the European Identity & Cloud Conference 2013

May 16, 2013 17:00

Webcast

Mark Evans - The Reason why RLB Moved to the Cloud

Session at the European Identity & Cloud Conference 2013

May 16, 2013 15:30

Webcast

Nikita Reva - Fast Tracking your Risk Strategy for the Cloud

Session at the European Identity & Cloud Conference 2013

May 16, 2013 15:00

Webcast

Wolfgang Schmidt - Compliance in Hybrid Clouds: Integrated Process Management Despite Regulatory Requirements?

Session at the European Identity & Cloud Conference 2013

May 16, 2013 14:30

Webcast

Dr. Karsten Kinast, LL.M. - Big Data – Small Privacy?

Session at the European Identity & Cloud Conference 2013

May 16, 2013 12:00

Webcast

Martin Kuppinger - Big Data done right: Smart Data. Why the API Economy and Life Management Platforms will drive Big Data to the next Level

Session at the European Identity & Cloud Conference 2013

May 16, 2013 11:00

Webcast

Prof. Dr. Sachar Paulus, Mike Small - Big Data: the Need, the Opportunities

Session at the European Identity & Cloud Conference 2013

May 16, 2013 10:30

Webcast

Mike Small - Information Stewardship: What does it mean for Big Data?

Session at the European Identity & Cloud Conference 2013

May 16, 2013 11:30

Webcast

Quo Vadis SAP?

KuppingerCole Webinar recording

Webcast

Marcel van Galen - Qiy Independent Trust Framework

Session at the European Identity & Cloud Conference 2013

May 15, 2013 15:30

Webcast

Jörg Heuer - The Wallet and Life Management

Session at the European Identity & Cloud Conference 2013

May 15, 2013 15:00

Webcast

OASIS Panel - ID Protocols: Out with the Old and in with the New?

Session at the European Identity & Cloud Conference 2013

May 15, 2013 14:00

Webcast

Panel Discussion - Next Generation Cloud and Mobile Identity Management

Session at the European Identity & Cloud Conference 2013

May 15, 2013 10:30

Webcast

Panel Discussion - EU´s General Data Protection Regulation: 10 uneasy Truths for any Business

Session at the European Identity & Cloud Conference 2013

May 15, 2013 11:30

Webcast

Panel Discussion - Access Risk Management: Continuously Identifiying and Tracking Access Risks

Session at the European Identity & Cloud Conference 2013

May 15, 2013 17:00

Webcast

Daniel Frei - Risk-based Access Management @Swiss Re

Session at the European Identity & Cloud Conference 2013

May 15, 2013 15:30

Webcast

Panel Discussion - Access Intelligence: The New Standard Feature of Access Governance?

Session at the European Identity & Cloud Conference 2013

May 15, 2013 15:00

Webcast

Ulrich Haumann - IAM Governance Outside IT

Session at the European Identity & Cloud Conference 2013

May 15, 2013 14:30

Webcast

Dr. Carsten Mielke - A Success Story Introducing User Access Management for an Energy Trading Company

Session at the European Identity & Cloud Conference 2013

May 15, 2013 14:00

Webcast

Panel Discussion - Access Governance: How to Govern all Access

Session at the European Identity & Cloud Conference 2013

May 15, 2013 12:00

Webcast

Martin Kuppinger - Redefining Access Governance: Going well beyond Recertification

Session at the European Identity & Cloud Conference 2013

May 15, 2013 11:30

Blog

IBM acquires SoftLayer

On June 24th, IBM announced that it is to acquire SoftLayer Technologies Inc. and at the same time announced the formation of a new Cloud Services division. Following the close of this acquisition the new division will combine SoftLayer with IBM SmartCloud into a global platform. So what is special about SoftLayer, why is this important and what does it mean? SoftLayer Technologies Inc., which was founded in 2005, has over 100,000 devices under management which makes it one of the largest privately held computing infrastructure providers in the world.  SoftLayer has redefined the delivery...

Webcast

Prof. Dr. Sachar Paulus - Software Integrity and Active Defense: The Future of Information Security

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Prof. Dr. Kai Rannenberg - Can “App” Phones Help Users to Manage their Identity and Privacy?

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Ralf Knöringer - ONE Identity – Heaven or Hell? Do we need more than one “ME”?

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Peter Boyle - If Your Customers Don´t Feel Safe, They Will Leave You

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

European Identity & Cloud Awards 2013

The European Identity Awards honor projects that promote the awareness for and business value of professional Identity Management and Cloud Security.

May 15, 2013 at Munich, Germany

Webcast

Craig Burton - Life Management Platforms Evolution

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Marcel van Galen - Life Management Platforms: Examples, Prototypes, Best Practices

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Doc Searls - The Internet of Me and My Things

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Dr. Karsten Kinast, LL.M. - Post-Privacy: Yet to come or has it already arrived?

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Prof. Dr. Reinhard Posch - European Cloud Partnership: Shaping a Competitive Strategy

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Jonathan Cogley - Don’t Let Password Mismanagement Land Your Company in News Headlines

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Peter Weierich - Consumer IAM: Business Drivers and Challenges

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Dr. Laurent Liscia - You can Shelve your Big Data Startup Plans if you don´t have Privacy Covered: A Standards Perspective

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Kim Cameron - Tackling the Identity Explosion: Getting a grip on Customers and Partners

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Dr. Wojciech Wiewiórowski - Personal Data Protection and eID: Bringing two Reforms of EU Legislation to a Common Denominator

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Hila Meller - The Day After Tomorrow: Security Challenges of the Future

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Philip Lieberman - Securing Privileged Identities in the Real World: A Proposed Maturity Model of Competence and Capabilities

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Blog

The evidence is growing, passwords are dead

Whenever I talk about passwords these days, or rather the need to end the use of passwords, I really feel I should call myself Cassandra. In Greek mythology, Cassandra was the daughter of King Priam and Queen Hecuba of Troy. Her beauty caused Apollo to grant her the gift of prophecy. When Cassandra refused Apollo's attempted seduction, he placed a curse on her so that her predictions and those of all her descendants would not be believed. In the understanding of some modernists, Cassandra’s prophecies were flawed and incapable of coming true. But to the ancients (and in the sense I use it)...

Webcast

Alessandro Musumeci - Moving to the Cloud to Improve Customer Experience: Lessons Learnt

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Karl Markgraf - Compliance Driven Identity & Access Governance

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Pamela Dingle - Analog Identity

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Jackson Shaw - Mortality & Morbidity Findings for Identity Management

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Panel Discussion - The Future of IAM

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Martin Kuppinger - EIC 2013 Opening Keynote

Keynote at the European Identity & Cloud Conference 2013

May 14-17, 2013 at Munich, Germany

Webcast

Craig Burton - Life Management Platforms

Recorded during the European Identity & Cloud Conference 2013

Press Release

Analyst Company KuppingerCole releases new Reports

Wiesbaden, May 28, 2013 – Like in previous years KuppingerCole announced a variety of new Advisory Notes during KuppingerCole’s European Identity & Cloud Conference 2013, which took place in Munich/Germany. Besides various Reports about the winners of the European Identity & Cloud Award which have been given during a festive ceremony at EIC 2013, KuppingerCole also publishes the following Reports.

Press Release

Analystengruppe KuppingerCole veröffentlicht neue Reports

Wiesbaden, 28. Mai 2013 – Wie in den letzten Jahren hat KuppingerCole im Rahmen der jährlich stattfindenden European Identity & Cloud Conference 2013 eine Vielzahl neuer Reports vorgestellt. Hierzu gehören unter anderem beschreibende Reports zu den herausragenden Projekten, die im Rahmen einer feierlichen Zeremonie der EIC 2013 mit einem European Identity & Cloud Award ausgezeichnet wurden.

Press Release

Analystengruppe KuppingerCole veröffentlicht Advisory Note "Maturity Level Matrixes for Identity and Access Management/Governance"

Wiesbaden, 24. Mai 2013 – KuppingerCole bietet fortan einen standardisierten Ansatz zur Beurteilung des Reifegrades der implementierten IT Lösungen. Dies bezieht sich sowohl auf die Business- wie auch auf die IT-Perspektive und bietet fokussierte Hilfestellung bei der Entscheidung über zukünftige IT-Ausgaben.

Press Release

KuppingerCole just published the advisory note "Maturity Level Matrixes for Identity and Access Management/Governance"

Wiesbaden, May 24, 2013 – KuppingerCole offers a standard approach on rating the status of current IT programs from both the Business and IT perspective and providing focused advice for further IT spending. 

Blog

The Cloud Blossoms in Europe

A recent report commission by CA Technologies Inc. looks at the growth of the use of cloud services and the evolving attitudes to the security of these.  This report shows some interesting findings:  For instance:  Europe is catching up with the US, with “38% of the European respondents using cloud for two to three years.” As compared with “55% of the companies in the US have been in the cloud for three or more years”.  This finding is confirmed by the recent announcement by salesforce.com that they have signed an agreement to establish European data centre in the UK in 2014.  According...

Executive View

European Identity & Cloud Award 2013: EVRY AS - 70777

KuppingerCole has bestowed the KuppingerCole European Identity Awards since 2008 in recognition of excellent projects in the area of Identity and Access Management (IAM), GRC (Governance, Risk Management, and Compliance), and Cloud Security. This report gives a brief overview of the project performed at EVRY ASA, a leading IT system integrator and service provider based in Norway. The BIFROST Cloud Security platform provides a complete service offering in the IAM/IAG (Identity and Access Management/Governance) space. It covers four areas of security: Access Management, Identity...

Press Release

KuppingerCole introduced CIO GPS

Wiesbaden, May 22, 2013  – During the Opening Keynote at KuppingerCole’s European Identity & Cloud Conference 2013, which took place in Munich last week, Martin Kuppinger introduced KuppingerCole’s CIO GPS (GPS stands for Governance/Privacy and Data Protection/Security). The CIO GPS shows the nine areas CIOs should focus on for IT Spend Optimization, Business IT/Alignment, and Strategic Procurement, when looking at GRC (Governance, Risk Management, Compliance) and Information Security and provides orientation for CIOs and their teams on finding their way through...

Press Release

Neu eingeführtes Programm CIO GPS

Wiesbaden, 22. Mai 2013  – In der Opening Keynote der von KuppingerCole veranstalteten European Identity & Cloud Conference 2013, die letzte Woche in München stattfand, stellte Firmengründer und Principal Analyst des Analystenhauses Martin Kuppinger deren neu eingeführtes Programm CIO GPS (GPS steht für Governance/Privatsphäre und Datenschutz/Schutz) vor. Das CIO GPS definiert und zeigt die neun Bereiche, auf die das Augenmerk der CIOS gerichtet sein sollte, wenn es um die Optimierung von IT Ausgaben, Business/IT Alignment und strategische...

Executive View

Executive View: McAfee Cloud Single Sign On - 70746

In April 2013 McAfee announced the addition of Identity and Access Management solutions to its Security Connected portfolio. The products that were previously developed and sold by Intel include McAfee Cloud Single Sign On and McAfee One Time Password. In addition to the products McAfee also introduced the new McAfee Identity Center of Expertise, staffed with experts in identity and cloud security. That free service will assist users with support pertaining to identity and access management issues, such as architecture requirements and best practices...

Blog

Passwords, Authentication’s Zombies

Another European Identity (and Cloud) Conference has come and gone, and once again it was an exciting week with packed session rooms, and excellent attendance at the evening events. I’m not sure we can continue to call it the “European” Id Conference, though, as I met folks from Australia, New Zealand, Japan, South Africa and all over north and south America. And lots of Europeans, also, I should note. Nor were the attendees content to sit back and soak it all in. At least in the sessions I conducted there was a great deal of give and take between the audience and the speakers and...

Executive View

Executive View: Beta Systems Garancy Access Intelligence Manager - 70784

Mit dem Garancy Access Intelligence Manager hat die Beta Systems AG eine neue, spezialisierte Lösung für die Analyse von Zugriffsberechtigungen auf den Markt gebracht. Wie der Produktname schon sagt, handelt es sich um eine Lösung für „Access Intelligence“, einen Teilbereich von IAG (Identity and Access Governance). Access Governance-Lösungen bieten üblicherweise bereits integrierte Reporting-Funktionen, um die gesammelten Informationen über Zugriffsberechtigungen in Zielsystemen analysieren zu können. Gleiches gilt auch für Identity...

Press Release

European Identity & Cloud Awards 2013

Wiesbaden, May 16, 2013 – The European Identity & Cloud Awards 2013 were presented last night by the analyst group KuppingerCole at the seventh European Identity & Cloud Conference. This award is honoring outstanding projects and initiatives in Identity & Access Management (IAM), Governance, Risk Management and Compliance (GRC), and Cloud Security.

Press Release

European Identity & Cloud Awards 2013

Wiesbaden, 16. Mai 2013 – Gestern abend verlieh die Analystengruppe KuppingerCole im Rahmen der siebten European Identity & Cloud Conference (EIC) in unterschiedlichen Kategorien den European Identity & Cloud Award 2013. Dieser Award zeichnet herausragende Projekte und Initiativen in den Bereichen Identity & Access Management (IAM), GRC (Governance, Risk Management and Compliance) und Cloud Security aus.

Press Release

KuppingerCole’s Identity & Cloud Conference (EIC) 2013 begann gestern in München

Wiesbaden, 15. Mai 2013 - Gestern begann in München KuppingerCole’s Identity & Cloud Conference (EIC) 2013, die sich als Leitveranstaltung in den Themengebieten Identity & Access Management (IAM), Governance, Risk Management and Compliance (GRC) und Cloud Security in Europa und darüber hinaus entwickelt hat. Bereits zum siebten Mal vereint KuppingerCole so gut wie alle namenhaften Hersteller in diesen Themenbereiche, zahlreiche Anwender, Thought Leader, Visionäre und Analysten unter einem Dach.

Press Release

KuppingerCole's European Identity & Cloud Conference 2013 has opened yesterday in Munich, Germany

Wiesbaden, May 15, 2013 – KuppingerCole’s European Identity & Cloud Conference 2013, the Europe’s leading event for such topics as Identity and Access Management (IAM), Governance, Risk Management and Compliance (GRC), and Cloud Security, has opened yesterday in Munich, Germany. For the seventh time KuppingerCole has brought together most leading vendors, numerous end users, thought leaders, visionaries and analysts.

Executive View

European Identity & Cloud Award 2013: OAuth 2.0 - 70778

European Identity Award 2013 for „Best Innovation/New Standard in Information Security”: A new standard that rapidly gained momentum and plays a central role for future concepts of Identity Federation and Cloud Security.

Executive View

European Identity & Cloud Award 2013: Volkswagen Financial Services AG - 70775

Special Award 2013 for „Bridging the organizational gap between Business and IT”: A project that was far above average when it comes to Business/IT Alignment, by successfully setting up a framework of guidelines and policies plus the required organizational entities and rolling this out into a global organization.

Executive View

European Identity & Cloud Award 2013: Swiss Reinsurance Company Ltd - 70774

European Identity Award 2013 in category „Best Access Governance and Intelligence Project”: Holistic IAM/IAG approach following new architectural concepts and enabling Dynamic Authorization Management based on business rules.

Executive View

European Identity & Cloud Award 2013: Schindler Informatik AG - 70771

Special Award 2013 for „Rapid Re-Design and Re-Implementation of the Entire IAM”: Moving from a traditional, Active Directory-centric environment to full HR integration on a global scale and full support for automated provisioning, based on a clearly defined roadmap for further improvement.

Executive View

European Identity & Cloud Award 2013: Deutsche Bank AG - 70772

European Identity Award 2013 in category „Best Access Governance and Intelligence Project”: Implementing cross-divisional SoD rules on a global scale at business level, with full integration into the existing Access Governance solution.

Blog

European Identity & Cloud Awards 2013

The European Identity & Cloud Awards 2013 were presented tonight by the analyst group KuppingerCole at the seventh European Identity & Cloud Conference. This award is honoring outstanding projects and initiatives in Identity & Access Management (IAM), Governance, Risk Management and Compliance (GRC), and Cloud Security. Numerous projects have been nominated by vendors and end-user companies during the last 12 months. Winners have been chosen by KuppingerCole analysts among the most outstanding examples of applications and ideas in the areas of IAM, GRC, and Cloud security. Additionally,...

Press Release

New KuppingerCole Analysts

Wiesbaden, 14th May 2013 - Peter Cummings, a high-class Identity & Access Management Specialist, and Rob Newby, renowned as top-level expert for Governance, Risk Management and Compliance, have joined analyst company KuppingerCole as Senior Analysts.

Press Release

Peter Cummings und Rob Newby werden Analysten bei KuppingerCole

Wiesbaden, 14. Mai 2013 - Das Analystenteam KuppingerCole wird ab sofort von Peter Cummings, einem hochkarätigen Identity & Access Management Spezialist und Rob Newby, bekannt als Experte für Goverance, Risk Management und Compliance unterstützt. Beide werden als Senior Analysten für KuppingerCole tätig sein.

Advisory Note

Advisory Note: From Big Data to Smart Information - 70750

Big Data is characterized by three properties: there is now an enormous quantity of data which exists in a wide variety of forms and is being generated very quickly. However, the term “Big Data” is as much a reflection of the limitations of the current technology as it is a statement on the quantity, speed or variety of data. The term Big Data needs to be understood as data which has greater quantity, variety or speed than can be comfortably processed using the technology that you already have. Big Data comes from a number of sources both internal and external. Many...

Executive View

Executive View: Big Data and Information Stewardship - 70744

Big Data provides many opportunities to solve emerging business challenges and Big Data technologies can create business value. However Big Data also creates security challenges that need to be considered by organizations adopting or using Big Data techniques and technologies. This paper outlines the information security risks involved in Big Data and recommends the responses to these based on the concepts of information stewardship and information centric security...

Advisory Note

Advisory Note: Life Management Platforms: Control and Privacy for Personal Data - 70745

Turning the Internet upside down and making privacy a fundamental layer of any networked interaction in the post Google & Facebook era. How the individuals will gain control. How social networks will have to adapt their business models. How privacy will return...

Advisory Note

Advisory Note: Top Trends 2013-2014 IAM/IAG, Cloud, Privacy - 70782

As in the past years, KuppingerCole has worked out the Top Trends in IAM/IAG (Identity and Access Management/Governance), Cloud Computing, and Information Protection and Privacy. The most important trends are the massive increase in demand for support of the “Extended Enterprise” in IAM/IAG, the cloud stratification in various layers, increasing threats imposed by the rise of cybercrime, and the emergence of Life Management Platforms. In the following sections, we name the five top trends for each area...

Advisory Note

Advisory Note: Typical Risks and Pitfalls for IAM and IAG projects - 70749

Identity and Access Management (IAM) is a holistic approach to managing identities (both internal and external) and their access within an organisational framework. The key benefit to the business should be to enable people to do their jobs more effectively. If deployed correctly, IAM can help achieve this in a multitude of different ways for different departments and roles within them; internal staff and external partners and customers. However, this also makes it a complex issue which touches every part of the organization in different ways. Knowing the structure of an IAM programme...

Blog

Another dead body in IT? Or is XACML still alive?

Since my colleague Craig Burton has declared that SAML is dead, it seems to be in vogue among analysts to take the role of the public medical officer and to diagnose the death of standards or even IAM (Identity and Access Management) in general. Admittedly, the latter case was not about diagnosing the death but proposing to kill IAM, but that does not change much. The newest in this series of dead bodies is XACML, according to another Industry Analyst. So we are surrounded by dead corpses now, or maybe by living zombies. But is that really true? My colleague Craig Burton titled his blog –...

Advisory Note

Advisory Note: Selecting your cloud provider - 70742

The ready availability of cloud services has made it easy for employees and associates to obtain and use these services without consideration of the potential impact on the organization. Therefore, in order to ensure good governance over the use of cloud services, it is imperative that organizations create and communicate a policy for their acquisition and use. This should be supported by a simple, fast and reliable risk based process for cloud service procurement and complemented by providing appropriate training employees and associates. When acquiring a cloud service it is important...

Advisory Note

Advisory Note: Maturity Level Matrixes for Identity and Access - 70738

Most large organizations and a significant number of medium-sized organizations have heavily invested in IAM (Identity and Access Management) and IAG (Identity and Access Governance) during the past few years. Some projects went well; others did not deliver as expected. But even organizations that run successful IAM/IAG projects are challenged by new evolutions, such as the increasing relevance of the “Computing Troika” of Cloud Computing, Mobile Computing, and Social Computing and continually increasing regulatory pressure...

Webcast

The Common Credentials Dilemma - How to Get a Grip on Password Sprawl for Privileged Accounts

KuppingerCole Webinar recording

Blog

When three As are better than four

For years we’ve spoken about the 4 “A”s of identity & security - Administration, Authentication, Authorization, and Audit, but maybe it’s time to drop an “A”. Maybe it’s time to speak of “Access Control” which encompasses Authentication (sometimes referred to as “AuthN”) and Authorization (referred to as “authZ”). In many instances authorization is binary and tied directly to authentication – if a person is authenticated, then they get access to a resource. The authorization is tied only to the authenticated entity. Consider building security, for example – swipe your proximity card...

Press Release

KuppingerCole’s European Identity and Cloud Conference 2013

Wiesbaden, 06. Mai 2013  - Vom 14. bis 17. Mai 2013 findet in München die englischsprachige European Identity and Cloud Conference (EIC) 2013 statt. Zum 7. Mal öffnet KuppingerCole die Türen für mehr als 550 Teilnehmer aus über 20 Ländern. Im Ausstellungsbereich der Veranstaltung sind alle wichtigen Anbieter in den Themenbereichen Identity & Access Governance, Cloud Computing und GRC vertreten. Durch eine Liste hochkarätiger Sprecher und einen einzigartigen Mix aus Best Practices Präsentationen, Podiumsdiskussionen, Thought...

Webinar

May 10, 2013: The Common Credentials Dilemma – how to get a grip on password sprawl for privileged accounts

A lot of organizations still have not mitigated one of the most severe IT security risks: Password sprawl for privileged accounts. Privileged accounts are accounts that have elevated privileges. They can be both personal, such as business users with high-level privileges, and shared, such as administrator, dba, or root – not to speak of all the admin accounts of network equipment etc. Unfortunately, a large portion of accounts with highly elevated privileges is shared. To manage these accounts, to avoid password sprawl, and to in consequence mitigate risks, both guidelines and technologies...

Blog

The FIDO Alliance – game changer for Internet Security?

Last week, Google announced that it has joined the FIDO Alliance. FIDO stands for Fast Identity Online. The alliance was formed in July 2012. The mission is to change the nature of online authentication by providing interoperability among strong authentication devices. The alliance is working on specifications for an open, scalable, interoperable set of mechanisms that allow secure authentication of users to online services without the need for passwords for each of these services. It wishes to become a standard that allows using both existing and future strong authentication devices (those...

Product Report

Product Report: Beta Systems Software AG SAM Enterprise Identity Manager - 70274

SAM Enterprise Identity Manager from Beta Systems Software AG (Beta Systems) belongs to the category of enterprise provisioning systems with integrated access governance functions. Its core function is to reconcile identity information among different access control systems based on defined processes and connectors in a structured, automated and traceable manner. It also supports common provisioning features such as the implementation of workflows for request and approval procedures, user self service, delegated administration and password management. The solution further provides auditing...

Product Report

Product Report: Microsoft FIM 2010 R2 - 70106

In 1999 Microsoft entered the Identity and Access Management space with the introduction of Active Directory in Windows NT and the purchase of Zoomit Via which was renamed to Microsoft Metadirectory Server (MMS). MMS was eventually retired and Microsoft re-wrote the system from ground up and named it Microsoft Identity Integration Server 2003 (MIIS) with one of the major changes being the support of the .NET framework. In 2007 MIIS was combined with the Certificate Lifecycle Manager (CLM) component which manages X.509 certificated and smart cards, the combined products was called Microsoft...

Webcast

Benutzer- und Berechtigungsmanagement für den Mittelstand leicht gemacht

KuppingerCole Webinar recording

Blog

Smarter Security Spending

On Thursday, I was moderating a panel discussion at infosecurity Europe (InfoSec), the leading UK security fair, which hosts a program of keynotes and panel discussions. My panel was titled “Smarter security spending: Optimising spend without exposing the business”. Panelists were Dragan Pendić, Chief Security Architect, Global Information Management and Security, at Diageo; Michelle Tolmay, Security Officer, ASOS; Cal Judge, Information Security Head, Oxfam; and Graham McKay, CISO, DC Thomson. We had a very interesting, well-attended session with some interesting questions during the Q+A...

Blog

What happened recently in Security?

The number one issue in the past weeks is the LivingSocial hack, where attackers reportedly have stolen massive amounts of personal data, including names, eMail addresses, birthdates, and encrypted passwords. LivingSocial has confirmed an attack, but not the reported number of 50 million stolen data sets – which would be the vast majority of all LivingSocial users. However, there still is relatively little information about the details. It is still unclear whether all non-Asian accounts are actually affected. (LivingSocial holds the Asian accounts on another server.) It is not publicly...

Product Report

Product Report: Qiy Independent Trust Framework - 70640

The ongoing trend of IT consumerization driven by growing adoption of mobile, social and cloud computing has made a profound impact on our society. It has brought many new challenges for both consumers and businesses, which are now struggling to adapt to the new demands for storing, sharing, and processing sensitive digital information and to comply with increasingly harsh privacy-related regulations. An emerging revolutionary trend that is turning the Internet upside down and making privacy a fundamental layer of any network interaction is the Life Management Platform. Life Management...

Executive View

Executive View: ServiceMesh Agility Platform - 70639

ServiceMesh is a company out of Santa Monica, CA that fields a platform in the category of Enterprise Cloud Management, and places a heavy emphasis on policy-based cloud governance. This is a relatively new category and in particular the focus on “Enterprise Cloud Governance” needs some explaining. KuppingerCole agrees with the interpretation ServiceMesh uses for Governance in the classic sense of IT Governance. IT Governance is the discipline of focusing on IT systems and their performance and risk management. Much of the increased interest in IT Governance is attributed to...

Vendor Report

Vendor Report: Atos DirX - 70741

Atos is one of the largest IT Service Providers worldwide, with more than 70.000 employees and global reach. Following the acquisition of Siemens IT Solutions and Services (SIS), the company changed its name from Atos Origin to just Atos. The company is listed on the Paris Stock Exchange. This vendor report focuses on a specific part of the Atos portfolio, the DirX products. These are part of the Systems Integration division at Atos and within that division grouped into the solution area Identity, Security and Risk Management. While Atos primarily acts as solution provider with a set of...

Webcast

Bridging (the gap between) Access Governance and Privileged User Management… and they lived happily ever after!

KuppingerCole Webinar recording

Blog

More Consolidation for the API Economy

CA Technologies acquires Layer 7, MuleSoft acquires Programmable Web, 3Scale gets funding It is clear that the API Economy is kicking into gear in a big way. Last week, Intel announced its acquisition of Mashery, this week, CA Technologies announced its acquisition of Layer7 , MuleSoft announced its acquisition of ProgrammableWeb and 3Scale closed a round of funding for 4.2M. Money is flooding into the API Economy as the importance of APIs only heightens. Expect this trend to continue. The upside of this flurry of activity is the focus being given to the API Economy. But here is my...

Blog

More Unsmart Infrastructures

In my last post I mentionned the motor driven door locks I have at my home. A frequent question I get from friends visiting me is, wether that doorlock system, which works with pincodes, RFID, remote conrols and over the Internet, is connected to the KNX/EIB bus system I also have in my house to control lights, shutters, air circulation, music and some other features. And the answer is no. Because, no joke, EICB/KNX, which seems to be the most spread "standard" for home automation, does not provide any security feature. no encryption, no authenication. If you get access to the 2 wires of a...

Blog

Unsmart Infrastructures

My colleague Martin Kuppinger recently (and quite a while ago) has posted some critical articles on smart infrastructures in his blog.Yes, security is a big issue there. However, it is not only about security in these more or (in most cases) less smart infrastructures. It is also about making these infrastructures work at all and, last but not least feasible for a large audience. In my home, which is a so called passive house (well insulated, large, south bound windows for passive solar heating, saving 98.5% of heating energy compared to a standard building...) I have a smart meter. I have...

Blog

Consumers, credentials and context

Larry Ponemon, of the Ponemon Institute, is well known for excellent surveys about technology issues. And Larry didn’t disappoint when he recently released “Moving Beyond Passwords: Consumer Attitudes on Online Authentication, A Study of US, UK and German Consumers” (warning: pdf file). In summary, the report of the survey concludes: “The majority of consumers would use a multi-purpose identity credential to verify who they are before providing secure access to data, systems and physical locations. Banking institutions are considered the best for online validation and strong...

Blog

Intel Announces Mashery Acquisition

From partnership to acquisition Let there be no confusion. Intel is a hardware company. It makes microchips. This is its core business. History shows that companies do best when they stick to their roots. There are exceptions. At the same time, Intel has always dabbled in software at some level. Mostly in products that support the chip architecture. Compilers, development tools and debuggers. From time to time, however, Intel ventures into the software business with more serious intentions. Back in 1991, Intel acquired LAN Systems in attempt to get more serious into the LAN utility...

Blog

The Dark Side of Cloud Computing

When things go bad, it goes really bad At KuppingerCole we use Office365 extensively to manage our documents and keep track of document development and distribution. On April 9, 2013, Microsoft released a normal sized Tuesday update to Windows and Office products. The only thing is, this time the update completely broke the functionality of Office 365 and Office 2013. Trying to open a document stored in SharePoint would result in a recursive dialogue box asking for you to authenticate to the SharePoint server. Same thing would happen when trying to upload a document. Excel and PowerPoint...

Blog

When are technologies really disruptive?

A few days ago I read an article about “disruptive technologies” in the (glossy) customer magazine of a large system integrator. The article mentioned technologies such as Big Data, Cloud Computing, or Mobile Computing. But are these technologies really disruptive? The definition of “disruptive innovation” in Wikipedia is as follows: A disruptive innovation is an innovation that helps create a new market and value network, and eventually goes on to disrupt an existing market and value network (over a few years or decades), displacing an earlier technology. The term is used in business and...

Blog

Another Case for IDMaaS

Identity Management is a universal problem When I pay my electric bill I usually just call the power company and give them my credit card. This month I decided that I should go set up auto payments on the web site and be done with it. So I opened the power company web site and attempted to login. Clearly the site recognized me, the login name I usually use was being recognized, but I just could not remember my password. I tried all of the normal passwords I use and none of them were working. So I attempted to retrieve my password, it gave me an option of having the password reset sent to...

Blog

Kill the heating – how smart infrastructures will not work at all

This week, I read an article (in German) about a severe security bug in heating systems provided by Vaillant, one of the larger manufacturers in that space. The issue was found in so called “nano block heating systems” that are made for detached houses and duplex houses. The entities have an IP-Interface that allows both the service technicians of the vendor and the owner of the heating system to remotely manage the device. However, a security bug allows pretty much anyone to easily access, in clear text, the passwords of the owner, the technician (expert), and even the developer. In other...

Webcast

Rapidly Evolving Identity & Access Management to Meet Today´s B2C & Cloud Challenges

KuppingerCole Webinar recording

Whitepaper

Whitepaper: Information Classification: Information Stewardship in Practice - 70740

Information stewardship uses good governance techniques to implement information centric security for all of your data. Information Stewardship involves the business as well as the IT services group. It creates a culture where the people in the organization understand the sensitivity of information and the ways in which this information can be put at risk. A key concept within Information stewardship is that it “ creates a culture where the people in the organization understand the sensitivity of information ”. Such culture in consequence means that people feel responsible...

Webinar

Apr 23, 2013: Bridging (the gap between) Access Governance and Privileged User Management … and they lived happily ever after!

Access Governance (modeling a desired state, then detecting and remediating risks deriving from any deviation from such a model) and Privileged User Management (controlling the activity of the SysAdmins, operating at the system level) have been historically taught as a single mantra within Identity Management lectures, but ultimately treated as different technologies and implementation projects.

Webcast

European Identity & Cloud Conference 2013 Preview

KuppingerCole Webinar recording

Blog

Just the fact(or)s, ma’am

2FA, it’s an abbreviation (word? acronym?) I see a lot these days. But it’s not, as I first thought, teenage texting slang (“OMG, that’s 2FA!”) for “too freakin’ amazing”. No, it’s a shortened version of “two factor authentication” which has been a hot topic and buzzword since Google announced it (although they call it “two step verification”) after the now infamous case of hacking which struck Wired magazine’s Mat Honan (see “The Honan Hack and the BYOI meme”) last summer. Suddenly everyone is writing about 2FA. Of course, they rarely mention that two weak factors can be worse than one...

Advisory Note

Advisory Note: Privilege Management - 70736

Privilege Management - which, in the KuppingerCole nomenclature, also is called PxM for Privileged Access/Account/Identity/User Management- is the term used for technologies which help to audit and limit elevated rights and what can be done with shared accounts. During the last few years, PxM has become increasingly popular. Some vendors have enhanced their offerings significantly, while acquisitions have also led to vendors providing broader offerings, moving from niche players to market leaders. The reason for that growth is the increasing demand in the market. PxM is on its way out...

Blog

What happened recently in Security?

During the past few days, there have been at least two notable events in security. One was the attack on South Korean banks and TV networks. The other was the “Spamhaus incident”. I will talk about these two more in detail further down that post. Besides that, it was interesting to observe that iOS and OS X seem to become increasingly the malware targets of choice.That is not surprising, however, since there are masses of iOS and OS X devices out there. Thus, the platform is far more attractive than in the past. Combined with the fact that Apple’s patch policy still is not convincing, this...

Blog

Do we really want an unsecured connected vehicle?

I read an interesting article about the future of vehicles and their connectivity in the Geo magazine, sort of the German counterpart to the National Geographic magazine. The article was quite interesting; however, I did not find anything about security. This is not a new experience: most of the articles and discussions about the concept of connected vehicles and their integration into the smart grid (plus all the discussions about smart grids and smart infrastructures) still are security-agnostic. Do we really want to drive unsecured connected vehicles? Do we really want to live in a...

Blog

Information Stewardship and BYOD news for you

Two documents crossed my desk this week – a survey and a “planning guide” – which fit nicely with two recent papers from KuppingerCole, illustrating a need and (unknowingly) confirming our conclusions. The first is about the current buzzword acronym BYOD (for “Bring Your Own Device”) which my colleague Martin Kuppinger just released an advisory note about (“today it’s almost exclusively mobile devices - smartphones, tablets, ‘phablets,’ etc. - that are referred to with BYOD: a focus that is too narrow...”) but which appears to be with us at least for the near term.  The new piece is a...

Blog

How to license Identity and Access Management software?

Recently I had some conversations with both vendors and customers about licensing models for IAM (Identity and Access Management) software. Historically, most licensing models were (and still are) based on the number of users, typically “named” users (rather than “concurrent” users). License models based on the number of concurrent users are rather unusual for IAM. Nowadays, I observe some shift towards models that are based on the number of connections or even processor-based. The number of connections is a metric that shows up in federation products, where the connection typically is...

Webcast

Extending Data Governance Beyond the Database

KuppingerCole Webinar recording

Press Release

Neuer KuppingerCole Leadership Compass Access Governance: Wer sind die Marktführer im Access Governance-Markt?

Wiesbaden, 21. März 2013  - Überblick und Entscheidungshilfe zugleich: Der KuppingerCole Leadership Compass bietet einen umfassenden Überblick der am Markt verfügbaren Anbieter von Access Governance Lösungen. Access Governance gehört zu den am schnellsten wachsenden Marktsegmenten des IAM-Marktes (Identity and Access Management). Während es noch vor wenigen Jahren lediglich eine Handvoll Anbieter in diesem Bereich gab, bieten dieser Tage fast 20 Hersteller Software-Produkte für Access Governance an.

Webinar

Apr 26, 2013: Benutzer- und Berechtigungsmanagement für den Mittelstand leicht gemacht

Das Benutzer- und Berechtigungsmanagement ist ein Thema für Unternehmen jeder Größenordnung. Während große Unternehmen meist schon seit längerer Zeit den Schritt hin zu einer zentralen Infrastruktur für IAM (Identity and Access Management) gemacht haben, ist die Situation im Mittelstand häufig noch durch das Fehlen einer Gesamtlösung geprägt. Systeme wie das Active Directory, SAP, Produktionssysteme und andere wichtige Business-Systeme werden unabhängig voneinander verwaltet. Das Risiko für die Informationen ist entsprechend hoch – gerade auch für das geistige Eigentum, das Firmenwissen,...

Webcast

Protecting Information in an Unstructured World

KuppingerCole Webinar recording

Blog

Looking at vendors from various angles – KuppingerCole Leadership Compass

Having published our second KuppingerCole Leadership Compass (on Access Governance) some ten days ago – with many others in the pipeline – I want to look at a blog post Michael Rasmussen, a former Forrester analyst and now an independent GRC expert, published in October 2012. I do not want to comment on the Gartner Magic Quadrant and MarketScope or the Forrester Wave. I also do not fully share the opinion of Michael Rasmussen on these. His major complaint is that documents like the ones mentioned tend to be too mono-dimensional for the needs of the customer. From my perspective, there is a...

Blog

What happened recently in Security?

When looking through the security related news of the past two weeks, there is very little that is surprising. Again, the usual topics such as discussions about whom to accuse of cyber-attacks and about newly found attack vectors have led to a series of news articles. There also have been ongoing discussions around privacy. However, as I have said and stated in my previous security blog post: Most topics remain the same. Some weeks it is about routers, this time reports about security weaknesses in connected HP printers and some other routers (TP-Link) spread the news. However, there have...

Blog

The Façade Proxy

Securing BYOD With the rapidly emerging cloud-mobile-social Troika coupled with the API Economy, there are so many questions about how to design systems that can allow application access to internal information and resources via APIs that will not compromise the integrity of enterprise assets. And on the other hand, how do we prevent inappropriate personal information from propagating inappropriately as personal data stores and information is processed and accessed? Indeed, I have read so many articles lately that predict utter catastrophe from the inevitable smart phone and tablet...

Advisory Note

Advisory Note: BYOD - Bring Your Own Device - 71003

Bring Your Own Device (or “BYOD” for short) may seem like the latest hype, but in fact it isn’t really all that new. Employees have been bringing their smartphones or iPads to work for quite some time now, mostly with their employers’ explicit (or at least implicit) consent. And ever since, IT departments have been worrying about losing control and how to halt the spread of privately owned mobile devices. You could even argue that BYOD started back in the early days of the PC, when the first “own” devices came into play and when IT departments started...

Webcast

SAP Identity Management und GRC: Miteinander statt nebeneinander!

KuppingerCole Webinar recording

Webinar

Apr 09, 2013: European Identity & Cloud Conference 2013 Preview

The European Identity & Cloud Conference (EIC) 2013 once again will be Europe´s most important event exploring the future of information technology. Join us in this webinar for a compehensive preview on this year´s key topics and speakers.

Webinar

Apr 16, 2013: Rapidly Evolving Identity & Access Management to Meet Today´s B2C & Cloud Challenges

The world of Identity and Access Management is growing in scope, and must change and adapt faster than ever before. CIOs are under pressure to shift from employee-centric IAM to consumer-facing IAM that drives top-line revenue. As a result, they are quickly learning that legacy enterprise IAM solutions are not designed to solve today´s web challenges (enterprise, cloud, social, mobile).

Webcast

European Identity & Cloud Conference 2013 - Agenda Preview

KuppingerCole Webinar recording

Blog

The future of healthcare

Recently the Massachusetts Institute of Technology (MIT) held a conference on the “Future of Health and Wellness.” One of the major takeaways from the conference (according to CIO magazine) was “6 Innovations That Will Change Healthcare.” These are: Reality Mining: Using Data to Influence Healthy Behavior Social Networking: For Best Results, Group Like-Minded People Usability: Give Users Something Familiar Home Care: Make It Easy, Involve Everyone Emotion Sensors: For the Willing, Anything Can Be Monitored Wellness Counseling: Sometimes, People Like Talking to Computers That’s...

Webcast

BYOD, Social Networking, Cloud - sicher und kalkulierbar

KuppingerCole Webinar recording

Leadership Compass

Leadership Compass: Access Governance - 70735

Access Governance is as of now the fastest growing market segment in the broader IAM (Identity and Access Management) market. Some vendors also use the term IAG (Identity and Access Governance). Another recent term is Access Intelligence (or Identity and Access Intelligence). While a few vendors try to establish this as a new market segment, we understand enhanced analytical capabilities just as an important feature within Access Governance. Few years ago, there have been only a handful of vendors in the Access Governance market. The large players acquired some vendors, others entered...

Blog

CeBIT – Shareconomy without connectivity?

Yesterday I spent a day at the CeBIT fair, still the world’s largest IT fair. Besides the many interesting meetings I had previously scheduled, I started thinking about the CeBIT “Leitthema” – their “claim of the year”. This year it has been “Shareconomy”. I still do not know what this term shall mean. There is some fuzzy description at the CeBIT homepage, but in contrast to topics like “Cloud” and “Managing Trust” in 2011 and 2012 respectively, Shareconomy – described as “sharing and using information, resources and experience based on new forms of collaboration” – is a very amorphous...

Blog

Why we need Dynamic Authorization Management

One of the topics I’ve been evangelizing for years is Dynamic Authorization Management. Dynamic Authorization Management is about externalizing authorization decisions outside of applications. It is about using an “application security infrastructure” which performs the authorization decisions (and manages other aspects of security like authentication, the administration of users etc.). It is about relying on security services instead of implementing security in every application. Dynamic Authorization Management is often associated with XACML (eXtensible Access Control Markup Language)....

Blog

What happened recently in Security?

When I’ve started writing this series of blog posts recently I thought that I will have sufficient material for a weekly post. However, when looking consequently at the security news of various sources it becomes obvious that there are a few recurring topics: New (and old) waves of attacks and new and old types of malware New exploits – the target of choice differs, the topic always remains the same Discussions about privacy Vendors with inappropriate security patch policies Yes, sometimes there are interesting announcements from vendors. However, besides the new big data approaches...

Blog

Do we need to kill IAM to save it?

Last week I received a newsletter from Radiant Logic, a vendor of Virtual Directory Services and some other IAM stuff like Federation Services. This newsletter pointed to a video of a presentation of Gartner analyst Ian Glazer titled “Killing Identity Management in Order to Save it,” which had been published on February 7th, 2013. In this video he spends a lot of time talking about some topics like IAM is too static and typically HR driven IAM is not focused on providing services and integrating with business applications IAM is based on LDAP (and CSV) and other hierarchical...

Product Report

Product Report: Layer 7 Technologies - 70627

The emerging API Economy is presenting significant challenges to all industry participants. When coupled with the Computing Troika—Cloud, Mobile, and Social computing—the API Economy is bringing about change in strategy requirements that have not ever been presented to organizations before. For example, the sheer number and nature if personas and identities and the need to give access to internal information and resources is very significant. The API Ecosystem is made of the rapidly evolving elements of The API Economy that organizations need to understand and integrate in...

Blog

Pervasive and ubiquitous identity

I read a lot. Mostly about identity, security, the cloud and other tech topics, but because I’m a writer I’m also interested in the tools of the trade. That’s why, every week without fail, I read the World Wide Words newsletter. Through it, I find out about words such as this past week’s “nidicolous” (“If your offspring are proving recalcitrant or obstreperous you may like to hurl the epithet nidicolous at them. It will be accurate and tantalisingly unclear; it might even provoke them to crack open a dictionary to discover whether you’re insulting them.”) No, I won’t tell you. Go to the web...

Executive View

Executive View: Cloud standards and advice jungle - 70641

Cloud computing is one of three dimensions in which organizations are moving towards an economy based upon the interconnection IT services. This idea is described in KuppingerCole Advisory Note 70532 “The Open API Economy”. This success of this economy and hence of cloud computing depends on the availability clearly defined interfaces; standards have a key role to play in achieving this. Cloud services are built using a technical architecture that may include both proprietary and standard protocols and interfaces. Many of these standard protocols and interfaces are already...

Whitepaper

Whitepaper: Using Information Stewardship within Government to Protect PII - 71002

Loss and theft of Personally Identifiable Information (PII) from government, military and defense organizations continues to be a significant problem. Given the amount of attention to this area and the wealth of standards and technology available – why do these leaks still occur? This document considers the sources of leakage and describes how better information stewardship based on information centric security is essential to manage these risks.  According to the National Institute for Standards and Technology (NIST), examples of PII include, but are not limited to: Name,...

Blog

This Week in Security

OK, in fact this is about the last few weeks in security this time – but in future it will be most time about looking back at the previous week. The permanent threats: Chinese hackers, Anonymous,… Not a single week goes by without news about attacks from various groups. This includes Chinese hackers that are alleged to have attacked the Wall Street Journal or Anonymous that claimed that they have successfully attacked the US Federal Reserve. In the latter incident, it took four days from the announcement by Anonymous until the official statement of the US Federal Reserve. An additional...

Blog

How to Make an API

Introduction Making an API is hard. It is also a tough question. A small company out of England has figured out how to let anyone make an API with just: Dropbox A Spreadsheet A Datownia SaaS account Datownia One of the activities I practice to keep up with what is happening in the world of APIs is to subscribe to the ProgrammableWeb’s newsletter. Every week the newsletter contains the latest APIs that have been added to the rapidly increasing list. While I seldom can get through the whole list, I inevitably find one or two new APIs that are really interesting. Recently I ran into one...

Webinar

Mar 21, 2013: Extending Data Governance Beyond the Database

Traditionally, enterprise data governance started within your database management system by establishing the appropriate access control and auditing policies to prevent unauthorized access and demonstrate those controls. Now a new generation of database security solutions allow organizations to extend database security policies beyond the database management system and across the enterprise.

Webinar

Mar 07, 2013: BYOD, Social Networking, Cloud - sicher und kalkulierbar

Die Einbindung mobiler Endgeräte, seien Sie im Eigentum des Mitarbeiters oder des Unternehmens, die Nutzung von Social Media im Unternehmen und der vielfältige Einsatz von Cloud-Anwendungen - all dies ist Alltag geworden und stellt IT-Professionals in den Unternehmen jeden Tag vor neue Herausforderungen.

Blog

Cloud: hope for the best but plan for the worst

The past couple of weeks must have been an anxious time for the customers of the outsourcing service run by 2e2 which went into administration on January 29th.  This impacted on a range of organizations including hospitals. The good news today is that the Daisy Group plc. has been appointed to manage the 2e2 Data Centre business.  Organizations are now almost totally dependent on their IT services to operate. It is tempting to think that outsourcing the service absolves you of any responsibility.  This is not the case; an organization using a cloud service is still responsible for the...

Blog

Protecting who you are

At last week’s Kaspersky Labs Analyst Summit, Chief Marketing Officer Alexander Erofeev said that for 2013 the phrase “protecting who you are” would be the theme for the company. This made me pause and think about “who you are” means. Of course, as an Identity Management analyst my first thought was that it was identity, and identity attributes, that Erofeev was talking about. But further reflection (and the rest of his presentation) led me to understand that it’s really Information Stewardship that the company is leaning towards – even if they don’t use the term. For the corporate entity,...

Webinar

Jun 06, 2013: Quo Vadis SAP?

Martin Kuppinger and Craig Burton will discuss about how the "Computing Troika" Cloud, Mobile and Social Computing will necessarily influence SAP´s products and Services strategies.

Webinar

Mar 12, 2013: European Identity & Cloud Conference 2013 - Agenda Preview

The European Identity & Cloud Conference (EIC) 2013 once again will be Europe´s most important event exploring the future of information technology. Join us in this webinar for a compehensive preview on this year´s Agenda and speakers.

Webinar

Mar 15, 2013: SAP Identity Management und GRC: Miteinander statt nebeneinander!

In diesem Webinar beschreibt KuppingerCole Principal Analyst Martin Kuppinger unterschiedliche Architekturkonzepte, verfügbare Produkte und deren mögliche Rolle in IAM / GRC-Gesamtlösungen im SAP-Umfeld. Richtig gemacht, können Unternehmen durch einen integrativen Ansatz für IAM und GRC ihre Audit-Anforderungen besser erfüllen, schlankere Prozesse realisieren, die Arbeitslast für Fachbereiche reduzieren und eine schlankere und damit günstigere IT-Infrastruktur für IAM und GRC umsetzen.

Webinar

Mar 19, 2013: Protecting Information in an Unstructured World

Join KuppingerCole Senior Analyst Mike Small and TITUS CTO Steph Charbonneau in this Webinar to learn the Major causes of information loss and leakage and how to avoid them by bringing structure to Information through Information Stewardship.

Executive View

Snapshot: Oracle Audit Vault and Database Firewall - 70631

Oracle Audit Vault and Database Firewall is a new offering combining and enhancing two existing products: Oracle Audit Vault and Oracle Database Firewall. The product monitors Oracle databases and databases from other vendors. On the one hand it can detect and block threats while on the other hand it consolidates audit data not only from the database firewall component but also from the databases themselves and from other sources like operating system log files, application logs, etc...

Blog

Top Ten Tips for Negotiating and Assuring Cloud Services

KuppingerCole research confirms that “security, privacy and compliance issues are the major inhibitors preventing organizations from moving to a private cloud.”  Our report on Cloud Provider Assurance provides information in depth on how to manage these issues.  Here is a summary of our top ten tips on negotiating and assuring cloud services. Consistent IT governance is critical: The cloud is just an alternative way of obtaining IT services and, for most organizations; it will be only one component of the overall complex IT service infrastructure.  IT Governance provides a way to manage,...

Blog

This Week in Security

Chinese hackers, US newspapers This week, several US newspapers, including The New York Times and Wall Street Journal, have reported that they have experienced cyber-attacks related to their coverage of China. In the case of The Times, corporate passwords for every employee had been stolen. Chinese officials called allegations that the Chinese Government commissioned these attacks “unprofessional and baseless”. However, it is not likely that Chinese hackers caused these incidents without at least tacit government approval. In fact, this appears to be sort of a sideshow to the bigger,...

Webcast

Rethinking Identity and Access Governance in a World of Change and Complexity

KuppingerCole Webinar recording

Executive View

Snapshot: Vormetric Data Security - 70634

Vormetric provides a family of data security products—The Vormetric Data Security platform—that protects data across a variety of operating systems, databases, applications and storage architectures. Vormetric provides data security solutions that meet the requirements of the ever growing regulatory environment around sensitive data. The Vormetric platform objectives are to provide highly secure encryption and key management, access policies, and security intelligence with the minimum amount of complexity, performance impact, and administrative overhead. Vormetric...

Blog

Passwords redux

Over 25 years ago I started in the networked computer field worrying about authentication, usernames and passwords. And despite all the weeping and wailing about passwords in the intervening years, I still spend an inordinate amount of time thinking, writing and speaking about them. Just last week, Oracle’s Mike Neuenschwander (formerly with The Burton Group) organized a lively tweet chat on authentication issues (search Twitter for #authchat to see what’s left of the thread) which showed surprising agreement about the future of passwords for authentication. The week before, Google had...

Executive View

Snapshot: IBM InfoSphere Guardium V 9.0 - 70632

IBM InfoSphere Guardium V9.0 is a new release of the IBM database security product. However, in its new release it extends real-time database monitoring beyond databases to other data stores, including data warehouses, big data environments, and file shares. IBM InfoSphere Guardium takes a big step forward from database protection towards data protection. IBM managed this balancing act well with the new release, further extending its strength in the database security market segment and enhancing this to new information management systems This potentially imposes the risk of ending up...

Blog

Yubico – will Google bring the breakthrough?

Recently a story about Google hit the news, according to an article in Wired, “Google declares war on the password”. Google wants to integrate this into the browser. Their approach is based on the idea of using a USB key or a NFC (Near Field Communication) device to log into applications. Currently, Google uses a YubiKey, developed by Yubico. This brought my attention back to Yubico. Some months ago, I had a conversation with their CEO Stina Ehrensvärd. She unveiled some of the new devices Yubico is working on, including their YubiKey NEO, which supports both NFC and USB, and their YubiKey...

Blog

Cloud Computing and Standards

Introduction The three biggest trends impacting computing today are what I call the Computing Troika. Cloud Computing, Mobile Computing and Social Computing. There is a fourth trend that is on par with each of the Troika movements. The API Economy. Finally there is the question of the role of standards in these trends. First, here is my definition of Cloud Computing—and its opposite—Non-cloud Computing. Cloud Computing Cloud Computing involves offering network computing services with the following three characteristics: IT Virtualization Multi-tenancy Service re-usability IT...

Blog

Data Breaches during 2012 demonstrate the need for better information stewardship

Was 2012 a big year for IT security breaches? Whilst I don’t have quantitative information on exactly how many data breaches there were during 2012.  However, during this period, there were many prosecutions, enforcement notices and monetary penalties issued by the ICO (UK Information Commissioner's Office).  These included a record monetary penalty of £325,000 for a hospital in the UK where discs containing patient data were sold on the internet , a penalty of £150,000 for Greater Manchester Police where an officer lost an memory stick with unencrypted information relating to more than...

Webcast

European Identity & Cloud Conference 2013 Preview

KuppingerCole Webinar recording

Executive View

Snapshot: Thycotic Secret Server - 70633

Thycotic Software is one of the vendors in the emerging Privilege Management market. Their core product is called Secret Server and supports managing secrets, especially, but not limited to, administrative and service account passwords. In contrast to other vendors in that segment, Thycotic as of now focuses not on delivering a complete Privilege Management infrastructure covering all use cases in that space but focuses on the core area of managing passwords. Secret Server is a web application which can be accessed by different users in multiple ways to request passwords for a multitude...

Blog

The buzz for 2013

Last time out, I ended by saying “Next time we’ll take a look at two ideas that, hopefully, will be the talk of 2013.” I lied. Depending on how you look at it, it’s either four ideas – or one idea. And there’s sure to be a buzzword/phrase/abbreviation/acronym or two coming about from it – or them. I do know that there are four concepts, known fairly well within the identity community, that need to coalesce to create a grand scheme which can be turned into a buzz phrase and picked up by the general media so let’s take a look and see how they’ll fit together. At the root of the grand idea...

Blog

Negotiating and Assuring Cloud Services

Adopting cloud computing means moving from “hands on” management of IT services within the organization to “hands off” IT management using governance, service level agreements and contracts. This approach sits uneasily with many IT people whose education, training and experience are in the delivery of services rather than negotiation and governance. Nevertheless the IT department is an important player in ensuring that an organization gets what it needs from the cloud.  IT Service and Security Management are key components of the KuppingerCole IT paradigm which identifies the important...

Executive View

Snapshot: GreenSQL Unified Database Security - 70588

GreenSQL Unified Database Security is an integrated database security solution for MySQL, PostgreSQL, Microsoft SQL Server and Microsoft Windows Azure SQL databases aimed at small and medium businesses. Depending on the license, GreenSQL offers different packages such as Database Security (in fact, a typical database firewall for preventing SQL injection and protecting from unauthorized access), Database Activity Monitoring (providing advanced auditing and alerts), Dynamic Data Masking (hiding personally identifiable information or other kinds of confidential data on the fly) or a complete...

Blog

Fast away the old year passes

Happy New Year everybody! I’m sure your in-boxes, RSS readers, Linked-in groups, Twitter feeds, magazines and other periodicals are all filled right now with predictions for IT in 2013. I’ll have a couple of those myself, but only as they relate to what were the hot buzz topics of 2012. Each year there are a couple of technologies, catch phrases, acronyms or abbreviations that catch the fancy of the non-technical press and become the “IT buzz words” of the year. Those of us in technology try to do our best to either explain what the buzz words really mean or throw up our hands and nod...

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]