News Archive

Blog

IBM Moves Security to the Next Level – on the Mainframe

In a recent press release, IBM announced that they are moving security to a new level, with “pervasively encrypted data, all the time at any scale”. That sounded cool and, after talks with IBM, I must admit that it is cool. However, it is “only” on their IBM Z mainframe system, specifically the IBM Z14. By massively increasing the encryption capabilities on the processor and through a system architecture that is designed from scratch to meet the highest security requirements, these systems can hold data encrypted at any time, with IBM claiming support of up to 12...

Executive View

Executive View: ForgeRock Identity Platform - 70296

ForgeRock Identity Platform delivers a common set of capabilities, as well as  good  integration for the various ForgeRock components. It provides a common layer  for identity and access management services that customers require when  building new consumer - facing business applications and services, including consumer and industrial IoT support, on their way to the Digital Transformation.

Executive View

Executive View: SecureAuth IdP - 71327

SecureAuth provides a strong, well-integrated set of identity management solutions covering Multi-Factor Authentication, Risk-based Adaptive Authentication, Single Sign-On, and User Self-Service.       

Blog

A Great Day for Information Security: Adobe Announces End-of-Life for Flash

Today, Adobe announced that Flash will go end-of-life. Without any doubt, this is great news from an Information Security perspective. Adobe Flash counted for a significant portion of the most severe exploits as, among others, F-Secure has analyzed. I also wrote about this topic back in 2012 in this blog. From my perspective, and as stated in my post from 2012, the biggest challenge hasn’t been the number of vulnerabilities as such, but the combination of vulnerabilities with the inability to fix them quickly and the lack a well-working patch management approach. With the shift to...

Webinar

Sep 28, 2017: Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture - Using ABAC for APIs and Microservices

In the Digital Transformation era, businesses must be more agile than ever to adapt to constantly changing technology and regulatory landscapes and to meet the newest customer-centric initiatives. Constantly bombarded with new business requirements, software development and DevOps teams are increasingly looking into new approaches to make their applications more flexible, scalable and easier to maintain and modernize. In recent years, service-oriented architectures and microservices in particular have become the preferred method for many developers to create modular and adaptable enterprise...

Blog

The Return of Authorization

Authorization is one of the key concepts and processes involved in security, both in the real world as well as the digital world.  Many formulations of the definition for authorization exist, and some are context dependent.  For IT security purposes, we’ll say authorization is the act of evaluating whether a person, process, or device is allowed to operate on or possess a specific resource, such as data, a program, a computing device, or a cyberphysical object (e.g., a door, a gate, etc.). The concept of authorization has evolved considerably over the last two...

Executive View

Executive View: Telekom Magenta Security - 70342

Unter der Bezeichnung Magenta Security werden alle Angebote für  Dienstleistungen und Managed Services des Telekom - Konzerns gebündelt. Magenta Security liefert ein sehr umfassendes Portfolio an Dienstleistungen und  zählt damit zu den ersten Adressen für Unternehmen, wenn es um die  Unterstützung und insbesondere Managed Services im Bereich  Informationssicherheit geht.

Executive View

Executive View: Gigya Identity Enterprise - 70299

Gigya provides a complete solution for  Consumer Identity and Access Management. Entirely cloud - based, Gigya delivers advanced consumer identity and marketing service  functionality for enterprise customers.

Webcast

Customer Identity Management (CIAM) - Building the Foundations for a Next-Level User Experience

Consumer identity and access management solutions have emerged in the recent years to meet evolving business requirements. CIAM is bringing value to the organizations regarding higher numbers of successful registrations, customer profiling, authentication variety, identity analytics, and marketing insights. Companies and public-sector organizations with deployed CIAM solutions can provide better digital experiences for and gather more information about the consumers who are using their services. If you want to be a leader in the digitally transformed business world, you need to know your...

Webinar

Sep 21, 2017: Unstructured Data – A Blind Spot for GDPR Compliance

While many (but not enough) organizations have finally begun preparing for GDPR compliance, there are still important steps to take. When in May 2018 the upcoming EU GDPR (General Data Protection Regulation) comes into force, the requirements for managing personal data will change.

Webinar

Sep 12, 2017: Consent Lifecycle Management: Consumer IAM’s Core Capability?

2018 is going to be a hell of a year for nearly every organization operating within the European Union. Not only the dreaded General Data Protection Regulation (GDPR) will finally take effect next May, introducing massive changes to the way companies will have to deal with personal information (not to mention hefty fines for violations), January 2018 also marks the implementation date of the revised Payment Service Directive (PSD2), which will break the banks’ monopoly on their customers’ account information.

Blog

GDPR vs. PSD2: Why the European Commission Must Eliminate Screen Scraping

The General Data Protection Regulation (GDPR) and Revised Payment Service Directive (PSD2) are two of the most important and most talked about technical legislative actions to arise in recent years.  Both emanate from the European Commission, and both are aimed at consumer protection. GDPR will bolster personal privacy for EU residents in a number of ways.  The GDPR definition of personally identifiable information (PII) includes attributes that were not previously construed as PII, such as account names and email addresses.  GDPR will require that data processors obtain...

Executive View

Executive View: Signicat - 72537

Signicat offers cloud-based services for secure access to applications, identity proofing, electronic signing, and long-time archiving of signed and sealed documents. Recently, their portfolio has been expanded to include a mobile authentication product to help customers meet PSD2 requirements.

Blog

PSD2 – the EBA’s Wise Decision to Reject Commission Amendments on Screen Scraping

In a response to the EC Commission, the EBA (European Banking Authority) rejected amendments on screen scraping in the PSD2 regulation (Revised Payment Services Directive) that had been pushed by several FInTechs. While it is still the Commission’s place to make the final decision, the statement of the EBA is clear. I fully support the position of the EBA: Screen scraping should be banned in future. In a “manifesto”, 72 FinTechs had responded to the PSD2 RTS (Regulatory Technical Standards), focusing on the ban of screen scraping or as they named it, “direct...

Executive View

Executive View: IdentityX® from Daon - 71312

Daon’s IdentityX® authentication platform is a universal mobile authentication framework that combines modern standard-based biometric technologies with broad support for legacy authentication systems to provide a flexible, frictionless and future-proof solution for managing risk, reducing fraud and securing critical infrastructures.

Leadership Brief

Leadership Brief: Cloud Provider Codes of Conduct and GDPR - 70276

Codes of Conduct  can help organizations choose between suppliers.   This report  compares two recently announced codes for cloud service providers and how  these relate to GDPR .

Webinar

Sep 14, 2017: Cognitive Technologies and the Future of Identity & Access Management

Like any other field of information technology, identity and access management has been rapidly evolving to meet new business challenges created by the Digital Transformation. As modern businesses are becoming increasingly open and interconnected, IAM solutions now need to cover not just employees, but customers, partners and smart IoT devices. They must be able to handle the growing complexity of managing and monitoring access to the company’s most valuable digital assets, regardless of their format, location or scale, while still maintaining compliance and protecting them from cyber risks.

Blog

At the Intersection of Identity and Marketing

Digital Transformation is driving a diverse set of business initiatives today, including advanced marketing techniques, creating new consumer services, acquiring better customer information, and even deploying new identity management solutions.  As organizations discover new and efficient methods for engaging customers, they often realize new and more profitable revenue streams. At the intersection of identity and marketing, we find Consumer Identity and Access Management (CIAM) systems.  CIAM is a relatively new but fast-growing area within the overall IAM market.  As the...

Executive View

Executive View: Nexis Controle 3.0 - 72535

Nexis Controle 3.0 setzt intelligente Analytics-Verfahren für Rollen und Identitäten um und legt damit die Grundlage für ein strategisches Lebenszyklusmanagement von Rollen, entweder als eigenständige Lösung oder als ergänzende Komponente zu bestehenden Identity- und Access Management-Infrastrukturen. Die bessere Einbindung von bestehendem Wissen im Unternehmen durch gezielte Workflow- und Interaktionsansätze stellt einen wichtigen Schritt hin zu einer nachhaltigen Enterprise Role Management- und Rezertifizierungsstrategie dar.

Leadership Compass

Leadership Compass: Identity as a Service: Cloud-based Provisioning, Access Governance and Federation (IDaaS B2E) - 70319

Leaders in innovation, product features, and market reach for Identity as a Service offerings targeting full Identity and Access Management and Governance capabilities for employees in hybrid environments, but also delivering Single Sign-On to the Cloud and providing support for other groups of users. Your compass for finding the right path in the market.

Executive View

Executive View: Nexis Controle 3.0 - 72535

Nexis Controle 3.0 implements intelligent role and identity analytics while laying the foundation for strategic role lifecycle management as either a stand-alone solution or as a companion component to existing Identity and Access Management infrastructures. The integration of corporate business expertise through targeted workflow and interaction approaches means a leap forward towards the implementation of sustainable Enterprise Role Management and recertification strategies.

Blog

PSD2: Strong Customer Authentication Done Right

The Revised Payment Services Directive (PSD2), an upcoming EC regulation, will have a massive impact on the Finance Industry. While the changes to the business are primarily based on the newly introduced TPPs (Third Party Providers), which can initiate payments and request access to account information, the rules for strong customer authentication (SCA) are tightened. The target is better protection for customers of financial online services. Aside from a couple of exemptions such as small transactions below 30 € and the use of non-supervised payment machines, e.g. in parking lots,...

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]