News Archive

Webinar

Nov 16, 2017: Revised Payment Service Directive: Understanding Its Technical Requirements for a Smooth and Secure Customer Experience

In less than 24 months, banks will have to comply with the Revised Payment Service Directive, commonly called "PSD2". The directive will introduce massive changes to the payments industry, removing the banks’ monopoly on their customer’s data. It will radically alter the user experience for customers of European banks by allowing third party payment service providers (TPP) to access their account information to provide various innovative financial services. But to achieve this, banks and TPPs must put the technical requirements in place in a secure way.

Webcast

Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture - Using ABAC for APIs and Microservices

As opposed to traditional monolithic applications, a (micro)service-based architecture comprises multiple loosely coupled modules (“services”) that serve specific business purposes and communicate over lightweight network protocols. Such services can be developed, deployed and scaled independently on different platforms, which greatly reduces the time needed to bring as new product to market and allows for continuous delivery development process, where small changes to the business logic of an individual service can be quickly introduced and deployed. However, when designing...

Webinar

Dec 12, 2017: Step-by-Step Guide to GDPR Compliance

With less than 250 days left till the dreaded EU General Data Protection Regulation (GDPR) comes into force, organizations around the world are feeling increasingly uneasy. Any company, both large and small, that wants to continue doing business in the European Union must comply with GDPR or face harsh penalties.

Executive View

Executive View: OpenIAM Identity and Access Management - 70337

OpenIAM provides a comprehensive suite for both Identity Management and Access Management, covering the full range from Identity Provisioning and Access Governance to Enterprise SSO, Cloud SSO, and Identity Federation. The product is based on a modern, well-thought-out software architecture and exposes its capabilities through a consistent API layer, which makes it an interesting option for organizations looking for an “identity platform”.

Blog

CIAM Vendor Gigya to be Acquired by SAP Hybris

This past weekend we learned that Gigya will be acquired by SAP Hybris.  California-based Gigya has been a top vendor in our CIAM Platforms Leadership Compass reports. Gigya offers a pure SaaS CIAM solution, and has one of the largest customer bases in the market.  SAP’s Identity solution was previously positioned more as an IDaaS for SAP customers for SAP use cases. What is most interesting is the pairing of Gigya with SAP Hybris.  Hybris is SAP’s marketing tools, analytics, and automation suite.  It already has a considerable customer base and big feature...

Webcast

The Crucial Role of Identity in Securing Industrial IoT

As more and more consumers, businesses, public sector companies and even whole countries are embracing the Digital Transformation, smart devices of all types are proliferating in all areas of our daily lives. It is safe to say, however, that, after the initial rush of making every device in the world smart and connected, the Internet of Things has already passed the peak of inflated expectations, with both vendors and users of the technology finally starting to care more about such things as interoperability and security. Although consumers have recently become somewhat disillusioned about...

Advisory Note

Advisory Note: KRIs and KPI for Access Governance - 72559

This report provides selected Key Risk Indicators (KRI) for the area of Access Governance. These indicators are easy to measure and provide organizations with a quick overview of the relevant risks and how these are changing. The indicators can be combined into a risk scorecard which then can be used in IT management and corporate management.

Blog

Microsoft Azure Confidential Computing – a Step Forward in Cloud Security

A few days ago, Microsoft announced Azure Confidential Computing. As the name implies, the technology is about adding a new layer of protection to cloud services, specifically Microsoft Azure, but also Windows 10 and Windows Server 2016 running in other public cloud infrastructures on specific hardware. The foundation for Azure Confidential Computing are so-called TEEs (Trusted Execution Environments). Such environments protect the code running in that environment and data used by the code from other parties’ access. Neither administrators, neither people having direct access to...

Executive View

Executive View: PlainID - 70358

PlainID offers an authorization solution that provides Policy Based Access Control (PBAC) for common on-premise, SaaS, and even homegrown applications. PlainID’s scalable technology enables customers to easily externalize authorization decisions from applications, achieving higher efficiencies, more fine-grained access controls, and improved security.

Webinar

Nov 09, 2017: Industrial Control Systems: Understanding the Access Risks and Security Challenges

For decades, Industrial Control Systems have evolved completely separately from traditional IT, with their own business drivers, requirements and regulations and proprietary hardware designs and network protocols. Needless to say, security from cyberattacks was never a priority for operational technology units responsible for managing those systems: after all, they weren’t even connected to office networks.

Webcast

Eve Maler - UMA deep dive - GDPR, PSD2 - pivot to CIAM

Presentation at the Kantara Workshop

Webcast

What is CIAM and why do we need it?

Panel discussion at the Kantara Workshop

Webcast

John Tolbert - The CIAM Solutions Market

KuppingerCole's Lead Analyst John Tolbert presents the findings from a recently published Leadership Compass on CIAM solutions

Webcast

Heather Flanagan - Consumer ID will Move GDP

Heather Flanagan talks about the confidence that is needed to accelerate the digital economy and now business and governments can work together toward that common goal of growing the economy.  Digital ID is how we get the confidence as a platform to grow the economy.

Webcast

Steve Tout - Risk Aware IAM for an Insecure World

In a world full of uncertainties and data breaches, Identity and Access Management (IAM) must deliver more than ever, faster than ever, for businesses to succeed at building trusted relationships and delighting customers at every interaction. With such large-scale breaches becoming commonplace, it is more important than ever to integrate threat intelligence insights proactively into authentication workflows. Risk aware IAM requires business processes to be enhanced by deeper integration with modern security solutions and automated within an organization’s security operations center...

Webcast

Unstructured Data – A Blind Spot for GDPR Compliance

GDPR will apply to all types of systems where personal data resides. That goes beyond traditional database, CRM or Identity Management systems: Emails, spreadsheets and text documents, PDFs and images, web pages and data collected from social media are only a few examples, and they are everywhere in the organization. All of this might and will contain PII (personally identifiable information), including systems like Microsoft Exchange, Office365, SharePoint, Skype, OneDrive, local folders or IMAP-accounts. Achieving compliance requires an adequate approach for data governance, but many...

Webcast

The New Role of IAM in the Age of Digital Transformation

Organizations are under pressure to change in the current age of Digital Transformation. One of the key differentiators of innovative digital business models and thus new revenue streams is the profoundly changed relationship to customers and consumers. Creating innovative consumer services, collecting and managing better customer information and even just optimizing the reach of everyday marketing activities – all this depends on the ability to manage consumer identities in a flexible, scalable and secure way. Finding the right balance between rigorous privacy regulations like...

Blog

Recapping CIW Seattle 2017

Last week we completed the opening dates on the Consumer Identity World Tour in Seattle.  To kick off the event, the Kantara Initiative held a one-day workshop to showcase the work that they do.  Kantara is an international standards organization which develops technical specifications promoting User Managed Access, Consent Receipt, Identities of Things, and Identity Relationship Management.  Kantara is also a Trust Framework Provider, approved by the US Federal Government´s Identity and Access Management (ICAM), which accredits Assessors and Approve CSPs at Levels...

Webcast

Colin Wallis - Programmatic Advertising Is Dead, Long Live Consumers! Really?

The truly awful practice of tracking through cookie matching may finally have found its nemesis in combined effects of ad blockers, new browsers, and the GDPR.  But there is still a big headwind to be navigated before we can say the job is done. What could be the role of industry consortia like Kantara to help bring about improved privacy - aware practices and education?  In this presentation, we overview the landscape and the forces for 'good'.

Webcast

Jason Rose - Getting to Know You: Building Deep Customer Relationships Gradually through Progressive Identity

Webcast

Phil Lam - It Takes a Village to Protect Your Customers Online

When large-scale breaches occur, they not only hurt the impacted service but also erode the trust our customers have in online commerce as a whole. Protecting our customers online can no longer be a siloed activity but need to be coordinated among service providers to ensure customers continue to transact with confidence online. The current market of consumer identity protection solutions are limited in scope and capability. Credit checks, insurance, concierge services when things go wrong only provide mechanisms to mitigate losses after an incident has occurred. A new set of innovative...

Webcast

Grad Conn - Marketing to the Future: A CMO’s Roadmap for Customer Experience Management

Webcast

Database Security: Protecting Your Company’s Core Competence in the Age of Digital Transformation

Relational databases are still the most widespread technology for storing and managing business-critical digital information. Manufacturing process parameters, sensitive financial transactions or confidential customer records - all this most valuable corporate data must be protected against compromises of their integrity and confidentiality without affecting their availability for business processes. The number of security risks databases are open to is also substantial, covering the information itself stored and processed in databases, underlying computing and network infrastructures, as...

Webcast

The User Experience Panel

The combination of Identity & Access Management and Customer Relationship Management continues to be a core element for any digital business. Because of all the different data sources, Customer Identity & Access Management (CIAM) needs to be secure, clear and user-friendly at the same time. This combination must be taken seriously to provide a smooth Customer Experience (CX) and to guarantee that every consumer can control the access of his personal information. This panel discusses what is important for good User Experience and how you can create it without getting trouble...

Webcast

How to Work Together in a Privacy Preserving Way to Mitigate Risks

Digital identity is central to all electronic transactions. Prevention of credential misuse is the first responsibility of identity management professionals today. Proper identity management includes identity vetting, issuance of credentials, risk-appropriate authentication and authorization, auditing, and more. Regulations such as GDPR also mandate that identity management systems must work to preserve the privacy of users. This session explores contemporary means of protecting identities to lower cyber risk while safeguarding the privacy of users.

Webcast

From Dumb Cookies to Informed Consent: Privacy-by-design as a Strategic Requirement

This panel includes a look at the GDPR requirements, with an emphasis on the business opportunities for creating closer customer relationships when moving to informed consent; including the ability to potentially convince customers of moving to non-freemium models and paying for better service. We also consider the impact on how the customer journey will change to gain consent for additional purposes.

Webcast

Christian Goy - The “Why” Behind Customer Journeys

People are notoriously unreliable witnesses to their own thoughts and motivations. However, the ability to design behavior-based solutions is the common denominator of every successful modern brand. Behavioral science is the way to navigate the chaos of choice and during this keynote we will share how to turn behavioral economic principle into practical brand and product success stories.

Webcast

Tim Maiorino - GDPR is coming, what is it and why does it affect me anyway?

As if Data Protection wasn't regulated to the bone already, Europe has come up with a new set of rules introducing a new level of regulation – in terms of detail, scope and in terms of applicability. The new rules have significant impact on how business are required to structure their internal processes, how they allocate responsibilities and – in general – how they focus on personal information.

Webcast

Ryan Fox - The Role of Financial Institutions in Providing Trusted Identities Beyond Banking

Keynote at the Consumer Identity World 2017 in Seattle, USA

Webcast

Christian Goy - Approaching Tomorrow Through a New Lens

We share how understanding the human mind and the principle of behavioral economics can alter the way we approach product ideas, new thinking and what the future might/could look like, let's say, for self-driving cars or smart cities.

Executive View

Executive View: iWelcome IDaaS and CIAM - 70298

iWelcome provides a complete solution for both Identity-as-a-Service and Consumer Identity and Access Management. As an EU-based company, iWelcome strives to help their customers with GDPR compliance, and as such as provides unparalleled consent management features.

Webcast

Cognitive Technologies and the Future of Identity & Access Management

Like any other field of information technology, identity and access management has been rapidly evolving to meet new business challenges created by the Digital Transformation. As modern businesses are becoming increasingly open and interconnected, IAM solutions now need to cover not just employees, but customers, partners and smart IoT devices. They must be able to handle the growing complexity of managing and monitoring access to the company’s most valuable digital assets, regardless of their format, location or scale, while still maintaining compliance and protecting them from...

Blog

Keep Calm and Carry on Implementing

The trouble with hypes is that they have an expiration date. From that date on they either need to be made real for some very good purposes within a reasonable timeframe, or they go bad. There have been quite a few hype topics around recently. But there have not been many single topics that have been covered by media at a frequency and from many different angles and with as many different focal areas as the Blockchain (or distributed ledgers in general). And most probably none of those articles failed to include the adjective "disruptive". There have been books, conferences, articles,...

Blog

Changes in the Scope of Investors for IAM

As a long-term observer of the IAM market, KuppingerCole finds it interesting to see the change in both the size of investments and the type of investors in this market. Just recently, ForgeRock announced an $88 million round in series D funding. This follows other major investments in IAM vendors such as Okta, Ping Identity, and SailPoint, to name a few. What is interesting with the recent funding for ForgeRock is that KKR appears on the list, one of the very big names amongst the investors. I found that particularly telling because it means that IAM is now on the radar of a different...

Executive View

Executive View: Omada Identity Suite - 70301

Omada Identity Suite is a solution for IGA (Identity Governance and Administration), supporting both Access Governance and Identity Provisioning. It provides, amongst many other features, strong automation of entitlement management and insight into access risks, altogether with a high degree of automation in application onboarding.

Executive View

Executive View: Beta Systems Garancy IAM Suite - 71530

Beta Systems Garancy IAM Suite combines the various modules for Identity and Access Management in the Beta Systems portfolio into one suite. The combined offering delivers a strong feature set with some outstanding capabilities such as the depth of application-specific connectors and role management capabilities.

Webcast

Consent Lifecycle Management: Consumer IAM’s Core Capability?

2018 is going to be a hell of a year for nearly every organization operating within the European Union. Not only the dreaded General Data Protection Regulation (GDPR) will finally take effect next May, introducing massive changes to the way companies will have to deal with personal information (not to mention hefty fines for violations), January 2018 also marks the implementation date of the revised Payment Service Directive (PSD2), which will break the banks’ monopoly on their customers’ account information. Consent Management fundamentally changes the relationship between...

Executive View

Executive View: TITUS Classification for Mobile - 71320

TITUS Classification for Mobile is a solution that not only supports classification of documents and email on both iOS and Android platforms, but also delivers a secure document storage on these devices. It integrates with a variety of other tools and services and is easy to use.


Executive View

Executive View: VeriClouds CredVerify™ - 72567

Securely authenticating users remains a thorny problem and VeriClouds CredVerify service can provide a useful additional level of assurance.  There are many approaches, products and services for user authentication however, the CredVerify service is unique in what it offers.  


Advisory Note

Buyer’s Guide: Consumer Identity and Access Management Solution - 70259

Consumer Identity is a fast-growing specialty solution. This KuppingerCole Buyer’s Guide will provide you with questions to ask vendors, criteria to select your vendor, and requirements for successful deployments. This document will prepare your organization to conduct RFIs and RFPs for selecting the right CIAM solution for your organization.

Executive View

Executive View: IBM Security Identity Governance and Intelligence - 71113

A business-driven approach to Access Governance and Intelligence, based on business processes and access risk. Supporting fine-grained SoD analysis for all environments, with strong support for SAP. Providing connectivity to target systems based on direct connectors and via IBM Security Identity Manager.

Webcast

GDPR Compliance Countdown to Adequacy – Minimum Preparation to be Compliant

With less than a year to go before EU GDPR (General Data Protection Regulation) comes into force your organization needs to be ready to comply with these requirements that demand better controls over how it uses and manages the personal data that it holds. The scope of this regulation is very broad and it affects all organizations, including those outside of the EU, that hold personal data on EU residents. The requirements for maintaining consumers’ privacy are significantly more stringent through this new framework. In this KuppingerCole webinar, you will learn about how to...

Webinar

Oct 19, 2017: Security Management im digitalen Unternehmen: Business-orientiert, agil, effektiv

Wie schön waren die Zeiten, in denen man die physische wie digitale Sicherheit in seinem Unternehmen als eine Art Ritterburg mit umlaufendem Wassergraben („Perimeter“) abbilden konnte. Nur wenige, gut bewehrte und streng bewachte Zugänge („Firewalls“) sorgten dafür, dass der Austausch zwischen drinnen und draussen kontrolliert erfolgte und Raubritter wenig Möglichkeiten hatten, sich unberechtigt Zugang zu verschaffen.

Webcast

Security Benefits of Cloud Solutions

While organizations are becoming increasingly eager to embrace the cloud for multiple business benefits, for CISOs and CIOs these efforts bring new challenges to understand and evaluate security and privacy impacts by introducing cloud solutions to their enterprises. Adopting cloud services can dramatically improve flexibility and scalability of critical business applications, reduce time-to-market for new products and even unlock completely new business models. Join Dr. Barbara Mandl, Senior Vice President for Business Development at KuppingerCole, to learn about possible benefits a cloud...

Webinar

Nov 14, 2017: Connected Car: Putting Digital Identity Behind the Wheel

The Internet of Things comprises of a diverse range of devices – from industrial sensors controlling critical manufacturing processes all the way to home devices like smart TVs and fridges. The idea of connecting a car to the internet started as an upgrade to the vehicle’s onboard entertainment system. The concept quickly evolved and branched into numerous market segments including navigation systems, safety and diagnostics, toll payments, and fleet management.

Webinar

Nov 02, 2017: Improving Agility and Reducing Cyber Risks with Business-Driven Security Policy Management and Automation

Today’s enterprises are under continuous pressure to support new digital transformation initiatives, to adopt modern technologies like the cloud and software-defined data centers (SDDC) and, of course, to stay protected from external and internal cyberthreats. With the increasing pace of business, achieving greater agility and efficiency through automation of business processes is becoming one of the key challenges for IT. Unfortunately, the resulting dramatic increase in complexity of heterogeneous IT infrastructures combined with growing sophistication of modern cyberthreats has made...

Webinar

Oct 18, 2017: GDPR: The Six Critical Steps to Compliance and Brand Differentiation

From May 2018 when the upcoming EU GDPR (General Data Protection Regulation) comes into force, the requirements for managing personal data will change. Companies collecting such information from their customers will have to adapt to fundamental changes both in the very definition of personal data and in technical requirements around its secure and privacy-enhanced processing, including topics like consent management, data portability and the right to be forgotten. You will also understand why leading companies, however, will look beyond compliance to how they can enhance their customers’...

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]