News Archive

Blog

Security vs Convenience: In the Cloud, it’s Still Your Choice and Your Responsibility

Social logins are extremely popular. Instead of going through a process of creating a new account on another website, you just click on the “Continue with Facebook” or “Sign in with Google” button and you’re in. The website in question can automatically pull the needed information like your name or photo from either service to complete your new profile. It can even ask for additional permissions like seeing your friend list or posting new content on your behalf. When implemented correctly, following all the security and compliance checks, this enables multiple...

Whitepaper

Whitepaper: Digital Transformation for Business Enablement Requires a Modern Identity Fabric - 80165

Digital Identities are at the heart of the Digital Transformation. Without the ability to unify identities and manage the access of everyone to everything  to every digital service effectively, transformation initiatives will fail. Business can’t afford to implement these capabilities on a per service basis – this will increase cost, slow down time-to-market and lead to new identity silos, resulting in a negative user experience. By setting up an Identity Fabric that delivers identity services to the new digital business services, organizations can meet the demand of...

Blog

Benchmarking Cybersecurity Environments

Addressing cybersecurity within a company often occurs in response to an incident which impacts a business’ operations. A cyber incident could be a data breach or malicious disclosure of internal information to the public. Ideally a company starts thinking about cybersecurity before they are forced to act by an incident. Preparations for a cyber incident can be made through an internal or external benchmarking of the cybersecurity landscape. What to expect from a benchmarking exercise To ensure a benchmarking preparation offers real value to the company, the expectations and outcome...

Blog

The Information Protection LifeCycle and Framework

The Information Protection LifeCycle (IPLC) and Framework describes the phases, methods, and controls associated with the protection of information. Though other IT and cybersecurity frameworks exist, none specifically focus on the protection of information across its use life. The IPLC documents 3 stages in the life of information and 6 categories of controls which can be applied as controls to secure information. Stages in the life of information Information is created, used, and (sometimes) disposed of when it is no longer needed or valid. Information can be actively created, such as...

Webcast

Martin Kuppinger - AI Already Revolutionizes the Way We Do Cybersecurity & IAM

There are many challenges business are facing when they are implementing IAM and Cybersecurity, be it role management and access controls or efficient analytics in the SOC that narrows down the incidents to put the focus of investigation on. As AI augments us increasingly in our daily live activities as well as workers on the factory floor, it also already is able to augment us in doing Identity Management and Cybersecurity better. Martin Kuppinger will look at the areas where AI already is used and where we expect AI to hep us revolutionizing the way we do Cybersecurity and IAM. He will...

Whitepaper

Whitepaper: Modern Identity Fabrics: A Cornerstone of your Digital Strategy - 80170

Digital Transformation is ubiquitous. Creating new digital business services changes the way IAM needs to be done. Instead of managing existing applications, IAM has to provide identity services that can be consumed by digital services. Focus is shifting from modern UIs for managing existing applications to APIs that provide the identity services. Modern Identity Fabrics must serve both needs and incorporate an Identity API Platform that delivers the API-based access that is required today.

Webcast

Fighting Fraud With Strong Authentication

Strong authentication is one cornerstone of web security. However, account enrollment and account recovery processes are leaving gaps in the credential management lifecycle that allow bad actors to perform account takeover and get into our networks. Increasingly, these bad actors aren’t even real. Stolen identity information that is used to create new fake IDs, known as synthetic identity fraud, is a fast-growing form of fraud.

Buyer's Compass

Buyer's Compass: Blockchain ID - 80050

Blockchain identity solutions are developing into a viable segment in IAM. Because the market segment is still very heterogeneous and gaining maturity, selecting a vendor to provide blockchain ID solutions should be done with care. This KuppingerCole Buyer’s Compass will equip you with key criteria and questions to help select an appropriate vendor.

Blog

VMware’s New Idea for Fixing Cybersecurity: Intrinsic Security

At VMworld Europe 2019, Pat Gelsinger, CEO of VMware said security is fundamentally broken and that the overabundance of vendors is making the problem worse. I’m not sure this is true. Gelsinger had some good lines: applications that are updated and patched on a regular basis should be illegal and outlawed by legislation, and that security is too threat-based. Making security less threat-focused is a good thing The solution, according to VMware, is simple: we need to build more security in the platform with the supreme goal of a single security agent running across the entire...

Executive View

Executive View: IBM Cloud Pak for Security - 80172

IBM Cloud Pak for Security is an innovative solution that can run in a variety of deployment models that supports security analytics and incident response for today’s complex, hybrid and multi-cloud environments. It provides a consolidated view on security and threat information across a range of sources from IBM and other vendors. It supports federated search across that data, plus consolidated workflows for incident response spanning multiple systems. With these capabilities, it is a tool that can deliver significant benefits to the efficiency of every SOC.

Webinar

Dec 17, 2019: Upgrade your IAM with IDaaS IGA

The Identity-as-a-Service (IDaaS) market continues to develop with a significant push from organizations looking to adopt cloud-based delivery of security services including IAM. While IDaaS Access Management solutions, providing SSO (Single Sign-On) for the users and access to a variety of services are already established, IDaaS IGA is not as widely used yet. However, shifting IGA (Identity Governance and Administration) capabilities, e.g. Identity Lifecycle Management and Access Governance, to the cloud might provide significant benefits regarding time and cost of deploying and operating...

Blog

Increase Accuracy in Demand Forecasting with Artificial Intelligence

Demand forecasting is one of the most crucial factors that determine the success of every business, online or offline, retail or wholesale. Being able to predict future customer behavior is essential for optimal purchase planning, supply chain management, reducing potential risks and improving profit margins. In some form, demand prediction has existed since the dawn of civilization, just as long as commerce itself. Yet, even nowadays, when businesses have much more historical data available for analysis and a broad range of statistical methods to crunch it, demand forecasting is still not...

Webcast

6 Myths of Privileged Access Management Busted

Industry thought leaders have stated that if there is only one project you can tackle to improve the security of your organization it should be Privileged Access Management (PAM). But successfully securing and managing privileged access is a tough task and is only getting harder to solve.

Blog

Palo Alto Networks Continues to Bet on Security-as-a-Service

The market shift to cloud-based security services was highlighted at the Ignite Europe 2019 held by Palo Alto Networks in Barcelona, where the company announced a few product enhancements in an effort to round out its offerings to meet what it expects will be growing market demand. A key element of its go-to market strategy is in response to market demand to reduce the complexity of security and to reduce the number of suppliers by adding cloud-delivered so Software-Defined Wide Area Network SD-WAN and DLP (data loss prevention) capabilities to its Prisma Access product. The move not only...

Executive View

Executive View: Identity Automation’s RapidIdentity Solution - 80028

Identity Automation’s RapidIdentity is an Identity and Access Management (IAM) solution that targets the specific requirements of healthcare organizations. Beyond delivering standard IAM capabilities, RapidIdentity helps healthcare organizations access a unified solution instead of relying on disparate point solutions. RapidIdentity’s cohesive suite of tools reduces integration time for organizations and delivers consistent flexible functionality.

Leadership Brief

Leadership Brief: Top 3 Initiatives to Improve CX and Customer Journeys - 80293

When it comes to digital marketing, companies of all business sectors try to constantly improve customer experience (CX) and customer journeys. In many cases, there is a single focus on technological topics, such as machine learning or conversational interfaces. But, is technology the key to success? This leadership brief gives an overview of relevant topics regarding optimization of CX and customer journeys—and highlights three initiatives to consider.

Executive View

Executive View: IBM Decentralized Identity - 80099

The IBM Decentralized Identityplatform is both an enterprise solution for individual companies and the foundation of a global decentralized identity ecosystem. IBM’s decentralized identity solution has prioritized interoperable protocols rooted in Hyperledger Indy and Aries to provide secure exchange of information. IBM’s decentralized identitysolution can help enterprises establish decentralized identity networks built upon Hyperledger Indy or participate in decentralized identity ecosystems as issuers, holders, and verifiers.

Whitepaper

Whitepaper: Grundlagen des Privileged Access Managements - 80332

Privileged Access Management (PAM) ist einer der wichtigsten Bereiche des Risikomanagements und der Datensicherheit für jedes Unternehmen. Privilegierte Konten werden traditionell an Administratoren, aber auch weitere Benutzer innerhalb eines Unternehmens vergeben, um auf kritische Daten und Anwendungen zuzugreifen. Doch die sich ändernden Unternehmensabläufe und die digitale Transformation haben dazu geführt, dass privilegierte Konten heute zahlreicher und weiterverbreitet sind. Werden diese nicht sicher verwaltet, sind Unternehmen den Risiken von verwaisten Konten...

Blog

Renovate Your IAM-House While You Continue to Live in It

Do you belong to the group of people who would like to completely retire all obsolete solutions and replace existing solutions with new ones in a Big Bang? Do you do the same with company infrastructures? Then you don't need to read any further here. Please tell us later, how things worked out for you. Or do you belong in the other extreme to those companies in which infrastructures can be further developed only through current challenges, audit findings, or particularly prestigious projects funded with a budget? However, you should read on, because we want to give you argumentative...

Leadership Compass

Leadership Compass: Identity as a Service (IDaaS) IGA - 80051

An emerging market, IDaaS IGA is largely characterized by cloud-based delivery of Identity Provisioning and Access Governance capabilities for business irrespective of the application and service delivery models. Improved time-to-value proposition prioritizes adoption of IDaaS for traditional IGA use cases, helping IDaaS IGA to increasingly become the preferred choice of customers for IAM purchases globally. This Leadership Compass discusses the market direction and provides a detailed evaluation of market players to offer necessary guidance for IAM and security leaders to make informed...

Executive View

Executive View: ForgeRock Access Management - 80319

ForgeRock Access Management is a full-featured Identity and Access Management (IAM) system, and a primary component in their Identity Platform.  It provides numerous authentication options, an intelligent adaptive risk engine, identity federation, and advanced policy-based authorization capabilities.   ForgeRock supports open standards development, and that is reflected by the multi-protocol support in ForgeRock Access Management.  The product is built from the open source OpenAM project, and ForgeRock provides fee-based support.

KCx Talks

May 10, 2020: AI and Cybersecurity in the Age of Quantum Computing

Network and discuss with an exclusive circle of max. 30 participants in a hip location of the city, with selected food and drinks. Enjoy an evening with interesting lectures in a relaxed atmosphere together with experts from various fields. Take part in stimulating discussions and enjoy personal fireside chats on current digitalization and identity topics in various industries.

Press Release

Cybersecurity Is More Than Just Defensive

When planning the cybersecurity strategy for any given company, IT teams should be aware that they are essentially doing damage control. It is not enough to bolster defense mechanisms because in the long run there is a big chance that they will not last a strong attack. This means that cybersecurity departments should prepare to fail, and have a water-proof plan on what to do after they have been successfully attacked.

Whitepaper

Whitepaper: Modern B2B Identity Management - 80135

With Business-to-Business (B2B) transformation comes digital initiatives to better connect B2B customer systems and supply chain services, and in doing so, Identity and Access Management (IAM) becomes a crucial consideration. IAM shares standard features that can be used in B2E or B2C use cases as well, but IAM in the B2B context has specific requirements that need to be addressed. B2B IAM services need to support customers, suppliers, and other partner organizations by providing capabilities such as support for multiple identity types, user delegation at different levels, strong...

Architecture Blueprint

Architecture Blueprint: Identity and Access Management - 72550

IAM has been one of the central security infrastructures for many years. The changing role and importance of digital identities leads to fundamental changes in IAM architectures. The challenges for a future proof IAM are complex, diverse and sometimes even conflicting. Organization demand for a blueprint to design and implement efficient and durable IAM architectures that meet current and future requirements need to follow a sustainable yet dynamic architectural design.

Blog

OVHCloud Bets on Shift Back to Private Cloud

There is more to the cloud than AWS, Azure, IBM and Google according to OVHCloud - the new name for OVH as it celebrates its 20th anniversary. While the big four have carved up the public cloud between them, the French cloud specialist believes that business needs are changing, which gives them an opportunity in the enterprise market it is now targeting. In short, OVHCloud believes there is a small, but discernible shift back to the private cloud - for security and compliance imperatives. That does not mean that OVHCloud is abandoning the public cloud to the Americans. At October’s...

Conference

Oct 20 - 22, 2020: Customer Technology World 2020

Understanding your customer’s wishes and requirements and mapping them successfully with CIAM processes is the key to a successful online business. At the Customer Technology World you will learn how to create a customer-centric strategy for your digital business.

Executive View

Executive View: IBM MaaS360 with Watson - 79067

IBM MaaS360 with Watson is an AI-enabled, cloud-based Unified Endpoint Management (UEM) platform designed to enable enterprises to manage and secure smartphones, tablets, laptops, desktops, wearables, and the Internet of Things (IoT). With an open platform for integration with existing apps and infrastructure, IBM MaaS360 is backed by around-the-clock customer support and services, and takes a cognitive approach to UEM that enables enterprises to search thousands of data sources to discover security risks and opportunities, assess their impact on users and endpoints, and act upon them.

Webcast

Legacy IAM System vs. Modern IAM Platforms - Should You Stay or Should You Go?

Application and infrastructure architectures are continuously changing in order to mirror the demands and challenges of organizational needs. A common problem with legacy systems is the inability to understand and adapt to the new business models in an ever-changing world.

Leadership Compass

Leadership Compass: Infrastructure as a Service – Global Providers - 80035

The KuppingerCole Leadership Compass provides an overview of vendors and their product or service offerings in a certain market segment.  This Leadership Compass focusses on Infrastructure as a Service (IaaS) from Cloud Service providers (CSP) with a global presence and with a specific focus on security and compliance.

Blog

There Is No “One Stop Shop” for API Management and Security Yet

From what used to be a purely technical concept created to make developers’ lives easier, Application Programming Interfaces (APIs) have evolved into one of the foundations of modern digital business. Today, APIs can be found everywhere – at homes and in mobile devices, in corporate networks and in the cloud, even in industrial environments, to say nothing about the Internet of Things. When dealing with APIs, security should not be an afterthought In a world where digital information is one of the “crown jewels” of many modern businesses (and even the primary...

Blog

Cyber-Attacks: Why Preparing to Fail Is the Best You Can Do

Nowadays, it seems that no month goes by without a large cyber-attack on a company becoming public. Usually, these attacks not only affect revenue of the attacked company but reputation as well. Nevertheless, this is still a completely underestimated topic in some companies. In the United Kingdom 43% of businesses experienced a cybersecurity breach in the past twelve months, according to the 2018 UK Cyber Security Breaches Survey. On the other hand, 74% say that cybersecurity is a high priority for them. So where is the gap, and why does it exist? The gap exists between the decision to...

Whitepaper

Whitepaper: Understanding Privileged Access Management - 80302

Privileged Access Management (PAM) is one of the most important areas of risk management and data security in any organization. Privileged accounts have traditionally been given to administrators and other users within an organization to access critical data and applications. But, changing business practices and digital transformation has meant that privileges accounts have become more numerous and widespread. If these are not managed securely, businesses are exposed to the risks of abandoned accounts, unmanaged shared accounts and criminals and hackers are becoming more adept at...

Webcast

KuppingerCole Identifies Leaders in Consumer Authentication

Organizations are adopting Consumer Identity and Access Management (CIAM) solutions or enhancing their existing customer-facing IAM solutions with modular authentication services, in order to deter fraud, comply with new regional and industry-specific regulations, and improve the customer experience. Most organizations have IAM products in place already for business-to-employee use cases. However, many are finding that their current solutions are not able to meet consumer expectations or security requirements.   KuppingerCole's Lead Analyst John Tolbert...

Buyer's Compass

Buyer's Compass: Endpoint Detection & Response (EDR) - 80213

Data loss via Advanced Persistent Threats (APT), Insider Threat, and other vectors remains a top concern of businesses worldwide. EDR tools are becoming more widely used to help detect and remediate these kinds of threats. This KuppingerCole Buyer’s Compass will provide you with questions to ask vendors, criteria to select your vendor, and requirements for successful deployments. This document will prepare your organization to conduct RFIs and RFPs for EDR tools.

Blog

Authentication and Education High on CISO Agenda

Multifactor authentication and end-user education emerged as the most common themes at a CISO forum with analysts held under Chatham House Rules in London. Chief information security officers across a wide range of industry sectors agree on the importance of multifactor authentication (MFA) to extending desktop-level security controls to an increasingly mobile workforce, with several indicating that MFA is among their key projects for 2020 to protect against credential stuffing attacks. In highly-targeted industry sectors, CISOs said two-factor authentication (2FA) was mandated at the...

Webinar

Dec 10, 2019: Identity Fabrics for True Digital Transformation

Business models are changing, customer relationships are changing, and business partnerships are far more volatile than ever before. Workloads are shifting to the cloud and to as-a-service models. Businesses are looking to provide more and more digital services to their customers and consumers via apps and integrate with devices and things. Digital Identity is at the center of these digital transformations.

Webcast

Getting a Grip on Your AI: Know What It Does. Understand the Risks and Rewards. Be Compliant

The case for integrating AI into business processes is ever stronger. Now it’s time to assess realistically what it can do for you. Existing successes and failures of AI beta-phase testing show how to resist the survivorship bias when implementing your own AI programs. Clarify the characteristics of AI data that may be problematic, and discover where investment should be concentrated on further customizing your AI solutions. Compliance with data protection standards remains an open question as both technology and public demand evolves. Over-enthusiasm in future...

Conference

Nov 09 - 11, 2020: Cyber Access Summit 2020

Willkommen zum Cyber Access Summit (CAS) 2020! Gestalten Sie die Zukunft der digitalen Transformation und diskutieren Sie mit Kollegen und Branchenexperten. Das Programm des deutschsprachigen Cyber Access Summit 2020 nimmt aktuelle Themen und Trends im Bereich des Identity und Access Managements in den Fokus.

Conference

Nov 09 - 11, 2020: Cybersecurity Leadership Summit 2020

In order to follow the footsteps of digital and technological advancements, have yourself prepared for the future and gain critical knowledge on emerging trends, KuppingerCole Analysts holds its second Cybersecurity Leadership Summit (#CSLS20) in Berlin, Germany, offering the remarkable world-class keynote speakers, panelists, moderators, and professionals. It is the unique opportunity to meet the peers concerned with the same issues and discuss actual topics ranging from the role of Artificial Intelligence in Cybersecurity, to Strong Authentication solutions, Privileged Access Management,...

Executive View

Executive View: Atos DirX Access - 80167

Atos DirX Access is a mature solution for Access Management, covering the full range of targets from legacy web applications to modern SaaS services. It comes with comprehensive support for modern standards, including FIDO 2.0. A specific strength is the support for specific capabilities such as session state sharing across servers, Dynamic Authorization Management, or integrated User Behavior Analytics. Atos DirX Access counts amongst the most feature-rich solutions on the market.

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]