Vendor Report: IBM’s IAM and GRC offerings

IBM is amongst the vendors which have entered the IAM market early. Right now, IBM can deliver in most areas of the IAM market, with only few missing elements in their overall portfolio. In the GRC market, the current focus of IBM is more towards SIEM-related GRC issues and log analysis, whilst IBM offers no specific platform for IAM-GRC. Anyhow, we expect IBM to be able to provide solutions through partnerships if required. Besides this, the approach chosen by IBM positions the company pretty well for the emerging trend towards GRC platforms which support any aspect of GRC require-ments and which aren’t limited to the IAM-related parts of GRC (e.g. access/authorization analysis and management).

Given that IBM has entered the market early, IBM can provide a relatively mature software portfolio for IAM, with some recent additions like their Enterprise Single Sign-On solution and some new inte-grations for example between Enterprise Single Sign-On and the Tivoli Federated Identity Manager.

IBM is rated amongst the leading vendors of solutions for IAM and thus should be included in evalua-tions of products in the core IAM field. Beyond this, IBM is strong in specific business case like me-dium-sized “IBM shop” customers, large installations especially when including mainframe systems, and the integration of IAM with SIEM and BSM (Business Service Management) strategies.