Access and Identity

Webinar

Jan 31, 2013: Rethinking Identity and Access Governance in a World of Change and Complexity

The convergence of Cloud, Mobile and Social Computing create strong new opportunities and change the way we use Information Technology, shifting the control into the hands of the users. Governing identity and access in such a complex environment is key to success. Join us in this webinar to…

Webcast

Using IAM Technology to Protect Information, to Defend the Brand & Increase Business Productivity

KuppingerCole Webinar recording

Product Report

Product Report: Oracle ESSO - 70581

With IT organizations constantly facing the dichotomy of doing more with less, the need for products that are well integrated, efficient and cost effective is ever on the increase. KuppingerCole offers a model designed to help IT organizations manage this dichotomy by changing the…

Webcast

Access Governance und dynamische Zugriffsteuerung kombiniert: So machen Sie ihre IT-Sicherheit fit für die Zukunft

KuppingerCole Webinar recording

Webcast

Reach the Next Maturity Level in your IAM Deployment - Beyond Classical Provisioning

KuppingerCole Webinar recording

Webinar

Dec 04, 2012: Using IAM Technology to Protect Information, to Defend the Brand & Increase Business Productivity

Identity & Access Management first and foremost is a business dimension and should be process-oriented and results-driven. In this webinar you will learn how to enable business owners to decide and be accountable of wo gets access to what.

Webinar

Nov 29, 2012: Reach the Next Maturity Level in your IAM Deployment – Beyond Classical Provisioning

Cloud, Mobile, Social Computing - IAM requirements are rapidly changing and need to go beyond classical provisioning. In this webinar, KuppingerCole´s Principal Analyst Martin Kuppinger will guide you through these new challenges and talk about maturity levels of IAM deployments. Quest…

Leadership Compass

Leadership Compass: Identity Provisioning - 70151

Identity Provisioning is still one of the core segments of the overall IAM market. Thus it comes to no surprise that this segment is more crowded by vendors than virtually all the other IAM market segments. This Leadership Compass provides an overview and analysis of the Identity…

Webinar

Nov 30, 2012: Access Governance und dynamische Zugriffsteuerung kombiniert: So machen Sie ihre IT-Sicherheit fit für die Zukunft

Herkömmliche Konzepte für die Informationssicherheit, bei denen Zugriffsberechtigungen basierend auf vergleichsweise starren Gruppen oder Rollen in Form von statischen Konstrukten reichen heute nicht mehr aus, um den aus den großen Trends Cloud Computing, Mobile Computing und Social…

Blog

SAML is Dead! Long Live SAML!

Answers to the unanswered questions from the webinar Introduction Last Friday on Sept. 14, Pamela Dingle—Sr. Technical Architect from Ping Identity Corp.—and I conducted a free webinar about the much ballyhooed demise of SAML. You can view the webinar in its entirety on the KuppingerCole…

Webcast

SAML is Dead. Long Live SAML!

KuppingerCole Webinar recording

Webinar

Sep 14, 2012: SAML is dead. Long Live SAML!

Is SAML a dead protocol or just a walking Zombie ready to consume all enterprise brains? Or is it yet alive and well both in legacy and the future? Attend this webinar to join the discussion KuppingerCole´s Distinguished Analyst Craig Burton about health and well being of the Federated…

Blog

Open Source IAM – is it right for you?

Open Source projects usually get short shrift from pundits and journalists. Open source Identity projects get even less shrift. (“Shrift”, by the way, has an interesting etymology, at least to those who wonder about where the words we use come from). Commercial vendors have whole staffs of…

Executive View

Snapshot: SAML Vulnerabilities - 70723

On August 10th, 2012, the University of Bochum (German Ruhr-Universität Bochum) published a research paper titled On breaking SAML: Be whoever you want to be . In that paper the authors provide an analysis of potential security weaknesses in SAML. They analyzed 11 out of 14 major SAML…

Executive View

Snapshot: OAuth 2.0 - 70725

Recently Eran Hammer, one of the – until then – co-authors and editors of the OAuth 2.0 standard which is currently finalized by an IETF (Internet Engineering Task Force) working group, declared that he will withdraw his name from the specification of OAuth 2.0. He posted about…

Blog

The Honan Hack and the BYOI meme

By now you should have heard about the so-called “epic” hacking of the accounts of Wired journalist Mat Honan. Only those on vacation well out of civilization (i.e., no internet, no phones, no newspapers, no radio, no TV) could honestly say that the details weren’t available to them.…

Advisory Note

Scenario: The Future of Authentication - 70341

A number of significant trends are causing the authentication (AuthN) and authorization (AuthZ) architectures and technologies to significantly change. Cloud, mobile and Social computing combined (The Computing Troika) are causing an identity explosion that is requiring organizations to…

Blog

SCIM and the Microsoft Graph API

Kim Cameron recently blogged about his view on SCIM and the Microsoft Graph API. Kim explains his view as to why SCIM and the Microsoft Graph API, which is related to the WAAS (Windows Azure Active Directory), are complementary. That reminded me of two older posts in my own blog: In 2010 I…

Blog

User views on Privilege Management

Last December (“Quo Vadis?”) I advocated using Privilege Management solutions for all users. As Martin Kuppinger defined it in his advisory note last April: “Privilege Management, which in the KuppingerCole nomenclature is called PxM, is the term used for technologies which help to audit…

Blog

Active Directory in the Cloud – the new Microsoft WAAD offering

Over the course of the last few days, there have been many posts being published in different blogs, including the ones of Craig Burton, Nishant Kaushik of Identropy, KuppingerCole’s Dave Kearns and for sure Kim Cameron and John Shewchuk. I won’t dive into the discussion taking place…

Webcast

EIC 2012 Session: Exchanging Metadata through Different Federations on a Global Scale

Nicole Harris, Head of Identity Management, JISC Advance April 19, 2012 15:40

Webcast

EIC 2012 Session: Federation or Synchronization – the Future of the Cloud

Andrew Nash, Google Darran Rolls, SailPoint Travis Spencer, Ping Identity April 19, 2012 15:20

Webcast

EIC 2012 Session: What Federation is About – in Theory and in Practice

Dave Kearns, KuppingerCole April 19, 2012 15:00

Webcast

EIC 2012 Session: Security for Virtualized Environments, Privileged Users and PCI Compliance

Guy Balzam, CA Technologies Stephan Bohnengel, VMware Giovanni Ciminari, Telecom Italia April 19, 2012 14:30

Blog

Entitlement Management – has it really been an academic exercise?

Recently I read a blog post from my appreciated and well known analyst colleague Kevin Kampman at Gartner Group talking about entitlement management. That post had some points which made me wonder. I’ll pick some of the quotes: “One of access control’s biggest challenges is that it has…

Webcast

EIC 2012 Session: Access Governance Case Study - Friends Life Realizes Quick Time To Value

Julia Bernal, Group Business Security & Data Protection Manager, Friends Life April 18, 2012 17:30

Webcast

EIC 2012 Session: How to successfully get business to participate in IAM and Access Governance

Dr. Martin Kuhlmann, Omada Edwin van der Wal, Everett April 18, 2012 15:30

Webcast

EIC 2012 Session: IAM Governance in the New Commerzbank

Dirk Venzke, Director, Commerzbank AG April 18, 2012 14:00

Advisory Note

Business Report: Key Risk/Performance Indicators IAM and GRC - 70204

The concept of Key Performance Indicators is well established at the corporate level, using scorecards as a tool for providing a quick overview on the progress of organizations towards their goals. Key Risk Indicators add risk metrics to that view, relating the progress of indicators to…

Webcast

EIC 2012 Keynote: How Identity Management and Access Governance as a Service make your Cloud Work and your Business more Agile

Ralf Knöringer, Manager Business Unit IAM, Atos IT Solutions and Services GmbH April 19, 2012 8:30

Webcast

EIC 2012 Keynote: How do Today’s Technology Challenges make Real IAM Possible?

Jonathan Sander, Director of IAM Business Development, Quest Software April 17, 2012 17:50

Webcast

EIC 2012 Keynote: Ripped from the Headlines – The ‘Privileged’ Connection – Solved!

Roy Adar, Vice President of Product Management, Cyber-Ark April 17, 2012 16:30

Webcast

Quantifying Access Risk: How to Sell the Access Governance Project to your CFO

KuppingerCole Webinar recording

Blog

The Identity Explosion – one reason to re-engineer not only our IAM

During my Opening Keynote at this year’s EIC (European Identity & Cloud Conference, www.id-conf.com), when talking about the Top Trends in IAM, Mobile Security, GRC, and Cloud Computing I used the term “Identity Explosion” to describe the trend that organizations will continue (or start)…

Executive View

Advisory Note: European Identity Award 2012: OpenID Connect - 70706

Best New Standard 2012 in Category „Best Innovation/New Standard in Information Security”: Providing the Consumerization of SAML. Driving the adoption of federation and making this much simpler.

Advisory Note

Best Practice: European Identity Award 2012: Swisscom - 70705

Special Award 2012 for „Mobile Security”: Swisscom MobileID – secure and easy authentication using the mobile phone with minimal impact on hardware based on ETSI Mobile Signature Standard.

Advisory Note

Best Practice: European Identity Award 2012: Sanofi S.A. - 70704

Best Project 2012 in the Category „Best Cloud Security Project”: Implementing Federation quickly to support business requirements. Federation becoming a business enabling technology. Building the foundation for future business cases. Enabling secure access to Cloud applications.

Advisory Note

Best Practice: European Identity Award 2012: Europol - 70703

Best Project 2012 in Category „Best Access Governance and Intelligence Project”: Strategic IAM project adding centralized auditing across all IAM modules. Ready for further expansion of auditing in an IAM ecosystem in a highly security-sensitive environment, including…

Advisory Note

Best Practice: European Identity Award 2012: Siemens AG - 70701

Best Project 2012 in Category „Best Identity and Access Management Project”: Enabling the hybrid Cloud in an audit-proof way. Based on a flexible, scalable, standards-based architecture. Supporting complex, dynamic approval workflows in a very large scale environment.

Advisory Note

Advisory Note: Migration Options for your Legacy Provisioning - 70607

Migrating an existing provisioning system always becomes a red-hot topic once a vendor becomes acquired by another vendor. In these situations - like the acquisition of Sun Microsystems by Oracle, of Novell by NetIQ, of Völcker by Quest Software and all the other acquisitions…

Advisory Note

Advisory Note: IAM and GRC Market – the Evolution in 2012/2013 - 70580

IAM (Identity and Access Management) and GRC (Governance, Risk Management, and Compliance) are two of the most important IT market segments these days. They are driven by various factors. One is increasing regulatory pressure. Companies need to manage their risks, including access risks to…

Advisory Note

Advisory Note: Privilege Management - 70177

Privilege Management - which, in the KuppingerCole nomenclature, is called PxM - is the term used for technologies which help to audit and limit elevated rights and what can be done with shared accounts. During the last few years, PxM has become increasingly popular. Some vendors have…

Advisory Note

Technology Report: Access Governance Architectures - 70219

Access Governance is about the governance and management of access controls in IT systems and thus about mitigating access-related risks. These risks include the stealing of information, fraud through changing information, and the subverting of IT systems, for example in banking to…

Webcast

Conducting an Orchestra - The New Role of IAM

KuppingerCole Webinar recording

Webcast

Returning (or finally bringing?) Identity and Access Management (IAM) to the User

KuppingerCole Webinar recording

Webcast

Access Risks - from SAP to the Outer Space: an Identity & Access Governance Journey

KuppingerCole Webinar recording

Webinar

Apr 26, 2012: Quantifying Access Risk: How to Sell the Access Governance Project to your CFO

How can Access Risk be measured and made visual? How can it be used to prioritize processes such as Access Certification or Role Modeling? This webinar aims to explain new methodologies for Access Risk scoring to prioritize corrective actions and justify to your CFO why investment done on…

Webcast

Access Governance richtig gemacht: Investitionsschutz und zielgerichtete Weiterentwicklung

KuppingerCole Webinar recording

Webinar

Mar 22, 2012: Conducting an Orchestra – The New Role of IAM

With the loss of control over many resources through current trends like BYOD (bring your own devices) and usage of cloud services, enterprise IT is going through a radical change. In this webinar, you will learn about the new role of Identity & Access Management as an information security…

Blog

IAM legacies – bad for your business

It’s been almost 15 years since Business Layers and Oblix ushered in the new age of Identity and Access Management Systems (IAM systems) with what I called at the time the “killer app” for Directory Services – electronic provisioning. Even more incredible is that it’s almost 20 years since I…

Webinar

Mar 21, 2012: Returning (or finally bringing?) Identity and Access Management (IAM) to the User

IAM needs the involvement from the end users and their business line managers, because it is there where access related risks can be handled best. Join us in this webinar to discuss, how you can leverage acceptance of your IAM solution.

Webinar

Mar 13, 2012: Access Risks - from SAP to the Outer Space: an Identity & Access Governance Journey

Access Governance applies across the entire application landscape, but has the largest impact on SAP where key business processes are managed. As SAP pose unique Access Security needs, it tends to be left in isolation. This webinar will explain how to address SAP specific needs without…

Webinar

Feb 28, 2012: Access Governance richtig gemacht: Investitionsschutz und zielgerichtete Weiterentwicklung

Access Governance – dieser Begriff steht für Lösungen, mit denen sich Zugriffsrechte besser steuern und kontrollieren lassen. Die regelmäßige Re-Zertifizierung und damit Überprüfung von Zugriffsberechtigungen gehört ebenso dazu wie analytische Funktionen für den Status von…

Executive View

Snapshot: ClusterSeven Enterprise Spreadsheet Manager - 70852

ClusterSeven Enterprise Spreadsheet Manager (ESM) is a so-called “End User Computing Governance and Data Intelligence” solution. End User Computing is characterized by business computing activities performed by End Users, typically executed in spread sheet applications such a MS…

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00


KuppingerCole PLUS

Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Latest Insights

Spotlight

AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]

Blog

Blog

We Are Detective: Data Scientists to the Rescue for Cybersecurity and Governance

We Are Detective: Data Scientists to the Rescue for Cybersecurity and Governance

If the line "We are detective" only reminds you of "guilty pleasure" radio songs from the 1980s, despite the fact that you are responsible for cybersecurity or compliance in your company, then you should read on. In any case, you probably should read on because this is a trend that is becoming increasingly important in times of growing uncertainty and loss of trust – in contracts, in companies in the supply chain, in "the Internet", and in nation-states. Trust as the foundation for [...]