Access Management

Webcast

XACML: The Holy Grail of Access Governance?

Kuppinger Cole Webinar Recording

Webcast

The Three Elements of Access Governance: Recertification/Attestation – Access Control – Privileged Access Management

Kuppinger Cole Webinar Recording

Product Report

Product Report: Quest Single Sign-On solutions for SAP

The two products discussed here, Quest Single Sign-On for SAP GUI and ABAP and Quest Single Sign-On for NetWeaver, are Quest’s offering in the market for Single Sign-On (SSO) between Active Directory-infrastructures and SAP-environments on the basis of Kerberos. Quest also offers a…

Webinar

Dec 09, 2009: XACML: The Holy Grail of Access Governance?

In this panel, the role XACML will and can play for access governance is discussed. Is XACML the solution? What is missing? How to manage policies and how to analyze these dynamic constructs? And how to avoid vendor lock-in? The strengths, shortcomings and needed improvements are discussed…

Webcast

The Critical Role of XACML in SOA Governance and Perimeter Web Service Security

Kuppinger Cole Webinar recording

Blog

Q & A from the XACML/ABAC Webinar

On the Webinar that Babak and I did on ABAC and XACML three weeks back, there were quite a few questions that popped up! Unfortunately we did not have time to answer all of them during the webinar, so we promised that we would collect them and answer them afterwards. BTW today there is…

Blog

#sapteched: too much twittering.. ;-) - but not enough on IAM & GRC

Did you find yourself adding hash-tags in emails or "old-fashioned" blog posts recently? Well, I think we are all tweeting quite a lot (except for me, I do not spend to much time on it) and organizing tweets that way is a good thing, for sure... In between two Netweaver security tracks I…

Webinar

Dec 08, 2009: The Three Elements of Access Governance: Recertification/Attestation – Access Control – Privileged Access Management

Access Governance is commonly associated with “recertification” or “attestation” as approaches for a recurring review of existing access controls by the responsible managers in IT and business. But knowing the problems isn’t sufficient – enforcing changes and implementing continuous…

Webcast

Ein Passwort für alles - Enterprise Single Sign-on

Kuppinger Cole Webinar recording

Blog

XACML - why it is so important

XACML (eXtensible Access Control Markup Language) gains an increasing attention as one of the core standards in the field of information security and thus IT security. Whilst standards like SAML (Security Assertion Markup Language) address the problem of authentication, XACML is about…

Webinar

Oct 27, 2009: The Critical Role of XACML in SOA Governance and Perimeter Web Service Security

SOA is far from dead but many organizations suffer from a severe SOA disease caused by too many enthusiastic deployments of isolated and siloed services. In this webinar, Martin Kuppinger will provide you with insights on SOA Governance, followed by Axiomatics and Intel showcasing their…

Webinar

Nov 11, 2009: Single Sign-on for SAP Environments

The identity management marketplace offers a number of different solutions enabling Active Directory-based single sign-on for SAP, making life for SAP endusers much easier and at the same time offering a good potential to reduce the costs of managing your IT infrastructure. In this webinar,…

Product Report

Product Report: Quest Single Sign-On solutions for SAP

Mit den beiden Produkten Quest Single Sign-On for SAP GUI and ABAP und Quest Single Sign-On for NetWeaver bietet Quest eine marktführende Lösung für das Single Sign-On zwischen Active Directory-Infrastrukturen und SAP-Umgebungen auf Basis von Kerberos an. Als Option für…

Webcast

Beyond Role Based Access Control - the ABAC approach

Kuppinger Cole Webinar recording

Advisory Note

Technology Report: XACML – Extensible Access Control Markup Language

This report explains XACML, an evolving standard in the field of access control. Access control in IT is of vital importance. Companies use access control technology to protect sensitive systems and information, and to keep assets safe. At the same time, compliance with external regulations…

Blog

Beyond RBAC

Please join me tomorrow for a free Webinar on the topic "Beyond Role Based Access Control - the ABAC Approach". Many - if not most - organisations are not getting as much value as they thought from RBAC (role based access control). In fact, many RBAC projects start with high expectations,…

Webcast

Minimizing Business Risks through Enterprise SSO

Webinar

Sep 29, 2009: Beyond Role Based Access Control - the ABAC Approach

In this webinar we discuss the original ideas behind RBAC and why large RBAC projects often lead to role explosion problems and therefore fail in their initial ambitions. We also introduce the concept of Attribute Based Access Control (ABAC) which overcomes some of the well-known problems…

Webinar

Oct 23, 2009: Ein Passwort für alles - Enterprise Single Sign-on

Es gibt kaum einen Anwender, der nicht schon einmal sein Passwort vergessen hat und das Helpdesk mit einem Passwort Reset beschäftigen musste. Die Arbeit des Helpdesk nimmt exponentiell zu, wenn die Anwender sich mehrere unterschiedliche Passwörter für unterschiedliche Anwendungen merken…

Webinar

Sep 17, 2009: Minimizing Business Risks through Enterprise Single Sign-on

Receiving approval for project budgets has been difficult in these days, especially if there isn´t a very visible and almost immediate return on investment. Simplifying the way how users login to the applications they need for their daily business is an area, where plenty of low hanging…

Blog

Finally: an open XACML API!

Whilst at the Burton Group’s Catalyst 2009 conference, I ran into Prateek Mishra from Oracle who told me somewhere between the lines of our conversation that a new XACML API that has just been posted to the OASIS XACML TC. It was a “soft launch” that was announced at the Kantara meetings on…

Blog

About trademarks in the IAM business

These days I have learned that Fischer International Identity has trademarked to pretty generic terms: Identity as a Service (TM) IaaS (TM) I wondered (and still wonder) about that. Fischer declared that they have invented that type of business ("a services-based architecture built from…

Webcast

Messbare Vorteile für Sicherheit und Kosten durch Single Sign-On mit starker Authentifizierung

Kuppinger Cole Webinar recording

Webinar

Jun 09, 2009: Messbare Vorteile für Sicherheit und Kosten durch Single Sign-On mit starker Authentifizierung

In diesem Webinar wird auf den quantitativen und qualitativen Nutzen von Enterprise Single Sign-On-Projekten in Verbindung mit starker Authentifizierung eingegangen.

Webcast

Is there a difference between the European way of doing IAM/GRC and „the rest of the world“?

Keynote at the European Identity Conference 2009 by Paul Heiden , BHOLD COMPANY BV, Prof. Dr. Audun Josang , Queensland University of Technology, and Oslo University, Darran Rolls , Sailpoint, Chris Harvison , Scotiabank  

Product Report

Product Brief: Microsoft Forefront Identity Manager

On Monday the 23rd of March, Microsoft announced that it would - again - delay the launch of ILM 2, the "Identity Lifecycle Manager". The release was now pushed back one whole year, to give Microsoft more time to "validate ILM in long-running live deployments before release". As can be…

Advisory Note

Trend Report: SSO 2009

Single Sign-On (SSO) ist eines der wichtigsten Felder im Identity und Access Management (IAM).Durch eine vereinheitlichte Authentifizierung können eine Reihe von Business-Values erreicht werden, darunter reduzierte Risiken für Sicherheit und Compliance sowie niedrigere Service…

Advisory Note

Market Report: Oracle buys Sun – the Impact on IAM and GRC strategies and tactics

The news that Oracle will acquire Sun Microsystems has lead to some uncertainty at existing Oracle and Sun customersin the IAM and GRC market space. That uncertainty will exist for quite some time, given that the acquisition is not expected to close before the summer of 2009. Until that…

Blog

10 Top Trends 2009 for IAM and GRC

As in the past years, Kuppinger Cole has worked out 10 top trends in IAM (Identity and Access Management) and GRC (Governance, Risk Management, Compliance). Things are going forward in 2009, despite the economic crisis – even more, especially GRC vendors are benefiting from the crisis and…

Webcast

Enterprise Single Sign-On in der Praxis

Kuppinger Cole Webinar recording

Webinar

Apr 23, 2009: Enterprise Single Sign-On in der Praxis

Konfrontiert mit einer zunehmenden Flut an Passworten für Benutzerkonten in einer steigenden Zahl an Anwendungen, gewinnt das unternehmensweite Single Sign-on zunehmend an Bedeutung. Einerseits zur Steigerung der Produktivität und zur Reduzierung der Helpdesk-Kosten, andererseits aber auch…

Blog

Is SSO the key to the desktop?

I recently had a cup of coffee with a couple of interesting youngsters from Hamburg, Christian Evers and Philipp Spethmann, who have set themselves a truly impressive goal. They are out to wrest nothing less than the control of German desktops from giants like iGoogle, T-Online, Yahoo!…

Vendor Report

Vendor Report: IBM’s IAM and GRC offerings

IBM is amongst the vendors which have entered the IAM market early. Right now, IBM can deliver in most areas of the IAM market, with only few missing elements in their overall portfolio. In the GRC market, the current focus of IBM is more towards SIEM-related GRC issues and log analysis,…

Blog

There are many facets of Privileged Account Management

The PAM/PIM/PUM (Privileged Account/Identity/User Management; I prefer PAM) market is one of the boom markets in IT. I've blogged about that recently (here and here). And I've talked with many vendors in that market segment about what they are currently delivering and about what they have in…

Webcast

Wer war Root? Was Sie über Privileged Account Management (PAM) wissen sollten

Kuppinger Cole Webinar recording

Blog

Dynamic authorization management

Authorization management is becoming increasingly popular. But there are, in fact, two very different approaches: Static authorization management, where changes are provisioned to the target systems. Dynamic authorization management, where authorization decisions are externalized to…

Blog

Privileged Account Management

Over the course of the last few months, PAM (Privileged Account Management), also called PIM (Privileged Identity Management) or PUM (Privileged User Management) became increasingly popular. The main driving force behind this increase in popularity are the auditors, which more frequently…

Blog

The need for a holistic approach to IAM, GRC, DLP, PAM, and IRM

IT is very well-known for first its ability to create three-letter acronyms and second the mix-up of different marketing terms, leading to overlapping and sometimes pretty unclear market segments. Besides, many vendors try to convince people that their (and only their) solution is sort of…

Blog

Novell enters PAM market - the first deal in the next wave of acquisitions in IAM?

Novell has announced that they have acquired the technology for privileged account management (PAM) from Fortefi Ltd. PAM addresses the need to better manage privileged accounts. It is a broad field, starting with root account management in the Unix and Linux environments and reaching out to…

Webcast

Zehn Gründe, warum Sie gerade jetzt in IAM und GRC investieren sollten

Kuppinger Cole Webinar recording

Advisory Note

Business Report: Key Risk/Performance Indicators IAM and GRC

The concept of Key Performance Indicators is well established at the corporate level, using scorecards as a tool for a quick overview on the progress of organizations. Key Risk Indicators add risk metrics to that view, relating the progress of indicators to changes in risks. The report…

Webinar

Mar 02, 2009: Der Weg zu schlanken, fokussierten IAM- und GRC-Projekten (Storniert)

Martin Kuppinger gibt in diesem Webinar Hinweise aus der Beratungspraxis und der Analyse von Kuppinger Cole für die optimierte Gestaltung von IAM-Projekten.

Blog

Why to invest in IAM and GRC - especially in these days

There is no doubt: We are in economic turmoils. And no one really knows when things will become better again. It is definitely interesting to observe what is happening from a risk management perspective (Why didn't governments have pre-defined actions prepared? Why didn't financial…

Webinar

Feb 13, 2009: Zehn Gründe, warum Sie gerade jetzt in IAM und GRC investieren sollten

Martin Kuppinger nennt und erläutert zehn Gründe dafür, warum man gerade jetzt in IAM und GRC investieren sollte, um die IT besser und Unternehmen leistungs- und wettbewerbsfähiger zu machen und Risiken zu reduzieren.

Blog

1-day eema-Workshop: Role Life Cycle Management and IAM - 5 March 2009

This meeting is a one-day event aimed at Ascure, Belgium and is organized in cooperation with Kuppinger Cole and EEMA. This workshop will discuss the approach and importance for setting up Role Life Cycle Management in your IAM Program. Currently many enterprises are investing in having a…

Blog

The European IAM and GRC landscape

These days, we've been mentioned by Marcus Lasance, an independent IAM consultant who formerly managed MaxWare U.K., in his blog. Dave Kearns commented on this today in his Network World newsletter. Both, Marcus' blog and Daves newsletter were about IAM in Europe - and the fact that there…

Blog

Some new Kuppinger Cole surveys on IAM

We've compiled some questionnaires on different aspects of the IAM and GRC markets and put them online. We'd greatly appreciate your participation on these surveys. Most of the questionnaires are very lean, consisting of 10 to 12 questions - only the IAM market survey 2009 is quite a bit…

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

PSD2 in a Europe of Small Principalities

Europe’s consumers have been promised for some years now that strong customer authentication (SCA) was on its way. And the rules as to when this should be applied in e-commerce are being tightened. The aim is to better protect the customers of e-commerce services.  This sounds like a good development for us all, since we are all regular customers of online merchants or providers of online services. And if you look at the details of SCA, this impression is further enhanced. Logins [...]

Stay Connected

Latest Insights

Hot Topics

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00