KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
A standardized approach to control privileged accounts can be valued as a profitable internal service.
While implementing Privileged Access Management (PAM) DKB concentrates on what kind of service delivery a PAM implementation can provide to its customers (our employees) to connect benefits for end-users and address identity security at the same time.
We call that Privileged Access Security Service.
From a technical and IAM point of view identity security can only be achieved by securing the respective digital identities and the assigned user accounts in the corresponding target systems.
In the area of IAM/PAM a comprehensive compliance level automatically results in a higher maturity of our information security management. Therefore, we reduce the non-financial risks not only by complying with regulatory requirements but also by adding effective security concepts – such as zero trust or least privilege – to our IAM/PAM ecosystem.
In this session the DKB approach to handle identities and accounts in the context of a Privileged Access Security Service will be presented.
A standardized approach to control privileged accounts can be valued as a profitable internal service.
While implementing Privileged Access Management (PAM) DKB concentrates on what kind of service delivery a PAM implementation can provide to its customers (our employees) to connect benefits for end-users and address identity security at the same time.
We call that Privileged Access Security Service.
From a technical and IAM point of view identity security can only be achieved by securing the respective digital identities and the assigned user accounts in the corresponding target systems.
In the area of IAM/PAM a comprehensive compliance level automatically results in a higher maturity of our information security management. Therefore, we reduce the non-financial risks not only by complying with regulatory requirements but also by adding effective security concepts – such as zero trust or least privilege – to our IAM/PAM ecosystem.
In this session the DKB approach to handle identities and accounts in the context of a Privileged Access Security Service will be presented.
Identity Governance and Administration (IGA)is a core component of Identity and Access Management (IAM) infrastructure and refers to integrated solutions that combine Identity Lifecycle Management (ILM) and Access Governance. IGA helps to cut costs, increase security, improve compliance, and give users access to the IT resources they need.
Depending on maturity in terms of IAM, some organizations may need to bolster their capabilities in ILM while others need to focus on Access Governance. But most organizations are looking for a comprehensive IGA solution, that combines traditional User Access Provisioning (UAP) and Identity and Access Governance (IAG).
Women in Identity strongly believes there is a need for a global Identity Code of Conduct to address identity exclusion—being excluded from access to identification credentials — that subsequently leads to exclusion from financial services and products.
The Women in Identity team are half way through their research project with the current phase focused on the development of the code of conduct.
This panel will share early look at the guiding principles that will ensure all users of digital identity systems have a consistent and high-quality user experience.
As a global OEM of highly critical and complex industrial devices, managing access to hundreds of millions of IIoT device resources spread across customer sites all around the globe is already a challenging task.
Use cases for providing a digital service platform need to address end customers accessing devices owned by themselves as well as priviledged access for in house and third party analytics applications and serice personnel. A combination of requirements for excelent user experience, authorization management and high performance for cross-tenant queries for endless scenarios can become a nightmare.
The task was to analyze the access requirements, abstract them and then deploy a “Zanzibar” inspired approach to manage access authorizations with a swift and reliable backend architecture, able to handle millions of information assets to be protected against unauthorized access.
Creating a mere access model does not do the full trick - it has to be cleverly designed into data storage structures and queries to achive the required performance goals!
The talk quickly introduces the problem set and then dives deeper into how to implement data storage optimization magic to get quick response times and swift adjustments of authorizations.
While eIDAS 2.0 is still under legislative process, closing to the end, the European Commission prepares the framework for the EUDI Wallet reference implementation, and standardization bodies are working on developing new technical standards.
There is a real need for updated information on all efforts around eIDAS 2.0, as the implementing deadlines are very tight.
The session will shed light on latest developments and impact on the market.
Confusing Customer Identity Management (CIAM) with traditional Enterprise IAM comes at a high price: Applying internal regulatory compliance requirements and heavy security challenges to customer-focused interactions could easily limit user experience in a way that it measurably affects your digital business success, with dropped or interrupted transactions. Building Identity & Access around your customers' needs requires a profoundly different approach, which is on the one hand a trust-driven interaction experience with your brand, and on the other hand, complies with KYC and Cybersecurity requirements. In this session, we will give you an overview on the current state of CIAM and future developments you should include in your considerations before deciding on how to move forward.
The enterprise perimeter is now its data objects, APIs, applications, and its users are now the workforce, customers, partners and in many cases, machines. In this new, decentralized, and highly segmented world, CISOs and IAM leaders find themselves struggling with multiple systems and interfaces that control the most basic question: Who has access to what and when?
In this session, we will present a new architecture for Identity First Security based on Centralized Access and Authorization Policy Management Platform, and discuss pro and cons, specific real-world implementations.
This presentation will bring together and report on experiences in developing identity and privacy standards that are technically feasible but that also address the lived experience of people trying to negotiate a complicated digital identity space.
This will include an update on the Kantara Initiative Privacy Enhancing Mobile Credentials Work Group, as well as identity consideration in some recent virtual care and electronic health records standards. This will consider the impact of self-sovereign identity on the possibilities for reclaiming individual autonomy.
Vertical risk management and complete identity governance can only be achieved through integration of critical platforms with other systems and applications in use and by either integrating existing point-solutions or reducing their number altogether. Integration of the identity-platform with SAP is one of those major challenges for many organizations today.
One Identity’s approach to this challenge is through a unifying, standard integration into SAP as well as other systems and applications to establish a common GRC framework and security concept. Which includes preventing isolated environments. To establish SAP-internal governance and minimize risk within the platforms privilege landscape most organizations use specialized embedded tools like ECS (Easy Content Solution) from IBS-Schreiber Solution. Integrating the identity management platform with the SAP rule-set administration allows SAP Rule sets to be applied directly, run SoD-analysis fast and efficiently and extend them to other systems and applications, such as MS AD, AAD. The potential value of this approach is significant as it allows a preventive risk-assessment throughout the whole SAP-stack.
This integrative approach also extends to the SAP Firefighter concept for it to be applied to the rulesets and extend these into other systems. The objective is clear: Simplify risk assessment and management, establish a unified identity administration framework and as baseline - reduce cost.
In short – it lays the foundation and framework for solid Governance.
Learn how Raiffeisen Bank International heads toward decentralized identity to empower their customers across Europe and set the gold standard for privacy protection.
The increased mobility of users and their demand for personalized, unified omnichannel access experiences has stretched federated IAM beyond its limits. Meanwhile, the need for organizations to collaborate more to compete, and build communities of trust and value for those same users affordably and securely, cannot be met by existing federated IAM solutions. Learn how Raiffeisen Bank International (RBI) will embrace the new paradigm of decentralized identity to improve existing experiences and create the opportunity for new, valuable user experiences and increased levels of engagement and collaboration withbusiness partners across multiple jurisdictions, without the need to replace their infrastructure. Simultaneously, understand why starting their journey now, enables RBI to future-proof their ecosystem to rapidly support the EU Digital Wallet and official digital credentials that will become available. Get a glimpse into the solution architecture being deployed at RBI and an understanding of the benefits and how they can be communicated to executive leadership and business partners. Yes, decentralized identity may be great for web3 someday; however, learn from RBI how it can also solve today’sproblems in a practical way and work in harmony with existing IAM systems enhancing existing federationplatforms.
This panel will explore the current state of multifactor authentication (MFA) and its limitations, as well as potential solutions for improving the security and user experience of MFA. We will discuss topics such as the challenges of implementing MFA, the limitations of mobile-based MFA, and alternative methods for MFA, such as biometrics and behavioral analysis. The panel will also address the future of MFA, discussing the potential for new technologies to improve security and user experience, and the role of industry and government in shaping the future of MFA. Overall, the panel aims to provide valuable insights and perspectives on the multifactor authentication dilemma and the steps needed to move beyond mobile-based solutions.