KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Results from a recenty published KuppingerCole Leadership Compass on Consumer Identity and Access Management Platforms
When organizations start looking at managing consumer identities in a more consistent, integrated way, they quickly observe the challenge that many parties are involved. Sales owns the CRM, marketing might own the consumer-facing web-sites and apps, while the Information Security or a dedicated IAM (Identity and Access Management) team will claim the responsibility for technically managing identities, their authentication, and their access. And when we start talking about KYC, Corporate Audit also comes into play. Not to forget the Chief Digital Officer (CDO) and some other parties. To succeed with Consumer Identity Management, CIAM, and KYC, organizations need to define responsibilities and rethink their organizational structures. They have to make decisions, both at the organizational level and at the technical levels. Decisions bear consequences. Splitting Enterprise IAM and Consumer IAM might lead to disparate, complex-to-integrate IT environments, but might bring the agility needed in the Digital Transformation. Having too many stakeholders might result in slowdowns of projects, killing the agility you need in the Digital Transformation. Lacking an integrated approach might result in security and compliance risks as well as overly high investments into technology.
Potential advantages of cloud services over on-premise solutions, like cost savings and higher resilience, are even more significant when it comes to large scale use cases like managing your customers´ identities. In this talk, Kim Cameron guides you through experiences and conclusions from a number of recent implementations and provide you with insights on how CIAM will evolve over the coming years.
Azure AD is here. It can act as a domain controller. It helps you managing your partners. It is ready-made for managing your customers. The application proxy builds the bridge back to your on-premise applications. That raises an important question for all organizations running AD on-premises: What is the future role for on-premise AD? What is the right strategy? Who can and should get rid of on-premise AD now or in the near future, who should focus on a hybrid strategy? Where is the overlap?
Security breaches and cyber attacks have become a daily occurrence. Worse, in some cases it can take an organization months to realize they’ve been breached. Open the pages of the latest breach forensic report and you will find a litany of basic IAM errors that read like a horror story. Many companies are missing the basic IAM best practices that can help prevent, detect and mitigate attack. In this session, SailPoint's CTO Darran Rolls presents the anatomy of a typical cyber attack and explains where and how IAM controls should be applied to better enable close-loop cyber protection for enterprise systems. You may not be able to prevent an attack, but you can minimize the damage and your exposure.
In most cases, the terms Industry 4.0 and Industrial Internet of Things (IIoT) are used interchangeably. But these two terms, though referring to similar technologies and applications, have different origins and meanings. Industry 4.0 is focused specifically on the manufacturing industry and the goal of ensuring its competitiveness in a highly dynamic global market. The IIC is more focused on enabling and accelerating the adoption of Internet-connected technologies across industries, both manufacturing and non-manufacturing. That’s why it’s important to understand the differences between Industry 4.0 and the "Industrial Internet of Things" and where our mindset and approaches best fit.
We are on the brink of a machine learning revolution in which computers won't just speed up existing security processes but enable the automation of processes and decisions too complex for the human mind to imagine. The machine-reengineering revolution will leverage powerful algorithms and the immense lakes of organizational data to drive changes in business processes that will fundamentally change the way security is managed. This session provides an overview of machine learning and big data technologies as they apply to Identity and Access Management.
In this session, find out how customer-obsessed businesses are increasing their audiences and creating trusted, customized experiences across devices and platforms in exchange for first-party data. We provide case studies of how leading brands are leveraging customer identity and access management (CIAM) to create personal relationships at scale while maintaining high degrees of data privacy and security.
Big Data meets Security: Analyzing systems logs to understand behavior has become one of the main applications of big data technology. Open source initiatives as well as commercial tools and applications for big data integration, collection and analytics become more important building blocks of cyber attack resilience through better collection and analysis of very large sets of log and transaction data, real-time analysis of current events and potentially also prediction of future behavior.
Last year we had our first discussion of risk and value related to IoT. Over the last 12 months we have gone from “What is this IoT?” to IoT becoming a driver of digital transformation. All of the major platform (PaaS) players have made IoT a key part of their strategies. In this session Jackson will highlight how the IoT landscape has changed from a risk & security perspective for both consumers and enterprises, how it is driving digital transformation and why it is even more important for you to be planning your IoT strategy now.
The Cloud is turning out to have important “emergent properties” – features not previously observed in computing systems, never imagined by cloud architects, and not yet widely discussed or understood. They will be key to determining which strategies prevail in meeting cloud era challenges. Kim Cameron discusses how this impacts the world of identity – leading to better applications and simpler identity solutions for people and things.
We all understand that the concept of username/password to control access is insecure and out of date in a world where anything is connected and a new approach is needed. But how can we make the password obsolete?
KuppingerCole's Founder and Principal Analyst Martin Kuppinger provides his summary of this year's European Identity & Cloud Conference.
The European Identity & Cloud Awards honor outstanding projects and initiatives in Identity & Access Management (IAM), Governance, Risk Management and Compliance (GRC), as well as Cloud Security. Numerous projects have been nominated by vendors and end-user companies during the last 12 months. Winners have been chosen by KuppingerCole Analysts among the most outstanding examples of applications and ideas in the areas of IAM, GRC, and Cloud security. Do not miss this glamorous ceremony where KuppingerCole honors the winners of seven categories and one Special Award.
Thank you for attending the European Identity & Cloud Conference 2016. See you next year!
The cloud is coming to your business, like it or not. With cloud-based systems come inherent challenges. These are further complicated as personal data subject to privacy regulation inevitably moves into the cloud. This combination, putting private information into the cloud, creates risk which must be understood and managed. Is data privacy in the cloud a business issue? We will de-mystify the complexity of cloud-based systems and their inherent risks, enabling appropriate technical and administrative safeguards to be put in place.
Don’t only survive the Digital Transformation. Become the Transformational Leader.
There rarely has been so much disruptive change driven by innovations in IT ever before. Distributed Ledgers and Blockchain are at the forefront of these changes and will massively impact the business models of many organizations, well beyond the Finance industry and FinTechs. IoT is becoming a standard element, closely connected to Smart Manufacturing and Industry 4.0. Again, business processes and business models will change massively in the hyper connected world.
We see a development towards the open enterprise with multiple access points to critical information. At the same time, customers and consumers want to make sure their information is kept confidential and secure. As result, there is an increasing focus on identity and access management. Cyber security and data privacy have become an imperative for any organization.
Governments can use policy to drive market behavior. When it comes to the issue of Trust, those policies have been on the increase globally. The EU PSD2, Network and Information Security (NIS) Directive and General Data Protection Regulation (GDPR) combined with the US Cyber Threat Info Sharing are just some examples.
Remember when we used to pay for a TCP/IP stack? It’s hard to believe that companies used to pay for networking stacks, but we did. And once network stacks became free, the networking profession didn’t die out… instead it flourished. Today, the identity industry is going through a similar transformation, one which will present a series of moments upon which we must capitalize.
Everyone operates on the risk-reward continuum. It's true for CEOs, CMOs, CPOs, CIOs...and consumers. What does this mean for each of them in a digitally connected world, when the lines have blurred not only between organization A and organization Z, but also between cars and clouds, washing machines and webs, cradles and cybernets? With new consent regulations, standards, and tools on the scene, now is the time to think strategically about solutions that don't force awkward compromises when it comes to privacy, business growth, and consumer trust.
People are the weak link in security. Most data breaches start with bad actors using stolen user credentials and this is fundamentally an identity problem. For too long Identity & Access Management has been viewed as silo often walled off from the security group but this must change. Now, more than ever Identity & Access Management must be viewed as a key security control that can help minimize and mitigate security intrusions.
It is probably the greatest group of current and former analysts with IAM focus from all around the world who will come together for this plenary panel at EIC 2016 and discuss the future of identity & access management in the Age of Digital Transformation, where agility is key and cyber threats increase pressure on the availability of solid and reliable identity services and processes.
Tune in to PATECCOs interview with Martin Kuppinger in regards to managing Customer and Partner Identities in a hybrid world.
Listen to some Do’s and Don’ts out of previous projects.
Security is as Security does. It is it’s own benefit and it’s own justification. We need to use shock and awe tactics to get the business to do what we want to ensure the security of the business.
Right?
NO! We are not the special flower of the business, we are just one part of it, working in harmony with the others. We help the business do more, better, and for less just like everyone else. So if we can’t shock and awe, and if we no longer have special privileges, how can we be more effective?
Trust always involves some level of vulnerability on the actions of another. When we trust others, we are relying on them and consequently we are making ourselves more vulnerable. A bit naively, some scholars argue that trust decisions are based on a cost/benefit analysis, which is maybe theoretically true but it rarely happens in real life. In reality, many other elements play an important role, and they are critical in the case of the blockchain. "In a wilderness of mirrors. What will the spider do?" (Gerontion, T.S. Eliot 1920)
New thinking is required with regards to identity management for forced migrants and the role supranational institutions can play to help solve some of the problems regarding aid distribution and settlement.
When cyber attackers can bring down something as impactful as the power grid, the way we think about security needs to change.
Michael Kleist of CyberArk explains more.
The European Identity & Cloud Conference 2016, taking place May 10 – 13, 2016 at the Dolce Ballhaus Forum Unterschleissheim, Munich/Germany, is Europe’s leading event for Identity and Access Management (IAM), Governance, Risk Management and Compliance (GRC), as well as Cloud Security. For the 10th time KuppingerCole brings together exhibitors and more than 600 participants including most of Europe’s and the world’s leading vendors, end users, thought leaders, visionaries and analysts.
