Click on the slide!

PCI 3.0 and VISA in 2015

Live Webcast!             Join our expert roundtable as we give some tips to prepare for PCI DSS 3.0 and…

Click on the slide!

Securing Payments in 2015

Live Webcast!             Join us as we explain how to implement EMV, End-to-end encryption (E2EE), and Tokenization.

Frontpage Slideshow (version 2.0.0) - Copyright © 2006-2008 by JoomlaWorks
Martin Kuppinger
KuppingerCole

  • Minimal disclosure becoming reality
    This week, the EU-funded project ABC4Trust, led by Prof. Dr. Kai Rannenberg, Goethe University Frankfurt, announced that they successfully implemented two pilot projects. The target of the project has been what Kim Cameron in his Seven Laws of Identity has defined as law #2, “Minimal disclosure for a constrained use”. It also observes law #1, […]

  • How CSPs could and should help their EU customers in adopting the Cloud
    Many customers, especially in the EU (European Union) and particularly in Germany and some other countries, are reluctant regarding cloud adoption. There are other regions with comparable situations, such as the Middle East or some countries in the APAC region. Particularly public cloud solutions provided by US companies are seen skeptical. While the legal aspect […]

  • Seven Fundamentals for Future Identity and Access Management
    Identity and Access Management is changing rapidly. While the traditional focus has been on employees and their access to internal systems, with an emphasis on the HR system as the leading source for identity information, Identity Management has to address a far more complex environment today. Over the past several years, we have already seen […]

  • Read your cloud contract well: Your cloud service might become disruptive to your business
    There is a lot of talk about disruptive technology and disruptive innovation – not only in the context of fundamental technology changes, but also in the context of innovating your business by being disruptive. Cloud Computing has a potential for fostering such innovation in business, for various reasons: It makes IT services available to organizations […]

  • Amazon opens data center in Germany
    Today, AWS (Amazon Web Services) announced the opening of their new region, located in Frankfurt, Germany. The new facilities actually contain two availability zones, i.e. at least two distinct data centers. AWS can now provide a local solution to customers in mainland Europe, located close to one of the most important Internet hubs. While on […]

  • Mobile, Cloud, and Active Directory
    Cloud IAM is moving forward. Even though there is no common understanding of which features are required, we see more and more vendors – both start-ups and vendors from the traditional field of IAM (Identity and Access Management) – entering that market. Aside from providing an alternative to established on-premise IAM/IAG, we also see a […]

  • SAP enters the Cloud IAM market – the competition becomes even tougher
    The market for Cloud IAM and in particular Cloud User and Access Management – extending the reach of IAM to business partners, consumers, and Cloud applications through a Cloud service – is growing, both with respect to market size and service providers. While there were a number of start-ups (such as Ping Identity, Okta and […]

  • From preventive to detective and corrective IAM
    Controls in security and GRC (Governance, Risk Management, and Compliance) systems are commonly structured in preventive, detective, and reactive controls. When we look at IAM/IAG (Identity and Access Management/Governance), we can observe a journey from the initial focus on preventive controls towards increasingly advanced detective and corrective controls. Initially IAM started with a preventive focus. […]

  • Can EU customers rely on US Cloud Providers?
    The recent US court decision has added to the concerns of EU customers (and of other regions such as APAC) regarding the use of Cloud services from US-based providers. The decision orders Microsoft to turn over a customer’s emails stored in Ireland to the US government. The decision required the company to hand over any […]

  • IBM to acquire CrossIdeas – further expanding its IAM/IAG portfolio
    A while ago I blogged about IBM being back as a leader in the IAM/IAG (Identity Access Management/Governance) market. Today the news that IBM is to acquire CrossIdeas, an Italian vendor in the Access Governance market, hit the wire. CrossIdeas is a key player in Access Governance in its home market, but also had some […]

  • More questions IAM buyers should ask
    Earlier this year, I published the Buyer’s Guide: Access Governance and Provisioning. That document provides condensed information about key selection criteria for Identity Provisioning and Access Governance products, while also posing questions that buyers should ask of vendors. I focused on “top 10 non-functional selection criteria” or “top 10 questions to ask the vendors”. As […]

  • Extending your Active Directory to the Cloud
    Most organizations have a Microsoft Active Directory in place. The Active Directory (or, in short, AD) builds the foundation of their on-premises infrastructure for managing users, performing their primary network authentication and authentication to AD-integrated applications such as Microsoft Exchange Server, and some network infrastructure services including client configuration management based on Group Policies. AD […]

  • Dynamic Authorization Management and ABAC: The journey is the reward
    Chinese philosopher Confucius is said to be the originator of the saying “the journey is the reward”. What does it mean? In its historic meaning, it says that by moving forward people will benefit, even while they might not reach perfection. Applied to projects, it means that continuous improvements, new understandings and small successes over […]

  • How to identify attacks? Know your enemies – and what they already might do.
    In a panel discussion I had at EIC 2014 with Roy Adar, Vice President of Product Management at CyberArk, Roy brought up an interesting number: according to research, attacks start on average 200 days before they are detected. Taking into account the Gaussian distribution behind this average, some attackers might have been active for years […]

  • The Future of Corporate IT
    When looking at today’s IT, it is driven by some major evolutions. Everything which is done in IT has to take these evolutions into account. One is Social Computing. The second evolution is Mobile Computing. The third evolution is Cloud Computing. All these trends affect IT fundamentally. The consumerization and deperimeterization of IT are logical […]