Compliance requirements of large enterprise customers are too complex to satisfy with organically grown role management software. As a result, it appears that the role management acquisition storm is starting. With BridgeStream acquired by Oracle and now Vaau by Sun, enterprise role maintenance is finally coming of age and will be part of Sun's Identity Management portfolio. Vauu's large number clients will continue to demand vendor agnostic solutions from RBACx, and although Sun has traditionally been one of the strongest players in the market of multi-OS vendors, it remains to be seen how Sun will handle the multiplatform challenge and keeping RBACx alive non-Sun operating systems. System integrators now have one less choice for picking an independent role magagement vendor. Eurekify, BHOLD, and Omada will likely now to receive acquisition offers from other large IAM suite vendors trying to complete their provisioning role management portfolio.
The consolidation of the IAM market is not a new phenomenon and has been following the following pattern: a large software company with a follower IAM product set acquires a smaller IAM vendor with a proven track record to update the IAM product and services portfolio and to secure increased market presence. The acquisition of Securent by Cisco is fairly different and highlights the following trends: 1) Entitlement Management is needed so much by the market that Cisco – even though it has not traditionally been a player in the IAM space – enters the market first with an Entitlement Management product. It is surprising, as only CA has an EM product today – all other IAM vendors are still trying to build their own as the other serious competitors on the EM market, BEA ALES is not for sale as a startup. 2) Entitlement Management may be moving (along with to IAM) to operations and to the network protocol level. In fact, Cisco intends to incorporate the Secucent EMS product into the policy engine of their SONA architecture. Policy Enforcement Points (PEP) are currently implemented at the application endpoint. With this acquisition, in the future customers can implement hybrid PEPs distributed between the network and the application, thus starting to move non-business policy logic into the infrastructure layer.
Backup is a struggle for both enterprises and small and medium businesses. It’s a complex ecosystem of backup software, networks, servers, disk arrays, and tape systems. Most companies report they are having difficulty completing backups in the time available and when backups fail or complete with errors, it’s often very difficult to discover the root cause. Couple those troubles with the fact that the amount of data that you need backed up is growing conservatively at 30% to 50% per year. Aside from these challenges, most companies are also interested in keeping backups longer for version history and companies are interested in the ability to perform much faster restores if they could.
Given the headaches associated with backup, many small and medium business and even some enterprises are choosing to outsource their backups all together to a service provider. There are already numerous players in the marketplace from Evault (which is resold by a number of different service providers) to Iron Mountain, to your telecommunication provider, and to emerging entrants such as Berkeley Data Systems and its Mozy service offering. This opportunity is so huge that even Symantec (which acquired Veritas) launched a beta of its own online backup service called the Symantec Protection Network. EMC’s acquisition of Berkeley Data Systems is just further proof that the online backup market is a huge opportunity.
I’m not usually one for ‘this-could-happen-to-you’ stories, but I’m still having trouble getting over last month’s story about grocery giant Tesco having to turn over 11 million emails to the UK’s Competition Commission for their investigation into possible anti-competitive practices against its suppliers.
Part of a successful Identity Management (IdM) project is a successful role discovery and mapping phase. Many organizations -- after having mapped and optimized their business processes -- turn to role design and management solutions (VAUU RBACx, BHOLD, Oracle's BridgeStream, and others). While these solutions give a great initial insight into the existing role structure, they are not the only source of role interrelationship information. Role design can build
many other sources: demographics mined from helpdesk tickets from users requesting access, job descriptions, quality management systems (it certain cases this is wishful thinking...), and increasingly from Enterprise or Desktop eSSO solutions (PassLogix, ActivIdentity, CA). eSSO solutions store multiple login credentials for users to multiple applications. As such, extracting account linkage, mapping and correlating user IDs between user repositories based
access information built by end-users is much more reliable than any artificial role mining logic, usually based
While I was looking through current offerings in Entitlement Management (EM), I was struck with the questions that will likely be the next logical thoughts in the CIO’s mind after they are sold on the obvious ROI of an EM solution.