For Security & Risk Professionals

The Forrester Wave™: Identity And Access Management, Q4 2009

Oracle, CA, And IBM Lead, With Novell And Sun Microsystems Close Behind

by Andras Cser, November 3, 2009

In Forrester's 79-criteria evaluation of identity and access management (IAM) vendors, we found that Oracle, CA, and IBM lead the pack because of a rich IAM portfolio (both organically developed and acquired), an understanding of a rapidly changing market, . . .

For Security & Risk Professionals

Oracle Buys Sun Microsystems — And Its Identity Management Portfolio

What To Look For From Oracle, And How To Respond

by Andras Cser, October 13, 2009

Oracle's acquisition of Sun Microsystems' identity management (IAM) portfolio was largely unintended — the assets that lured Oracle to buy Sun were Java and its hardware business. Once the acquisition closes, Forrester expects that Oracle will migrate . . .

For Security & Risk Professionals

Case Study: Ingres Takes Advantage Of Identity Management In The Cloud

by Andras Cser, August 14, 2009

Ingres, an open source database software and support services provider, knew that it needed to reform its online community by improving its ease of use, particularly in the area of identity management. After deciding to explore the use of a cloud-based . . .

For Security & Risk Professionals

Best Practices: Identity Management In The Cloud

by Andras Cser, August 14, 2009

Many companies are struggling to adopt cloud-based identity and access management (hosted IAM) because they typically end up overscoping this initiative or have a difficult time getting funding for it in the current economic climate. Organizations that . . .

For Security & Risk Professionals

Active Directory Q&A: Demand Rises

Directory Consolidation Saves On Administrative Costs, Eases Provisioning

by Andras Cser, August 11, 2009

For the past 10 years, Active Directory (AD) has remained the backbone of identity infrastructures. Organizations continue to struggle with consolidating AD domains across the enterprise and centralizing ownership for them. Business partners' information . . .

For Security & Risk Professionals

Hosted Identity Is Real — Are You Ready For It?

by Andras Cser, April 17, 2009

Identity and access management (IAM) projects have long been plagued with their long implementation times, high services-to-license ratios, integration challenges, labor-intensive build-out and operations, and long wait times to produce compliance and . . .

For Security & Risk Professionals

Market Overview: Enterprise Role Management

Access Recertification And Role Management Converge, Integrate With Provisioning

by Andras Cser, February 6, 2009

Enterprise role management, role mining, and access recertification help enterprises with maintaining segregation of duties, keeping up with regulatory compliance requirements, and automating role-based provisioning to enterprise applications — even through . . .

For Security & Risk Professionals

Identity And Access Management Mitigates Risks During Economic Uncertainty

Using Identity And Access Management To Protect Your Business

by Andras Cser, January 26, 2009

Any economic downturn brings new risks to your organization. As it becomes clear that your business is struggling, nervous employees who fear downsizing may be tempted to gain unauthorized access to sensitive information stored across applications. Using . . .

For Security & Risk Professionals

Inquiry Spotlight: Identity And Access Management, Q4 2008

by Andras Cser, October 6, 2008

Identity and access management (IAM) continues to be a major topic of interest for security professionals. Between July 2007 and June 2008, Forrester's security and risk management team fielded 1,798 inquiries on a variety of topics — 291 of which were . . .

For Security & Risk Professionals

Best Practices: Enterprise Role Management

by Andras Cser, September 30, 2008

Enterprise role management plays a central role in efficiently managing access rights and enforcing access policies such as segregation of duties (SoD). The processes and tools related to role management consist of role mining and design, recertification, . . .

For Security & Risk Professionals

Case Study: North American Financial Services Company Defines An RBAC Vision And Services

by Andras Cser, August 28, 2008

A North American financial services company implemented the enterprise role management system by first assessing the current situation, laying out a formal role-based access control (RBAC) and governance vision, selecting a role management platform, setting . . .

For Security & Risk Professionals

Privileged User Management Market Overview

Centrally Managing System Administrator And Application Credentials

by Andras Cser, June 30, 2008

Managing privileged users' access to sensitive systems needs to be centralized, policy-driven, and automated: Manual paper- or spreadsheet-based solutions are insecure, expensive, don't scale, and can't be sufficiently audited. Privileged user and password . . .

For Security & Risk Professionals

Forrester TechRadar™: Identity And Access Management, Q2 2008

Market Seeks Solutions That Support Business And IT Flexibility And Compliance

by Andras Cser, June 18, 2008

Identity and access management (IAM) continues to be a fragmented field of disjointed technologies with difficult and expensive implementation cycles and even more costly efforts in the wake of bad technology decisions. Products that give quick answers . . .

For Security & Risk Professionals

Topic Overview: Identity And Access Management

by Andras Cser, April 14, 2008

Identity and access management (IAM) is the entire aspect of maintaining a person's complete set of information, spanning multiple identities and establishing the relationship among these various identities with the goal of improving data consistency, . . .

For Security & Risk Professionals

Identity-Management-As-A-Service

The Evolution Of Identity Management

by Andras Cser, April 2, 2008

Redesigning the enterprise architecture for identity and access management (IAM) is an important task. As organizations' requirements become more complex, and to keep administrative costs down, IAM functionality needs to be increasingly externalized from . . .

For Security & Risk Professionals

The Forrester Wave™: Identity And Access Management, Q1 2008

Oracle Emerges As Leader, With IBM, Sun Microsystems, Novell, And CA Close Behind

by Andras Cser, March 14, 2008

Forrester evaluated leading identity and access management (IAM) vendors across 117 criteria and found that Oracle has established itself as the IAM market Leader due to its solid technology base across the IAM landscape and its compelling, aggressive . . .

For Security & Risk Professionals

Understanding The Identity Management Market To Make Better Planning Decisions

by Andras Cser, Jonathan Penn, March 6, 2008

Organizations need quantified guidance on how adoption of specific identity and access management (IAM) technologies is succeeding in order to be able to plan their projects. Forrester examined the market adoption and future growth of a broad range of . . .

For B2B Market Research Professionals

Identity Management Market Forecast: 2007 To 2014

Provisioning Will Extend Its Dominance Of Market Revenues

by Andras Cser, Jonathan Penn, February 6, 2008

The identity management — or identity and access management (IAM) — market will grow from nearly $2.6 billion in 2006 to more than $12.3 billion in 2014 (including revenues from both products and implementation services). Provisioning accounts for half . . .

For Security & Risk Professionals

The State Of Federation

by Andras Cser, September 27, 2007

Federated identity is a topic of widespread interest — yet the level of interest outpaces the market's embrace of the technology. Federation's current adoption rate (less than 5%) is indicative of process and technology issues: difficulties in forming . . .

For Security & Risk Professionals

User Account Provisioning For The Midmarket

Why Projects Fail And How To Achieve Success

by Andras Cser, August 20, 2007

Smaller enterprises (those with 1,000 to 5,000 employees) are an underserved market when it comes to user account provisioning. They are large enough to benefit from the efficiencies and controls that the technology provides, but they are not large enough . . .