For Security & Risk Professionals

Active Directory Q&A: Demand Rises

Directory Consolidation Saves On Administrative Costs, Eases Provisioning

by Andras Cser, August 11, 2009

For the past 10 years, Active Directory (AD) has remained the backbone of identity infrastructures. Organizations continue to struggle with consolidating AD domains across the enterprise and centralizing ownership for them. Business partners' information . . .

For Security & Risk Professionals

Forrester TechRadar™: Identity And Access Management, Q2 2008

Market Seeks Solutions That Support Business And IT Flexibility And Compliance

by Andras Cser, June 18, 2008

Identity and access management (IAM) continues to be a fragmented field of disjointed technologies with difficult and expensive implementation cycles and even more costly efforts in the wake of bad technology decisions. Products that give quick answers . . .

For Infrastructure & Operations Professionals

The Forrester Wave™: Active Directory Management Solutions, Q4 2007

NetPro And Quest Software Lead, With NetIQ Close Behind

by Christopher Voce, December 6, 2007

Forrester evaluated leading Active Directory management solution vendors across 82 criteria and found that Quest Software and NetPro lead in Active Directory management. Quest provides the most complete set of capabilities across its product suite. NetPro . . .

Justifying E-SSO: Benefits Beyond The Help Desk

Identity Management And Security That Makes Users' Lives Easier

by Jonathan Penn, July 6, 2006

Investment in enterprise single sign-on (E-SSO) delivers much more than tactical help desk returns. Yes, E-SSO improves the user experience in accessing IT systems; but at the same time, it enforces security policies around authentication and facilitates . . .

The State Of FFIEC Compliance: Indecision And Worry

But Consolidation Will Bring Clarity To The Industry's Ultimate Direction

by Jonathan Penn, May 5, 2006

At the half-way point toward the deadline for FFIEC compliance, most banks have not yet acted on selecting, much less implementing, solutions to strengthen online authentication. When it comes to picking a technology to improve online security, banks . . .

Aligning Data Protection Priorities With Risks

by Jonathan Penn, April 13, 2006

In December 2005, Forrester surveyed 83 technology decision-makers about their approaches to securing personal data. Eighty-six percent of companies consider network and system vulnerabilities a high priority in their data protection efforts, and security . . .

VeriSign Goes VIP

A Good Alternative, But Not The Consumer Authentication Panacea

by Thomas Raschke, April 7, 2006

VeriSign recently introduced its VIP service, which includes both a shared two-factor authentication service and a fraud detection service. While the concept is not new, its non-proprietary approach nevertheless holds the potential to provide simple, . . .

Trends 2006: Online Banking Retail Customer Authentication In Europe

by Martha Bennett, March 6, 2006

European banks are continually reviewing the way they authenticate their retail online banking customers and the transactions they make, and many of them are seeking to strengthen existing mechanisms. The approaches banks are taking vary widely, and reflect . . .

Trends 2006: Identity Management

by Jonathan Penn, February 14, 2006

This year, the primary driver for enterprise investment in identity management will shift from compliance to security and, specifically, to information protection. Compliance will continue to strongly influence market direction, but firms will focus on . . .

IBM Addresses Complex Provisioning Needs With Open And Flexible Solution

The Forrester Wave™ Vendor Summary, Q1 2006

by Jonathan Penn, January 30, 2006

IBM Tivoli Identity Manager (TIM) has improved significantly during the past few years. IBM has opened up the product to ease integration and customization; it has also improved the manageability and flexibility of roles, policies, and delegation. This . . .

Hewlett-Packard Offers Standards-Based, Scalable Provisioning

The Forrester Wave™ Vendor Summary, Q1 2006

by Jonathan Penn, January 30, 2006

HP OpenView Select Identity has the foundation to be a market-leading product. It has a near-religious commitment to Java and XML standards, and the architecture has been well proven in several large deployments. The absence of a few key features underscores . . .

Novell Provisioning Excels At Managing Data And Policies

The Forrester Wave™ Vendor Summary, Q1 2006

by Jonathan Penn, January 30, 2006

Novell Identity Manager has solid overall functionality, with notable strengths in data management — thanks to its metadirectory underpinnings. Some of Novell's more advanced workflow and self-service features require a bit more configuration and customization . . .

Microsoft Focuses On Provisioning To Core Infrastructure

The Forrester Wave™ Vendor Summary, Q1 2006

by Jonathan Penn, January 30, 2006

Microsoft Identity Integration Server (MIIS) is a good tool for coarse-level user administration across a fairly narrow set of systems. It represents a simple, low-cost alternative to heavyweight provisioning products for Microsoft-centric environments . . .

Thor Technologies Offers A Standalone, Enterprise-Class Provisioning Solution

The Forrester Wave™ Vendor Summary, Q1 2006

by Jonathan Penn, January 30, 2006

Thor Technologies has one of the most functionally rich solutions of all the provisioning products that Forrester evaluated. Its only weaknesses were Xellerate Identity Manager's lack of a track record in large deployments supporting several hundred thousand . . .

BMC Software Brings Powerful Security And Compliance Features To Provisioning

The Forrester Wave™ Vendor Summary, Q1 2006

by Jonathan Penn, January 30, 2006

BMC Software is far along in its efforts to modernize its provisioning solution. Its new package, BMC User Administration and Provisioning, boasts improvement in the areas of workflow, user administration, and password management. The solution retains . . .

Sun Leads In Provisioning, Offering Both High Functionality And Ease Of Use

The Forrester Wave™ Vendor Summary, Q1 2006

by Jonathan Penn, January 30, 2006

By a large margin, Sun Java System Identity Manager came in as the most function-rich solution in Forrester's evaluations. The product led all of its competitors in several categories: connector functionality, policy management, auditing, and architecture. . . .

CA Provisioning Delivers Strong Auditing And Administration Atop A Robust Architecture

The Forrester Wave™ Vendor Summary, Q1 2006

by Jonathan Penn, January 30, 2006

eTrust Admin is a solid, all-around product — strong on architecture and auditing. The integration of Netegrity's IdentityMinder addresses prior shortcomings in user administration and password management. CA has a rich and unique portfolio of integrated . . .

The Forrester Wave™: User Account Provisioning, Q1 2006

Sun Microsystems Leads In Our Product Evaluation

by Jonathan Penn, January 30, 2006

Forrester evaluated leading user account provisioning vendors across 125 criteria and found that Sun Microsystems is a market leader for a reason — its product delivers superior provisioning functionality with the highest ease of use. BMC Software . . .

Courion Offers An Independent And Highly Interoperable Provisioning Solution

The Forrester Wave™ Vendor Summary, Q1 2006

by Jonathan Penn, January 30, 2006

Courion's Enterprise Provisioning Suite has far more functionality than just the excellent set of self-service features you would expect from a company founded upon password management. But implementing some of these more sophisticated provisioning features . . .

RSA Broadens Positioning With Cyota Acquisition

by Jonathan Penn, January 27, 2006

With the purchase of Cyota, RSA Security will be able to capitalize on the efforts of banks — especially those within the US — to enhance online security. Cyota's lightweight customer authentication solution will also help RSA broaden its positioning . . .

Online Banking Security: Give Customers More Control And Reassurance

by Martha Bennett, January 4, 2006

In their approach to security, many banks fail to take into account one key ingredient that is required for online banking to be successful: the customer. Most current online banking environments miss critical elements that serve to reassure the customer . . .

Oracle Doubles Down On Identity Management

With OctetString And Thor, Oracle Becomes A Major Market Player

by Jonathan Penn, November 17, 2005

With the purchases of Thor Technologies and OctetString, Oracle takes a big position in the identity management market. This long-awaited move poses challenges for Oracle: The apps giant must differentiate itself in a crowded market that includes software . . .

FFIEC Tells Banks To Formally Assess Fraud Risk

No Specific Requirement That Banks Adopt Strong Authentication

by Jonathan Penn, October 25, 2005

The Federal Financial Institutions Examination Council (FFIEC) issued new guidelines on online authentication, acknowledging that passwords are insufficient as the sole means of security. The new guidelines do not mandate any specific technology, but . . .

Strong Authentication And Enterprise Single Sign-On Go Hand In Hand

by Jonathan Penn, September 21, 2005

Use of strong authentication for employees is proliferating, fueled by regulatory and partner security requirements, hackers' exploitation of password weaknesses, and government initiatives around homeland security. The implementation challenges of strong . . .

ActivCard Acquires Protocom: Good Move

Upgrade To Enterprise Single Sign-On Boosts ActivCard's Strong Authentication

by Jonathan Penn, August 1, 2005

The acquisition of a leading enterprise single sign-on (eSSO) vendor gives ActivCard the necessary technical grease to ease its strong authentication solutions into enterprises and government organizations. With eSSO, ActivCard gains a notable advantage . . .