Cloud
8/15/2014
02:08 PM
50%
50%

Identity And Access Management Market Heats Up

The past few weeks have seen a number of acquisitions and investments surrounding cloud and on-premises IAM vendors.

It's been a busy week in the identity and access management (IDAM) space.

Earlier this week, IBM announced its acquisition of Lighthouse Security Group, with an eye towards building out its identity management business. In the deal, IBM got a cloud-based platform that includes a suite of functionality based on IBM's Security Identity and Access Management capabilities, including user provisioning, identity life cycle governance, and single sign-on.

But that was not the only acquisition announced this week dealing with identity and access management in the cloud. Kaseya also announced its purchase of Scorpion Software this week, with the goal of delivering Scorpion's AuthAnvil product through the Kaseya cloud.

"I think it's clear there's a lot more interest these days in delivering identity management as a service because it’s a lot less complex," says Garrett Bekker, senior analyst with 451 Research. "You can hand off a lot of the complexity to the service provider and you don’t have to deal with it."

The exact financial details of both the IBM deal for Lighthouse Security Group and Kaseya's acquisition of Scorpion Software were not disclosed.

According to Bekker, the identity management as a service (IDaaS) space is nascent but growing.  

"I think these acquisitions to some extent indicate there's more interest in … managing identity through the cloud," he says. "So I think or we think there's going to be more M&A [merger and acquisition] activity around identity and I think it's fair to say a good portion of that will involve companies who have some way of delivering identity and access management services through a cloud-based model."

Jim Reavis, CEO of the Cloud Security Alliance (CSA), says IAM in the cloud has tremendous market potential as cloud consumers look to federate corporate identity stores with hundreds and even thousands of the cloud services they use. This reality increases the need for strong authentication and identity-aware network security services, he adds.

Beyond IBM's purchase of Lighthouse Security Group and Kaseya snapping up Scorpion Software, the IAM space has seen other significant moves of late as well: Technology investment firm Thoma Bravo agreed to invest in SailPoint, which specializes in identity and access management both in the cloud and on-premises. IBM last month also acquired Italy-based CrossIdeas with the stated goal of delivering next-generation identity and access governance capabilities to combat access risks and segregation of duty violations.

"The addition of CrossIdeas extends IBM’s market share leading portfolio of identity and access management capabilities," says Brendan Hannigan, General Manager of IBM Security Systems, in a prepared statement. "IBM can now provide enterprises with enhanced governance capabilities and transparency into risk from the factory floor to the board room, giving leaders the insight they need to protect their brand and customers."

 

Brian Prince is a freelance writer for a number of IT security-focused publications. Prior to becoming a freelance reporter, he worked at eWEEK for five years covering not only security, but also a variety of other subjects in the tech industry. Before that, he worked as a ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
William L. Lind
50%
50%
William L. Lind,
User Rank: Apprentice
8/16/2014 | 5:18:01 AM
Re: IDAM Identity
The management market heats the target group of people and the target clients. The IBM helps to understand the policy and the strategy by which the customers will get the most possible benefits from this IBM tool. The best paper writing service oceanreview will help to identify the best sites among the tons of the sites available in the market.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/15/2014 | 3:40:19 PM
IDAM Identity
Authentication is one of the key weapons attackers need to move within a network and get to the information they want, so it's interesting that we are seeing so much market activity around identity and access management now. Password problems always get all the attention, but it's the actual provisioning and managing part of user credentials and authorization that are crucial inside an enterprise.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8802
Published: 2015-01-23
The Pie Register plugin before 2.0.14 for WordPress does not properly restrict access to certain functions in pie-register.php, which allows remote attackers to (1) add a user by uploading a crafted CSV file or (2) activate a user account via a verifyit action.

CVE-2014-9623
Published: 2015-01-23
OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quote and cause a denial of service (disk consumption) by deleting an image in the saving state.

CVE-2014-9638
Published: 2015-01-23
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.

CVE-2014-9639
Published: 2015-01-23
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.

CVE-2014-9640
Published: 2015-01-23
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
If you’re a security professional, you’ve probably been asked many questions about the December attack on Sony. On Jan. 21 at 1pm eastern, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it.