02:08 PM

Identity And Access Management Market Heats Up

The past few weeks have seen a number of acquisitions and investments surrounding cloud and on-premises IAM vendors.

It's been a busy week in the identity and access management (IDAM) space.

Earlier this week, IBM announced its acquisition of Lighthouse Security Group, with an eye towards building out its identity management business. In the deal, IBM got a cloud-based platform that includes a suite of functionality based on IBM's Security Identity and Access Management capabilities, including user provisioning, identity life cycle governance, and single sign-on.

But that was not the only acquisition announced this week dealing with identity and access management in the cloud. Kaseya also announced its purchase of Scorpion Software this week, with the goal of delivering Scorpion's AuthAnvil product through the Kaseya cloud.

"I think it's clear there's a lot more interest these days in delivering identity management as a service because it’s a lot less complex," says Garrett Bekker, senior analyst with 451 Research. "You can hand off a lot of the complexity to the service provider and you don’t have to deal with it."

The exact financial details of both the IBM deal for Lighthouse Security Group and Kaseya's acquisition of Scorpion Software were not disclosed.

According to Bekker, the identity management as a service (IDaaS) space is nascent but growing.  

"I think these acquisitions to some extent indicate there's more interest in … managing identity through the cloud," he says. "So I think or we think there's going to be more M&A [merger and acquisition] activity around identity and I think it's fair to say a good portion of that will involve companies who have some way of delivering identity and access management services through a cloud-based model."

Jim Reavis, CEO of the Cloud Security Alliance (CSA), says IAM in the cloud has tremendous market potential as cloud consumers look to federate corporate identity stores with hundreds and even thousands of the cloud services they use. This reality increases the need for strong authentication and identity-aware network security services, he adds.

Beyond IBM's purchase of Lighthouse Security Group and Kaseya snapping up Scorpion Software, the IAM space has seen other significant moves of late as well: Technology investment firm Thoma Bravo agreed to invest in SailPoint, which specializes in identity and access management both in the cloud and on-premises. IBM last month also acquired Italy-based CrossIdeas with the stated goal of delivering next-generation identity and access governance capabilities to combat access risks and segregation of duty violations.

"The addition of CrossIdeas extends IBM’s market share leading portfolio of identity and access management capabilities," says Brendan Hannigan, General Manager of IBM Security Systems, in a prepared statement. "IBM can now provide enterprises with enhanced governance capabilities and transparency into risk from the factory floor to the board room, giving leaders the insight they need to protect their brand and customers."


Brian Prince is a freelance writer for a number of IT security-focused publications. Prior to becoming a freelance reporter, he worked at eWEEK for five years covering not only security, but also a variety of other subjects in the tech industry. Before that, he worked as a ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
3/13/2015 | 3:18:18 AM
Re: IDAM Identity
You have done really informative post. I think it's a great research on it and you have mentioned some tips regardign research in this post. Keep sharing.
William L. Lind
William L. Lind,
User Rank: Apprentice
8/16/2014 | 5:18:01 AM
Re: IDAM Identity
The management market heats the target group of people and the target clients. The IBM helps to understand the policy and the strategy by which the customers will get the most possible benefits from this IBM tool. The best paper writing service oceanreview will help to identify the best sites among the tons of the sites available in the market.
Kelly Jackson Higgins
Kelly Jackson Higgins,
User Rank: Strategist
8/15/2014 | 3:40:19 PM
IDAM Identity
Authentication is one of the key weapons attackers need to move within a network and get to the information they want, so it's interesting that we are seeing so much market activity around identity and access management now. Password problems always get all the attention, but it's the actual provisioning and managing part of user credentials and authorization that are crucial inside an enterprise.
Register for Dark Reading Newsletters
White Papers
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio