Cloud
8/15/2014
02:08 PM
50%
50%

Identity And Access Management Market Heats Up

The past few weeks have seen a number of acquisitions and investments surrounding cloud and on-premises IAM vendors.

It's been a busy week in the identity and access management (IDAM) space.

Earlier this week, IBM announced its acquisition of Lighthouse Security Group, with an eye towards building out its identity management business. In the deal, IBM got a cloud-based platform that includes a suite of functionality based on IBM's Security Identity and Access Management capabilities, including user provisioning, identity life cycle governance, and single sign-on.

But that was not the only acquisition announced this week dealing with identity and access management in the cloud. Kaseya also announced its purchase of Scorpion Software this week, with the goal of delivering Scorpion's AuthAnvil product through the Kaseya cloud.

"I think it's clear there's a lot more interest these days in delivering identity management as a service because it’s a lot less complex," says Garrett Bekker, senior analyst with 451 Research. "You can hand off a lot of the complexity to the service provider and you don’t have to deal with it."

The exact financial details of both the IBM deal for Lighthouse Security Group and Kaseya's acquisition of Scorpion Software were not disclosed.

According to Bekker, the identity management as a service (IDaaS) space is nascent but growing.  

"I think these acquisitions to some extent indicate there's more interest in … managing identity through the cloud," he says. "So I think or we think there's going to be more M&A [merger and acquisition] activity around identity and I think it's fair to say a good portion of that will involve companies who have some way of delivering identity and access management services through a cloud-based model."

Jim Reavis, CEO of the Cloud Security Alliance (CSA), says IAM in the cloud has tremendous market potential as cloud consumers look to federate corporate identity stores with hundreds and even thousands of the cloud services they use. This reality increases the need for strong authentication and identity-aware network security services, he adds.

Beyond IBM's purchase of Lighthouse Security Group and Kaseya snapping up Scorpion Software, the IAM space has seen other significant moves of late as well: Technology investment firm Thoma Bravo agreed to invest in SailPoint, which specializes in identity and access management both in the cloud and on-premises. IBM last month also acquired Italy-based CrossIdeas with the stated goal of delivering next-generation identity and access governance capabilities to combat access risks and segregation of duty violations.

"The addition of CrossIdeas extends IBM’s market share leading portfolio of identity and access management capabilities," says Brendan Hannigan, General Manager of IBM Security Systems, in a prepared statement. "IBM can now provide enterprises with enhanced governance capabilities and transparency into risk from the factory floor to the board room, giving leaders the insight they need to protect their brand and customers."

 

Brian Prince is a freelance writer for a number of IT security-focused publications. Prior to becoming a freelance reporter, he worked at eWEEK for five years covering not only security, but also a variety of other subjects in the tech industry. Before that, he worked as a ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
William L. Lind
50%
50%
William L. Lind,
User Rank: Apprentice
8/16/2014 | 5:18:01 AM
Re: IDAM Identity
The management market heats the target group of people and the target clients. The IBM helps to understand the policy and the strategy by which the customers will get the most possible benefits from this IBM tool. The best paper writing service oceanreview will help to identify the best sites among the tons of the sites available in the market.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/15/2014 | 3:40:19 PM
IDAM Identity
Authentication is one of the key weapons attackers need to move within a network and get to the information they want, so it's interesting that we are seeing so much market activity around identity and access management now. Password problems always get all the attention, but it's the actual provisioning and managing part of user credentials and authorization that are crucial inside an enterprise.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5208
Published: 2014-12-22
BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authentication, which allows remote attackers to read arbitrary files via a RETR operation, write to arbit...

CVE-2014-7286
Published: 2014-12-22
Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors.

CVE-2014-8015
Published: 2014-12-22
The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remote authenticated users to obtain access to an arbitrary sponsor's guest account via a modified HTTP request, aka Bug ID CSCur64400.

CVE-2014-8017
Published: 2014-12-22
The periodic-backup feature in Cisco Identity Services Engine (ISE) allows remote attackers to discover backup-encryption passwords via a crafted request that triggers inclusion of a password in a reply, aka Bug ID CSCur41673.

CVE-2014-8018
Published: 2014-12-22
Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCur19651, CSCur18555, CSCur1...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.