Cloud
8/15/2014
02:08 PM
50%
50%

Identity And Access Management Market Heats Up

The past few weeks have seen a number of acquisitions and investments surrounding cloud and on-premises IAM vendors.

It's been a busy week in the identity and access management (IDAM) space.

Earlier this week, IBM announced its acquisition of Lighthouse Security Group, with an eye towards building out its identity management business. In the deal, IBM got a cloud-based platform that includes a suite of functionality based on IBM's Security Identity and Access Management capabilities, including user provisioning, identity life cycle governance, and single sign-on.

But that was not the only acquisition announced this week dealing with identity and access management in the cloud. Kaseya also announced its purchase of Scorpion Software this week, with the goal of delivering Scorpion's AuthAnvil product through the Kaseya cloud.

"I think it's clear there's a lot more interest these days in delivering identity management as a service because it’s a lot less complex," says Garrett Bekker, senior analyst with 451 Research. "You can hand off a lot of the complexity to the service provider and you don’t have to deal with it."

The exact financial details of both the IBM deal for Lighthouse Security Group and Kaseya's acquisition of Scorpion Software were not disclosed.

According to Bekker, the identity management as a service (IDaaS) space is nascent but growing.  

"I think these acquisitions to some extent indicate there's more interest in … managing identity through the cloud," he says. "So I think or we think there's going to be more M&A [merger and acquisition] activity around identity and I think it's fair to say a good portion of that will involve companies who have some way of delivering identity and access management services through a cloud-based model."

Jim Reavis, CEO of the Cloud Security Alliance (CSA), says IAM in the cloud has tremendous market potential as cloud consumers look to federate corporate identity stores with hundreds and even thousands of the cloud services they use. This reality increases the need for strong authentication and identity-aware network security services, he adds.

Beyond IBM's purchase of Lighthouse Security Group and Kaseya snapping up Scorpion Software, the IAM space has seen other significant moves of late as well: Technology investment firm Thoma Bravo agreed to invest in SailPoint, which specializes in identity and access management both in the cloud and on-premises. IBM last month also acquired Italy-based CrossIdeas with the stated goal of delivering next-generation identity and access governance capabilities to combat access risks and segregation of duty violations.

"The addition of CrossIdeas extends IBM’s market share leading portfolio of identity and access management capabilities," says Brendan Hannigan, General Manager of IBM Security Systems, in a prepared statement. "IBM can now provide enterprises with enhanced governance capabilities and transparency into risk from the factory floor to the board room, giving leaders the insight they need to protect their brand and customers."

 

Brian Prince is a freelance writer for a number of IT security-focused publications. Prior to becoming a freelance reporter, he worked at eWEEK for five years covering not only security, but also a variety of other subjects in the tech industry. Before that, he worked as a ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
William L. Lind
50%
50%
William L. Lind,
User Rank: Apprentice
8/16/2014 | 5:18:01 AM
Re: IDAM Identity
The management market heats the target group of people and the target clients. The IBM helps to understand the policy and the strategy by which the customers will get the most possible benefits from this IBM tool. The best paper writing service oceanreview will help to identify the best sites among the tons of the sites available in the market.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/15/2014 | 3:40:19 PM
IDAM Identity
Authentication is one of the key weapons attackers need to move within a network and get to the information they want, so it's interesting that we are seeing so much market activity around identity and access management now. Password problems always get all the attention, but it's the actual provisioning and managing part of user credentials and authorization that are crucial inside an enterprise.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5395
Published: 2014-11-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276 and E3236 TCPU before V200R002B470D13SP00C00 and WebUI before V100R007B100D03SP01C03, E5180s-22 before 21.270.21.00.00, and E586Bs-2 before 21.322.10.00.889 allow remote attackers to hijack the authentication of users ...

CVE-2014-7137
Published: 2014-11-21
Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) contactid parameter in an addcontact action, (2) ligne parameter in a swapstatut action, or (3) project_ref parameter to projet/tasks/contact.php; (4...

CVE-2014-7871
Published: 2014-11-21
SQL injection vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev36 and 7.6.x before 7.6.0-rev23 allows remote authenticated users to execute arbitrary SQL commands via a crafted jslob API call.

CVE-2014-8090
Published: 2014-11-21
The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nes...

CVE-2014-8469
Published: 2014-11-21
Cross-site scripting (XSS) vulnerability in Guests/Boots in AdminCP in Moxi9 PHPFox before 4 Beta allows remote attackers to inject arbitrary web script or HTML via the User-Agent header.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?