• Governance, Compliance & Risk
• SOA
• Business Information Management
• User Centric Identity
• Cloud Computing
• Identity Federation
• Unified Communications
• Internet Scale Identity
• Mobile Identity
• Identity Driven Security
• Context Based Authentication
• eHealth
• eGovernment
• Automotive & Manufacturing
• Finance

Kuppinger Cole News

• Back to the ROOTs
• Product Research Note: Blackbird Management Suite - 70402
• LinkedIn ? the next bad guy
• Evil, or just different
• 13.03.2012: Access Risks - from SAP to the Outer Space: an Identity & Access Governance Journey

Articles

Mike Small: Is cloud computing worth the hassle? 18.11.2011 Mike Small

Cloud computing provides organisations with an alternative way of obtaining information technology services and offers many benefits including increased flexibility as well as cost reduction. But man many organisations are reluctant to adopt the cloud because of concerns over information security and a loss of control over the way IT services are delivered. These fears have been exacerbated by recent events reported in the press including outages by Amazon and the three-day loss of Blackberry services from RIM. So what approach can be taken to ensure that the benefits of the cloud outweigh the risks? Read the article

Martin Kuppinger: ITIL is good, but IT Service Management is better 12.07.2011 Martin Kuppinger

Service Management and with it the IT Infrastructure Library, or ITIL, is key to bridging the gap between IT users and „IT production“. But as Cloud Computing goes mainstream, it becomes increasingly clear that ITIL alone is not enough. Read the article

Martin Kuppinger: 10 Rules for Securing the Cloud 07.03.2011 Martin Kuppinger

Security is the hottest topic in town when considering moving your business to the Cloud, especially if you plan to use an external provider or, even worse, more than one provider. How do you make sure your data are “secure” out there? Here are ten simple rules to follow in if you want to stay on the safe side of Cloud Computing. Read the article

Sachar Paulus: Opening the Door to Cloud Security 07.02.2011 Sachar Paulus

„Security“ and „Cloud“ are often seen as mutually exclusive. Many CIOs live in fear losing control over their data despite the claims by cloud providers that sensitive information is in fact in safe hands with them. But once data gets replicated, it gets harder and harder to keep them under lock and key. Read the article

Martin Kuppinger: Cloud Computing – Service Integration Smarts for CIOs 10.12.2010 Martin Kuppinger

Cloud Computing is the hot topic in IT and it will remain so, though possibly not under the same name. And while the hype expression may change, Cloud Computing itself is going to fundamentally redefine business IT. And while not every CIO may welcome this development, he or she should prepare themselves for what is clearly going to be the next big step in this industry. Read the article

Sachar Paulus: Without standards for DRM and IRM Cloud Security will remain a daydream 07.12.2010 Sachar Paulus

IT Security in and for the Cloud is one of today’s hottest topics. Unfortunately, it is almost as complicated as the Cloud itself, spanning from Identity Management and logging intelligence to data encryption. This article explores the various scenarios and demonstrates both strengths and weaknesses. Read the article

Tim Cole: Cloud Computing: Thinking inside the box 20.09.2010 Tim Cole

The problem with Cloud Computing is that no two experts can agree what it really is, right? Wrong! As of Sunday evening, we at least have two major players singing from the same psalm book. Read the article

New Survey 27.08.2010 Joerg Resch

All participants of the survey will receive a complementary copy of the survey results report, its key findings and recommendations. Read the article

Sachar Paulus: The new Swift agreement contains the seeds of new security issues 13.07.2010 Sachar Paulus

The European Parliament has passed the controversial new Swift agreement following intense debate aimed at dispelling worries about data protection. In fact, nothing much was changed, and the amount of data to be forwarded to US authorities involved in the “war of terrorism” remains mind-boggling. Read the article

Sachar Paulus: "Cloud-readiness" – What it means for software developers 13.02.2010 Sachar Paulus

Everybody’s up in the air about clouds, but few seem to really know where they’re heading. Most existing applications aren’t ready for the cloud quite yet, especially since the realization seems to be sinking in that building security into the cloud is no trivial pursuit. Read the article

Sebastian Rohr: Virtual (Desktop) Identities 14.01.2010 Sebastian Rohr

I recently took the chance to investigate the virtualization market a bit deeper, namely the market for Virtual Desktops as I have been used to server virtualization and the different flavors thereof for some time. While server virtualization was pretty much straight forward with regard to approach and deployment and those systems – once deployed – had little to no influence on how one runs his environment from a management perspective, Desktop Virtualization does seem to put some new obstacles in the way when it comes to identities, access to resources and management thereof. Read the article

Martin Kuppinger: CapEx and OpEx – the latest thing in IT buzzwords 14.12.2009 Martin Kuppinger

Talking with IT decision makers these days, it seems that two new terms keep cropping up, namely the abbreviations “CapEx” and “OpEx”. They stand, of course, for “capital expenditures” and “operational expenditures”. Both have been borrowed from economic parlance but are now widely used in IT Speak, too. Read the article

Felix Gaehtgens: Novell takes off into the Cloud 18.08.2009 Felix Gaehtgens

Novell has very recently announced a new product entitled "Cloud Security Services" - a comprehensive set of software that allows cloud providers to connect customers to their infrastructure in a safe and efficient way. This product is the first one that is not marketed to enterprises - instead it is sold to cloud service providers, who will license it for their customers. Read the article

Martin Kuppinger: Trends and Threats in Desktop Virtualization 15.05.2009 Martin Kuppinger

Desktop virtualization is clearly a hot topic in IT, but a closer look reveals that some elements are still missing and that in many use cases problems would be better addressed using “classic” technologies such as Client Lifecycle Management and terminal services. Read the article

Martin Kuppinger: Virtualization – changing the IT world 19.12.2008 Martin Kuppinger

Over the last few years, virtualization has become a main topic of IT. Even though it isn’t a new concept, there have been many changes which affect IT in various areas, from data center design and operations to software delivery and future business models. Read the article

Felix Gaehtgens: ArisID is born – a next generation Identity Framework for Developers 15.12.2008 Felix Gaehtgens

The Liberty Alliance has announced the availability of ArisID and Project Aristotle. In a recent Webcast, Oracle’s Phil Hunt presented ArisID and demonstrated its usefulness to software developers. This innovation makes it easier to develop applications that are becoming increasingly less dependent on where identity information is stored, making applications easier to deploy in an identity management infrastructure. Read the article

Felix Gaehtgens: Microsoft’s enters the Cloud Computing market with “Azure” 30.10.2008 Felix Gaehtgens

At the opening keynotes of Microsoft Professional Developer’s Conference 2008, the big news was the introduction of the Azure Services Platform, an internet-scale cloud services platform hosted in Microsoft data centres, which provides an operating system (called Windows Azure) and a set of developer services that can be used individually or in combination. Microsoft’s Ray Ozzie dedicated a good portion of the keynotes to the why, how and when of this new service platform. Read the article

Reports

Vendor Research Note: Oracle Cloud Security - 70160 08.12.2011 Mike Small €195.00

This document is an evaluation of Oracle’s platform for Cloud computing from an information security perspective. Oracle offers a comprehensive set of tools and technologies upon which to build Cloud services. These services which can be built range from IaaS (Infrastructure as a Service) using Oracle VM Server software and Sun hardware through to SaaS (Software as a Service) built upon the Oracle Database technology and Oracle Fusion Middleware. The Oracle platform is based on Oracle Exalogic Elastic Cloud hardware and Oracle Exadata Database Machine. The tools enable Cloud services to be built and configured in a way that meets the key challenges for information security in the Cloud. Oracle also offers “Oracle on Demand” which is a public Cloud service provider for Oracle applications, middleware and database. This service is not covered in this document. Many organizations are moving towards a Cloud model for IT to optimize the procurement of IT ser-vices...

Order the report

Advisory Note: Avoiding Lock-in and Availability Risks in the Cloud - 70171 06.10.2011 Mike Small €295.00

Cloud computing provides an opportunity for organizations to optimize the procurement of IT services from both internal and external suppliers. The Cloud is not a single model but covers a wide spectrum ranging from applications shared between multiple tenants to virtual servers used by a single customer. The risks associated with Cloud computing depend upon both the service model and the delivery model adopted. This document focuses on two specific risks – availability and lock-in. A major objective of IT services is that systems, applications and data are available to authorized users when and where they are needed. Benefits of the Cloud are that, because of its scale, it can potentially deliver services that are more resilient to failure, and more responsive to changing levels of demand. However adopting Cloud computing necessarily cedes some control of some of the IT infrastructure to the Cloud Service Provider (CSP). So how can an organization adopting the Cloud make...

Order the report

Vendor Research Note: Microsoft® Cloud Security - 70126 29.08.2011 Mike Small €195.00

This document is an evaluation of Microsoft’s Windows Azure™ Cloud platform from a security perspective. This platform allows organizations to build Cloud applications which are then hosted in the worldwide network of Microsoft datacenters. It also allows organizations to host existing applications that run under Windows Server 2008 and certain types of data in these Microsoft datacenters. Microsoft has put considerable thought into meeting the security challenges of Cloud computing and incorporated solutions to these challenges in their offering. Many organizations are moving towards a Cloud model to optimize the procurement of IT services from both internal and external suppliers. The Cloud is not a single model but covers a wide spectrum ranging from applications shared between multiple tenants to virtual servers used by a single customer.  The information security risks associated with Cloud computing depend upon both the service model and the delivery model...

Order the report

Advisory Note: Authorization in the Cloud - 70217 14.06.2011 Mike Small €295.00

Authorization covers the processes and technologies concerned with managing, enforcing and auditing the rights of access that individuals have to resources. The essential characteristic of Cloud Computing is that data and resources are held remotely from the users of that data and that access to that data is mainly over the internet.  The need to identify users, to control what they can access, and to audit their activities is even more important when services are being shared over the internet with other organizations. Furthermore the legal and regulatory responsibility for this management remains with the organization owning the data rather than the Cloud provider. It is therefore essential that organizations adopting a Cloud computing approach ensure that the responsibilities, processes, models and technologies for authorization are taken into account when choosing a Cloud Platform or Cloud Provider.

Order the report

Cloud Computing Overview - 70140 06.05.2011 Mike Small €95.00

The Cloud is an environment which allows the delivery of IT services in a standardized way.   This standardization makes it possible to optimize the procurement of IT services from both external and internal providers.   The Cloud covers a wide spectrum from shared applications delivered over the internet to virtual servers hosted internally.  The risks associated with Cloud computing depend upon both the service model and the delivery model adopted.   The common security concerns across this spectrum are ensuring the confidentiality, integrity and availability of the services and data delivered through the Cloud environment. There are several models for Cloud computing and organizations considering a move to the Cloud need to select the appropriate model.  These models range from the Public Cloud – where applications and infrastructure are owned by the provider and made available to a wide range of organizations, through to the Private...

Order the report

Advisory Note: Cloud Computing - Cloud Security Management - 70139 23.03.2011 Mike Small €95.00

The Cloud allows the procurement of IT services from both internal and external suppliers to be opti-mized because the services are delivered through the Internet in a standard way.   The Cloud is not a single model but covers a wide spectrum from applications shared between multiple tenants to virtual servers used by one customer and hosted internally.  The information security risks associated with Cloud computing depend upon both the service model and the delivery model adopted. The common security concerns across this spectrum are ensuring the confidentiality, integrity and availability of the services and data delivered through the Cloud environment. For an overview of Cloud Computing see Kuppinger Cole Research Note #70140 “Cloud Computing Overview”. The approach to managing risks from the perspective of the Cloud service user is one of due diligence – ensuring that the requirements are clearly understood, the risks are assessed, the right...

Order the report

Vendor Report: Symantec Cloud Security - 70115 15.03.2011 Mike Small €95.00

The Cloud is an environment which allows the delivery of IT services in a standardized way.   This standardization makes it possible to optimize the procurement of IT services from both external and internal providers.   The information security risks associated with Cloud computing depend upon both the service model and the delivery model adopted.   The Cloud covers a wide spectrum from shared applications delivered over the internet to virtual servers hosted internally.  The common security concerns across this spectrum are ensuring the confidentiality, integrity and availability of the services and data delivered through the Cloud environment. Symantec™ is a global leader in providing security, storage and systems management.  Symantec’s markets range from consumers, through small to medium businesses to enterprises.  Its stated focus is “to eliminate risks to information, technology and processes independent of the...

Order the report

Product Report: Zscaler Cloud Security 21.12.2010 Alexei Balaganski €95.00

Zscaler is an integrated SaaS solution for web and e-mail security offered by the US-based company of the same name. It provides a cloud platform for anti-malware and anti-spam protection, application control, and data loss prevention. What makes Zscaler stand out their competitors in SaaS security market is that their solution is entirely cloud-based and does not require any extra hardware or software installation. By utilizing a large global network with more than 40 datacenters around the world and optimized and hardened network architecture Zscaler is capable of providing high scalability and near-zero latency even for geographically distributed networks and mobile users. Being an integrated solution for web and email security, Zscaler offers better protection against blended threats typical for modern Internet and also provides a single place for managing policies, single user directory for authentication and consolidated real-time reporting. This further reduces...

Order the report

Vendor Report: CA Technologies Virtualization Security 30.11.2010 Martin Kuppinger €95.00

Virtualization Security is not a single product category but comprises several different types of solutions from different categories, including IAM (Identity and Access Management), information protection, service automation, service assurance, service management, as well as system security solutions for hardening and monitoring resources. In order to be effective, Virtualization Security has to be well planned and requires a set of well-integrated products to provide the right balance between security and risk mitigation on one hand, and costs and complexity on the other. CA Technologies offers a broad range of products which support customers in implementing Virtualization Security. CA Technologies specific strengths are not only that core security is provided but also IT service automation, assurance, management and other areas are covered as well. Furthermore, CA Technologies has clearly understood that Virtualization Security is not just about having yet another security...

Order the report

Trend Report: Desktop Virtualization and VDIs 29.07.2010 Martin Kuppinger €195.00

Desktop Virtualization and VDIs (Virtual Desktop Infrastructures) are key topics for many IT managers and decision makers. However, like with every hype topic, there are shortcomings. Investments in VDIs and Desktop Virtualization thus have to be done carefully, after weighing the opportunities against the risks and the strengths against the weaknesses. From the perspective of KuppingerCole, VDIs will play an important role in the strategy for providing desktops or workspaces to users. However, they are one deployment option amongst others and will co-exist with other deployment options for the foreseeable time. And, even more, it is not only about deploying an environment; it is about managing the environment. This report provides definitions around Desktop Virtualization and VDIs, looks at the drivers for that emerging technology, analyzes approaches for Desktop Virtualization, looks and the management side, and finally gives some strategic advice. The quintessence is that VDIs...

Order the report

A Review of Cloud Business Models and Demonstrations in Finance and Health Clouds 03.05.2010 €30.00

By Victor Chang, Gary Wills and David De Roure This paper reviews current cloud computing business models and presents proposals on how organisations can achieve sustainability by adopting appropriate models. Using the Jericho Forum's Cloud Cube Model (CCM), we classify cloud computing business models into eight types: (1) Service Provider and Service Orientation; (2) Support and Services Contracts; (3) In-House Private Clouds; (4) All-In-One Enterprise Cloud; (5) One-Stop Resources and Services; (6) Government funding; (7) Venture Capitals; and (8) Entertainment and Social Networking. We newly propose the Hexagon Model that includes six key elements for sustainability based on Sun Tzu's Art of War and literature review, and the sixth factor is rated based on case studies and peer reviews. Areas occupied in the Hexagon can represent strengths and weaknesses of a cloud business, and several cases are presented with rationale explained. Apart from the qualitative approach,...

Order the report

Cloud Vendor Report: Amazon 29.10.2009 Martin Kuppinger €95.00

Amazon is widely known as online retailer, having expanded its bookstore business to many other areas over time. Some time ago Amazon has entered the Cloud Computing market. Amazon provides a broad set of services under their label Amazon Web Services (AWS), with the Amazon Elastic Compute Cloud (EC2) as the most popular one. Amazon’s strategy for providing web services based on their own experience in providing highly scalable and reliable services for relatively low cost (which is mandatory for their success in the retail business) appears to be valid. Amazon has managed to become one of the most prominent providers for cloud services and has a somewhat unique positioning especially with their Amazon Elastic Cloud, where they have gained a lot of partners, and – not that well-known – with their eCommerce web  services. We expect Amazon to remain innovative and to build on its position and the momentum of the market they are experiencing. It will be hard to...

Order the report

Business Report: Identity & Security in the Cloud 23.09.2009 Tim Cole €165.00

Cloud Computing ist seit etwa zwei Jahren das Modewort schlechthin in der IT-Branche. Historisch geht Cloud Computing auf verschiedene Ansätze zur externen Bereitstellung von Anwendungen oder Speicherplatz, um die Unternehmens-IT zu entlasten oder sogar ganz zu ersetzen. ASP („Application Service Providing“) wurde bereits in den 90ern mit dem Aufkommen des Internet intensiv diskutiert, entsprechende Angebote scheiterten aber in der Regel an unzureichenden Bandbreiten, mangelnde Zuverlässigkeit sowie Sicherheitsbedenken der Anwender. Nur wenige Dienste wie Salesforce.com konnten sich erfolgreich in ihren Marktsegmenten etablieren. Auch wenn die technischen Voraussetzungen für dezentrale IT-Services zumindest in Bezug auf Bandbreite und Zuverlässigkeit inzwischen gegeben sind, hat Cloud Computing, wie es inzwischen heißt, immer noch mit tiefsitzender Skepsis zu kämpfen, nach dem Motto: „Was man nicht selber macht, wird nichts.“...

Order the report

Cloud Vendor Report: Citrix 18.08.2009 Martin Kuppinger €95.00

Citrix Systems (Citrix) is an established IT vendor which started with Terminal Server products in Windows environments, allowing users to access sessions which are running on a Windows Server remotely. Based on the success of these market-leading technology, Citrix has consequently expanded its portfolio over the course of the years to address as well more complex virtualization and “application delivery” issues as well as to enter the emerging Cloud Computing market. In the latter market, Citrix acts as a virtualization and management infrastructure vendor as well as an online service provider with its Citrix Online division. Citrix is a well-financed, well established vendor who has managed to make the move from their cash-cow business of Terminal Services to virtualization and beyond to solutions which deliver IT environments to the user. Besides this, the company has become a major player in the online services market segment with solutions like GoToMeeting and...

Order the report

Market Report: Cloud Computing 15.07.2009 Martin Kuppinger €165.00

Cloud Computing wird häufig als der Bezug von Diensten aus dem Internet gesehen. Diese Definition ist nach unserer Einschätzung nicht korrekt. Der wesentliche Aspekt des Cloud Computings liegt darin, IT als Services zu betrachten, die flexibel bezogen und konfektioniert werden können, um die Anforderungen des Business zu betrachten. Grundlegend neu ist dabei der flexible Bezug dieser Services, womit IT-Services mehr und mehr zu Ressourcen wie Strom oder Wasser werden, die aus der Steckdose oder dem Wasserrohr bezogen werden. Das gilt natürlich nicht für alle Dienste, weil spezialisierte Dienste auch spezialisierte Anbieter benötigen. Cloud Computing bedeutet aber die Loslösung von der Idee, dass man IT selbst betreibt und den Wechsel hin zu einem Service-Konzept, in dem tendenziell immer weniger Dienste intern erbracht werden, da viele Dienste günstiger und flexibler extern bereitgestellt werden können. Da Dienste aber auch intern...

Order the report

Events

Congress: European Identity & Cloud Conference 2012 17.04. - 20.04.2012 , Munich, Germany

With its world class list of speakers, a unique mix of best practices presentations, panel discussions, thought leadership statements and analyst views, EIC has become an absolute must-attend event for enterprise IT leaders from all over Europe. Information

Webinar: Bridging the Cloud Sign-On Gap 09.02.2012 , 2:00pm CET / 1:00pm GMT

With a plethora of user names and passwords to remember, end users are already frustrated. Adding multiple cloud applications makes it more difficult for end users and increases help desk call volume. Single-Sign on can bridge the gap between the enterprise and the cloud while reducing user frustration. In this webcast KuppingerCole and Oracle will discuss how organizations can benefit from a cloud sign-on strategy. In addition, you will learn how single sign-on can jump start your cloud access management strategy and improve security. Information

Webinar: The Open API Economy - Opportunities and Risks 13.12.2011 , 16:00 CET / 7:00am PT / 10:00am ET / 3:00pm GMT

Three main (business) trends are driving technology in all areas: Social Computing, Mobile Computing and Cloud Computing. Looking behind the curtain, we see that these three trends with strong impact on everything around us are based on yet another trend, which is enabling companies to build their business models on top of services and features available through Open APIs (standardised application programming interfaces through which applications can connect to other applications). The impact of Open APIs on the way we do business is growing so fast, that we have to label it not just as a computing model, but as an emerging economy. In this webinar, KuppingerCole´s Senior Analyst Craig Burton will talk about the opportunities and risks of this Open API Economy, and about the impact it will have for your business. Information

Workshop: Risiko- und Schutzbedarfsanalysen im Cloud Computing 12.10.2011 , 09:00 - 13:00 , Nürnberg

Wertvolles Expertenwissen zum Kernthema Cloud Security bietet Ihnen dieser halbtägige Intensiv-Workshop, den wir Ihnen während der IT-Security Messe it-sa 2011 (11.-13. Oktober 2011, Halle 12 auf dem Nürnberger Messegelände) bieten. Als Teilnehmer dieses Workshops erhalten Sie eine kostenfreie Eintrittskarte zur IT-Security Messe it-sa 2011. Information

Webinar: Thriving in Change - Using Federation and the Cloud to Minimize IT Costs 28.09.2011 , 11:00 CEST

Overcoming the inherent security and identity management challenges is key to a successful move into the cloud. In this webinar, KuppingerCole's Senior Analyst, Sebastian Rohr, will give suggestions for successful adoption of cloud computing that overcome the inherent security and identity management challenges. Sebastian will be joined by Travis Spencer, a Sr. Technical Architect in Ping Identity’s CTO office, who will elaborate on these options, drawing on the lessons learned from the hundreds of Ping Identity customers that have overcome these difficulties. Information

Webinar: A Complete Identity Service Through Virtualization 25.08.2011 , 17:00 CET, 8:00am PDT

In this webinar, directory expert and Senior KuppingerCole Analyst Dave Kearns will explore the challenges of identity integration and how to solve them through identity & context as a service. Dave will be joined by Lauren Selby from Radiant Logic, who will talk about Radiant Logic´s approach to defining an integration layer between internal, "traditional" identity management needs an the new cloud computing challenges. Information

Congress: European Identity Conference 2011 10.05. - 13.05.2011 , Munich

With its world class list of speakers, a unique mix of best practices presentations, panel discussions, thought leadership statements and analyst views, EIC has become an absolute must-attend event for enterprise IT leaders from all over Europe. Information

Webinar: Business-Centric, Cloud-Aware Identity and Access Management 14.04.2011 , 16:00 CET

In this webinar, KuppingerCole´s Principal Analyst Martin Kuppinger will introduce you into the key elements of a future-proof and cloud-ready Identity and Access Management strategy and how to deal with hybrid cloud environments. Following Martin, Ralf Knöringer and Rudolf Wildgruber from Siemens IT Solutions and Services will present case studies and product features of Siemens DirX Identity and DirX Audit and show how to realize an Identity Governance solution that creates business value. Information

Webinar: Using Standards to manage access to SOA and Cloud Services 16.12.2010 , 5:00pm CET, 11:00am EST

In this webinar you learn how a Gateway and a Policy Server work together to apply policies to SOA and Cloud services. These policies control not only who can access the services, but also when they can access the services, how they can use the services, and how the access control decision is made. A best practice framework will be described, which scales to high-volume usage and allows reuse of these policies, promoting efficiency and reducing time-to-market and development costs. Besides KuppingerCole´s Senior Analyst Felix Gaehtgens, who will give an introduction and moderate the webinar, Gerry Gebel, David Brossard (both Axiomatics) and Mark O’Neill (Vordel) will give their view on standards-based policies for SOA and Cloud. Information

Webinar: 5 Key Challenges for Cloud Computing Governance 02.12.2010 , 15:00 CET, 2pm UTC

Cloud Computing is adding a number of challenges to IT governance. In this opening session to the 2010 Kuppinger Cole Cloud Computing Virtual Conference, Martin Kuppinger will talk about the 5 key challenges to be aware of, if you want to extend your IT governance to cloud computing. Information

Webinar: Cloud Computing Risk Areas 02.12.2010 , 16:00 CET, 3pm UTC

Before jumping into the cloud, you should know about the risks, so that you can ask the right questions to your provider. In this webinar session, we will discuss the main risk areas of cloud computing, such as data location, transparency, privileged user access, Recovery and data segregation, and how to keep them under control. Information

Webinar: Privileged Cloud Identity Management 30.11.2010 , 11:00 Uhr

In diesem Webinar wird zunächst Martin Kuppinger von KuppingerCole eine grundlegende Einführung in das Management privilegierter Benutzer im Unternehmen, innerhalb von Outsourcing-Verhältnissen und in der Public Cloud geben. Der Schwerpunkt wird hier insbesondere auf der Frage liegen, welche Anforderungen an einen Public Cloud oder Outsourcing Dienstleister zu stellen sind, damit Ihr internes (PUM) durch die Hinzunahme von Cloud Services nicht kompromittiert wird. Jochen Koehler vom Privileged Identity Management Spezialisten Cyber-Ark wird daran anschliessend einen überaus interessanten Einblick in die Praxis geben und die Strategie seines Unternehmens zur Absicherung Ihrer Cloud-Strategie erläutern. Information

Webinar: Cloud Computing in der praktischen Umsetzung - Ein Leitfaden 18.11.2010 , 10:00 - 10:45

So stark die Resonanz zum Thema Cloud Computing auch sein mag - so klafft doch häufig noch eine starke Lücke zwischen dem Anspruch, die interne IT durch Zugabe von Cloud Services flexibler und kostengünstiger zu gestalten, und der praktischen Umsetzung. Dafür gibt es mehrere Gründe. Einerseits fehlt der Konsens über vertrauensbildende Richtlinien, die das Geschäft zwischen Cloud-Anbietern und den "Konsumenten" von Cloud Services regeln. Andererseits herrscht verbreitet Unsicherheit darüber, wie sich das Cloud Computing auf bestehende Risiken auswirkt und welche neuen Risiken man sich mit der Cloud "ins Haus" holt. In dieser Session beschreibt Martin Kuppinger einen Leitfaden für die pratische Umsetzung Ihrer Cloud Strategie und wird anschliessend Christoph Stoica von Novell in einem Interview zu dessen Erfahrungen befragen. Information

Webinar: Governance, Risk Management & Compliance in der Cloud 18.11.2010 , 11:00 - 11:45

Zwischenzeitlich haben sich sehr viele Unternehmen dafür entschieden, Dienste aus der Cloud zu nutzen. Teilweise auch schon seit Jahren, bevor der Begriff des Cloud Computing überhaupt entstanden war. Wenn es aber um die Verteilung unternehmenskritischer Informationen geht, dann ist die Zurückhaltung sehr viel größer und der Zielkonflikt zwischen einer "Hochverfügbarkeit" von Informationen und deren Sicherheit wird mit dem fortschreitenden Siegeszug des Cloud Computing immer stärker. Für interne Systeme ist ein funktionierender GRC-Ansatz die Regel. Wie aber sieht es in der Cloud aus? In diesem Webinar spricht Martin Kuppinger darüber, wie Sie Ihren GRC-Ansatz erfolgreich in die Cloud bringen. Information

Webinar: Identitäts- und Datenschutz im Cloud Computing 18.11.2010 , 14:00 - 14:45

Unternehmensweit gelten dieselben Sicherheitsrichtlinien, egal von wo aus die Anwender arbeiten und wo die von ihnen genutzten Dienste zur Verfügung gestellt werden. Nahtlose Integration von Cloud Services in das Sicherheitskonzept Ihres Unternehmens und eine Identität für alles, deren Sicherheit dem jeweiligen Kontext angepasst ist. So oder so ähnlich lässt sich eine funktionierende Basis für ein sicheres Cloud Computing mit wenigen Worten beschreiben. In diesem Webinar beschreibt Sebastian Rohr, Senior Analyst bei Kuppinger Cole, wie Sie Ihre bestehende Infrastruktur Schritt für Schritt "Cloud-ready" machen können. Information

Webinar: Authentifizierung in der Cloud - richtig gemacht 18.11.2010 , 15:00 - 15:45

Wenn sich interne und externe Benutzer an Diensten anmelden müssen, die mal in der privaten und mal in der öffentlichen (public) Cloud laufen, wird es auf den ersten Blick viel komplexer, eine verlässliche Authentifizierung durchzuführen. Doch ist das wirklich so? Oder bieten nicht die heute etablierten Technologien wie Identity Federation oder Enterprise Single Sign-On in Verbindung mit neuen Ansätzen wie der kontextbasierenden, flexiblen Authentifizierung nicht Optionen, eine stringente Authentifizierungsstrategie umzusetzen? Martin Kuppinger und Sebastian Rohr von KuppingerCole werden den Status und die Trends für die Authentifizierung in der Cloud analysieren und auf sinnvolle Strategien und ihre Umsetzung eingehen. Information

Seminar: Enterprise Cloud Security Summit 19.10.2010 , 09:45 - 16:00

Innerhalb weniger Jahre hat sich das Cloud Computing zu einem dominierenden Trend entwickelt, der sich zudem wie kaum ein Trend zuvor verändernd auf die IT-Infrastruktur auswirkt. Im Gegensatz zu typischen, Technologie-getriebenen Trends, geht die Nachfrage nach Cloud Computing Services von den Fachabteilungen aus, bisweilen unter Umgehung der "klassischen" internen IT-Infrastruktur. Für die IT-Abteilungen bedeutet dies, einer ganzen Reihe von neuen Sicherheitsrisiken begegnen zu müssen. Im KuppingerCole Enterprise Cloud Security Summit diskutieren erfahrene Analysten mit Ihnen darüber, wie das Cloud Computing den klassischen Security-Ansatz verändert, und wie ein Nebeneinander von internen und externen Services reibungslos funktionieren kann. Information

Webinar: Managing Identities in Hybrid Cloud Environments 17.09.2010 , 15:00 CEST, 1pm UTC, 2pm BST

It is easy to understand, why the cloud computing model appeals to senior executives, as it promises to enable enterprises to rapidly and cost efficiently adapt to changes in their business environment. Agility is key to success, but budgets are tight - that´s where cloud computing scenarios fit in perfectly. Adding cloud services to your existing enterprise IT - how does that fit with your identity management? This is the key question, when it comes to security in such hybrid environments. In this webinar, we will discuss with you about identity infused compliance in hybrid cloud/internal IT environments. Information

Congress: European Identity Conference 2010 04.05. - 07.05.2010 , Munich

With its world class list of speakers, a unique mix of best practices presentations, panel discussions, thought leadership statements and analyst views, EIC has become an absolute must-attend event for enterprise IT leaders from all over Europe. Information

Congress: CLOUD 2010 04.05. - 07.05.2010 , Munich

Kuppinger Cole are proud to announce the Cloud Computing Flagship Event for Europe: CLOUD 2010. Making Cloud Computing work for your enterprise, how to prepare for it and what the risks involved with a cloud strategy are - Join us in Munich for an exciting event beyond the hype. Information

Webinar: Cloud Computing – Opportunities & Risk 26.03.2009 , 17:00 - 17:45

Besides having been around as a buzzword for quite some time now, current economic challenges seem to strongly increase interest in leveraging cloud computing for the enterprise, finding new competitive advantages, and of course reducing investments into internal infrastructures. In this webinar, Martin Kuppinger will discuss with you Kuppinger Cole´s "Roadmap to the Cloud" - a guideline on how to prepare for cloudsourcing initiatives. Information

Seminar: Outsourcing Strategies, SaaS & Cloud Computing 11.12.2008 , Bucharest

As Cloud Computing is starting to become a reality, there is still little awareness on how this technology will impact business models and the way people use technology. All major vendors have delivered their plans for cloud services, applications and platforms, with web-based companies like Google and Amazon holding the lead. The Kuppinger Cole Strategy Briefing on Cloud Computing will define cloud computing and provide you with guidance on how to leverage "external" cloud offerings and internally migrate to cloud-inspired infrastructures. Information

Seminar: Outsourcing Strategies, SaaS & Cloud Computing 05.12.2008 , Amsterdam

As Cloud Computing is starting to become a reality, there is still little awareness on how this technology will impact business models and the way people use technology. All major vendors have delivered their plans for cloud services, applications and platforms, with web-based companies like Google and Amazon holding the lead. The Kuppinger Cole Strategy Briefing on Cloud Computing will define cloud computing and provide you with guidance on how to leverage "external" cloud offerings and internally migrate to cloud-inspired infrastructures. Information

Seminar: Outsourcing Strategies, SaaS & Cloud Computing 28.11.2008 , Istanbul

As Cloud Computing is starting to become a reality, there is still little awareness on how this technology will impact business models and the way people use technology. All major vendors have delivered their plans for cloud services, applications and platforms, with web-based companies like Google and Amazon holding the lead. The Kuppinger Cole Strategy Briefing on Cloud Computing will define cloud computing and provide you with guidance on how to leverage "external" cloud offerings and internally migrate to cloud-inspired infrastructures. Information

Seminar: Outsourcing Strategies, SaaS & Cloud Computing 20.11.2008 , Zürich

Cloud Computing, also die Virtualisierung von Anwendungen, Infrastruktur und ganzen Rechenzentren, wird Geschäftsmodelle und die Art, wie wir Technologien verwenden, fundamental verändern. Denn es trägt einige der drängendsten Anforderungen an eine zukunftsfähige IT in den Genen: Cloud Computing ist flexibel, schnell, erweiterbar, ubiquitär, kostengünstig und grün. Dieses eintägige Kuppinger Cole Strategy Briefing führt Sie in das Konzept des Cloud Computing ein und zeigt Ihnen den Chancen und Risiken dieser grundlegend neuen Form des Outsourcings. Information

Workshop: Outsourcing Strategies, SaaS & Cloud Computing 14.10.2008 , Stuttgart

Cloud Computing, also die Virtualisierung von Anwendungen, Infrastruktur und ganzen Rechenzentren, wird Geschäftsmodelle und die Art, wie wir Technologien verwenden, fundamental verändern. Denn es trägt einige der drängendsten Anforderungen an eine zukunftsfähige IT in den Genen: Cloud Computing ist flexibel, schnell, erweiterbar, ubiquitär, kostengünstig und grün. Dieses eintägige Kuppinger Cole Strategy Briefing führt Sie in das Konzept des Cloud Computing ein und zeigt Ihnen den Chancen und Risiken dieser grundlegend neuen Form des Outsourcings. Information

Past Conference Sessions

Cloud Computing - Answers to 10 Security Questions you Should Ask 04.05.2010 09:00-13:00 Mike Small, KuppingerCole Prof. Dr. Sachar Paulus, KuppingerCole Blake Dournaee, Intel

Cloud computing is a hot topic, but how does an organization using a Cloud service for business critical systems make sure that their information is secure? This pre-Conference workshop outlines the risks involved in Cloud Computing and provides answers to ten information security questions you should ask before starting a cloud computing initiative. Mike Small, Senior Information Security Advisor and Fellow Analyst at Kuppinger Cole, and Kuppinger Cole´s security expert Prof. Dr. Sachar Paulus, will lead you through these questions: HOW IS IDENTITY AND ACCESS MANAGED IN THE CLOUD? WHERE WILL MY DATA BE LOCATED? HOW SECURELY IS MY DATA HANDLED? HOW IS ACCESS BY PRIVILEGED USERS CONTROLLED? HOW IS MY DATA PROTECTED AGAINST PRIVILEGED USER ABUSE? WHAT LEVELS OF ISOLATION ARE SUPPORTED? HOW IS MY DATA PROTECTED IN VIRTUAL ENVIRONMENTS? HOW ARE THE SYSTEMS PROTECTED AGAINST INTERNET THREATS? HOW ARE ACTIVITIES MONITORED AND LOGGED? WHAT KIND OF INFORMATION... View details

Service Oriented Solutions based on Identities within the Austrian Public Administration 07.05.2009 16:30-17:30 MinRat Dr. Oswald Kessler, Ministry of the Interior, Austria

View details

Beyond the Hype - a Strategical Approach to Cloud Computing 06.05.2009 14:00-15:00 Martin Kuppinger, KuppingerCole

Cloud Computing is the next big paradigm shift in IT, like the introduction of PCs or the mass adoption of the Internet. Martin Kuppinger will discuss the trend towards Cloud Computing, provide a structure for the cloud computing market, and will discuss which impacts cloud computing will have on IAM and GRC – and the other way round, e.g. what we need from IAM and GRC for successful Cloud Computing strategies. Given that Cloud Computing is becoming reality, we need secure, stringent approaches for the move towards the "cloud". View details