21.12.2007 by Martin Kuppinger
There is a broad discussion around the use of identity information at StudiVZ these days. They have changed their agreements with their users and will present personalized adverts. That has lead to an intensive discussion in their user community. Another interesting change can be found at Xing since some two weeks: At the starting page you can now directly see not only the number of new contacts of your contacts (like at LinkedIn) but the names of the new contacts.
I personally found that change a little bit to open. For sure you can look up the contact lists of your contacts as long as they aren’t hidden. But there is a difference between acting actively and this new situation where you are passive. I’m not sure whether I like that – and I doubt that other users are convinced of the value of this change.
But, more important than the question whether I will hide my contacts at Xing as a consequence of this change there is another aspect which is common for both described situations: Social networks are at a critical point. And their next steps will influence the future not only of some single social networks but of the approach in general.
Read the rest of this entry »
19.12.2007 by Martin Kuppinger
Recently I complained about the insufficient use of existing technologies. But there are some out there who do a better job. Sailpoint is one of these vendors. They are, together with some few others like Aveksa, in the process of establishing the new market segment of “Identity Risk Management”. That is a discipline within GRC which deals specifically with risks which are in some way or another identity-related – which are most of the risks, by the way. It’s about answering questions like “who is allowed to do what”, but in detail and not only high-level. And with a high degree of automation.
And they do it by using Business Intelligence and Data Warehouse technologies. Thus, they don’t reinvent something on a lower level but make use of existing technologies. The result is an appealing application which obviously is build on some strong kernel of technology.
Another interesting thing about Sailpoint is that there are several well-known guys from the IAM market – some of the founders and early employees of Waveset are no part of Sailpoint. That obviously means that they understand a lot about Identity Management and that they also understand what the customers need beyond provisioning.
Thus, having a look at companies like Sailpoint and Aveksa and the entire new descipline of Identity Risk Management is a must. And, no surprise: Identity Risk Management will be an important topic at our European Identity Conference 2008.
12.12.2007 by Martin Kuppinger
Recently I’ve posted on my view of the CIO’s agenda. There are a clear reasons why these four key topics are relevant. What drives business?
- Earning money, e.g. revenues.
- Optimizing costs, e.g. optimizing the gap between income and costs and thus the net income.
- Avoiding problems and penalties.
Earning moneys requires that a business is flexible enough to adopt to a changing competitive/market environment and to react fast.
Optimizing costs is about efficient internal structures.
Avoiding problems and penalties is about Corporate Governance and the entire GRC field (Governance, Risk Management, Compliance).
For IT, flexibility requires as well the ability to change and add new internal business processes as to efficiently support M&A as well as disinvestments. That’s what I’ve meant with business support – IT has to ensure the required flexibility.
Cost optimization in the IT context is about independence, accountability, and the business support (being able to flexibly support changes in an optimal manner includes doing it with optimized costs).
And GRC requirements from a business perspective have a clear counterpart with IT Governance and the related GRC topics.
If you look on it the other way round, e.g. what is required by IT to fulfill the three mentioned core business drivers there isn’t anything missing in the four core initiatives at the CIO agenda.
Unfortunately, it is much easier to have this high level view than to really implement an IT structure and infrastructure which brings these initiatives to live. But keeping the CIO initiatives as well as the leading business drivers in mind will definitely help to streamline investments as well as the IT organization.
12.12.2007 by Martin Kuppinger
One of the IT market segments I’m observing for a quite long time ist the System lifecycle management market, including software distribution, OS installation, inventory, patch management and some other technologies. There are few segments which are that crowded. If I count the vendors/brands which compete in the central European region I end up with something aroung 20 at least. Given this number of competitors it is obvious that not all of them will survive. There will be the big ones to survive – and there will be the smart ones.
Read the rest of this entry »
07.12.2007 by Martin Kuppinger
The topic I discuss probably most often as well with vendors and system integrators as with end users is how to sell IAM. The problem behind this is that IAM is mainly seen as an infrastructure element (which IAM is). The potential business value is often quite unclear, as well as many people just don’t know that they need IAM even because they are using different terms. The CRM don’t see their system in the context of IAM even while it’s the biggest identity store in most companies – just an example.
One thing I’m intensively working on is a business-related argumentation which starts with the business problem and ends with IAM – and not the other way round, like it is done in most cases. The other aspect which came into my mind is to sharpen the relationship between IAM and the CIO’s agenda. The first step in this is to have a look on the CIO agenda – what shall be on that agenda (which are not necessarily the same issues that are on the agenda today).
Read the rest of this entry »
03.12.2007 by Martin Kuppinger
This afternoon I had an analyst briefing with one of the vendors which offspring the market segment formerly known as system management which is usually defined today as client or system lifecycle management. This change has been definitely necessary because system management covered a very broad range of different technologies.
But the system lifecycle management segment, which exists for a while, is as well pretty heterogeneous. There are vendors which still mainly support software distribution, OS installation, patch management, and some other administrative functionalities. There are vendors which are moving towards the security market, like LANdesk with their NAC products or Symantec. Many vendors are adding license management capabilities and move towards the ITSM (IT Service management market) or at least to some part of this market – Enteo/Frontrange as one example – whereas others set their focus on compliance and related topics. The borderlines aren’t always clear. There are many vendors which claim to support license compliance. But there are few which really cover all the details of licenses and which integrate their license compliance tools as well with asset management and automated inventory services as with contract management. In this area you’ll find Managesoft as well as Brainware.
But even for these vendors, there’s the question about how long the niche will exist. The approach of ManageSoft is pretty interesting. They are providing a strong technical integration with the inventory and asset management as well as a dashboard for the business user and IT management. Thus, they might move towards more controls they support in this “compliance dashboard”, they might add risk management functionality or they might do both.
But ManageSoft, like every other vendor who has successfully done the step beyond the administration-focused system lifecycle management, will always have to find new niches fast – because other companies will enter interesting market segments and because the big BSM players always will try to position their solution as the “swiss army knife” you can use for everything.
My observations of the vendors in the system management space over the last years are, that there are some vendors which are able to reinvent themselves. There are vendors who try to grow through acquisitions – not always successful. There are the big ones which sometimes struggle when it comes to the details and still need support of smaller specialists who are able to fulfil the customer’s demand in the context of an enterprise framework. And there are many companies which are neither able to reinvent themselves (at least not fast and innovative enough) nor to grow through acquisitions. In a market segment like system lifecycle management with more than 20 active competitors in Europe – not counted the ones in other areas – the ability to move forward is one of the most important aspects for product decisions. It is because the ones who aren’t innovative are the ones who will in the best case become acquisition targets and in the worst case just will disappear.
Thus, it isn’t done with re-positioning in a newly “invented” market segment which is just a new name for something existing. It is about re-inventing the market segment.