How to be successful in Europe

21.03.2008 by Martin Kuppinger

In our briefings with US vendors which aren’t that visible in Europe they often claim that they will start to develop the European market soon. Some one or two years later they are still almost invisible in Europe. There are some obviuos reasons why so many US companies fail to succeed in Europe. They can be split in two categories:

  • The products
  • The market development

Regarding the products, it is important to understand that there are other expectations in many European countries than in the US market. Germans tend to look for the perfect solution, very sophisticated and really fulfilling all their needs, while the Americans seem to accept more point solutions which help to solve an existing problem at least at the 80:20 level.

That doesn’t necessarily mean that you need other products for Europe. But US vendors shouldn’t raise expectations to high but be realistic and focus on the business values and quick wins there customers can really achieve. Even while this works in many situations there are market segments with very specific European approaches. Role management, for example, tends to be implemented in Europe with a much stronger methodological approach than in the US – and that is reflected in the products.

Read the rest of this entry »


M-Tech – another interesting player in the IAM market

21.03.2008 by Martin Kuppinger

While M-Tech has a long customer list in northern America there are only a few customers here in Europe – even while M-Tech offers a comprehensive IAM suite. But M-Tech plans to address the European market more actively than before. They might have success if they do it the right way, with building a real presence in different European countries and not constricting their European activities to a one-man-office based in UK, which is the often observed approach of many US companies.

Besides a reasoned approach and some tenacity in addressing the European market(s) the second success factor is the product. M-Tech has improved its product portfolio significantly over the last years. As of now they have a competitive offering in the provisioning space, but as well some interesting add-ons in other areas.

In their early years the product portfolio consisted mainly of ID-Synch and P-Synch for provisioning and password synchronization. Today there are several other components which are offered separately as well as in the form of the M-Tech IDM Suite. There are some features which aren’t mainstream and might be the differentiators to other vendors in the IAM market. ID-Discover as tool for discovering existing accounts with a reconciliation component, P-Synch with its somewhat unique approach to E-SSO or ID-Org as a strong component for mapping organizational structures are just some examples. M-Tech also has some very Active Directory-specific components like ID-Access for Active Directory Group Management.

With their features, their strongly integrated products and the specific Active Directory support I personally rate M-Tech as a vendor for the mid-sized businesses, which are at least in the IAM market (and from my swabian perspective where mid-sized companies are rather big) companies in the 2.000-10.000 employee range. In this market segment IAM adoption is still low but the pressure to implement IAM is increasing. With their integrated approach M-Tech might become an interesting player over here in Europe, given that they are actively enough developing the market and trying to build a strong basis of system integration partners.


Novell releases Identity Manager 3.6 with role-based provisioning module

18.03.2008 by Martin Kuppinger

Novell has finally released its Identity Manager 3.6 with integrated role management. There are two points of view on this new feature:
In comparison to the integrated role management functionalities of other provisioning solutions.

  • In comparison to the role management products out of the greater GRC market segment, including the business role specialists, GRC apps like SAP GRC Access Control or Identity Risk Management solutions.
  • Both are valid approaches, like I’ve written in my other post from today. But it has to be kept in mind that you can’t solve every requirement with one solution – there are some which are best tackled with integrated role management and others which require a solution on top.

The implementation of Novell is pretty good in several areas, but there are also some missing elements. To start with the shortcomings: For example attestation isn’t really solved (by the way attestation is something which requires multiple levels), there are only a few standard reports and defining new approval workflows and making other more fundamental changes requires the not-that-easy-to-use Designer for Identity Manager. Designer for Identity Manager definitely is a great tool, but you really need to invest some time to understand the tool and its concepts.

The positive things are a flexible role model, integrated SoD rules (Segregation of Duties), a flexible concept with roles, policies and workflows which can be easily combined (given that you use the standard workflows or have managed to create new ones with the Designer), and an improved self-service interface, the user application which now is much more mature than for example in Identity Manager 3.0-days.

Thus, Novell has, with its first release, created a role management module which is good while there are better solutions in some (few) other provisioning products. But there is still a lot of work to do for Novell to become leading-edge in the provisioning quadrant. Compared to the GRC tools the dependency to a technical provisioning tool, even with the pretty easy user application, will always be a hurdle. Thus, Novell is competitive in the provisioning segment – but you still have to consider whether that is the right place for your role management (like with any other provisioning product).


Will there still be provisioning products three years from now?

18.03.2008 by Martin Kuppinger

Today, provisioning is the core element of Identity Management. Most of the products which are usually named “Identity Manager” are built around provisioning, with more or less additional features. But will that be still the case some three years from now? There are several trends which will influence provisioning significantly. The most important ones are

These trends will influence the market. One important area is the reuse of existing IT infrastructure components. There are clear advantages of using a standard workflow and business process management instead of proprietary implementations in provisioning products. For example processes can be better managed, integrated with existing supply chains and easily transferred to other systems.

Read the rest of this entry »


Services
© 2014 Martin Kuppinger, KuppingerCole