Perspectives on OTP Authentication and Migration
At last measurement, authentication dialogues were 25% of the total number of dialogues in our Identity and Privacy Strategies service. A common dialogue request goes something like this: “We have a...
View ArticleSCIM and the Future of Standards-Based Provisioning
Here at Gartner/Burton Group, we have been closely tracking identity standards—including Service Provisioning Markup Language (SPML)—since 2003. The standard has some serious flaws, which we have...
View ArticleThe Seed and The Damage Done: RSA SecurID
The fallout from the March attack on RSA has arrived. Per the news agencies—and the excellent blog post by Bob Cringely—several large defense contractors (Lockheed Martin, L-3, and potentially Northrop...
View ArticleQuest Acquires Symlabs
Quest is actively building out its identity management product portfolio. Some notable acquisitions: Vintela (Active Directory Bridge – 2005) Völcker Informatik AG (provisioning/access governance –...
View ArticleOf Identities, Clouds, and Bridges
In response to the large number of client inquiries about identity management and the cloud, Gartner has recently published a research document that discusses identity management as a service...
View ArticleHow Soon is Now: NFC Smartphones and Physical Access Control Systems
You may have read about a recent pilot at Arizona State University, where 30+ students used their smartphones augmented with NFC (near field communication) to access facilities at the college. Instead...
View ArticleDéjà Vu – The Sykipot Attack on Smart Cards
Kelly Jackson Higgins at Dark Reading provides an excellent summary of the Sykipot malware variant attack on smart cards. The malware opens the smart card and uses it for private key signing functions....
View ArticleDialoguing about SCIM
Gartner’s Identity and Privacy Service (IdPS) has closely tracked provisioning standards since 2003. I published our first research document on Service Provisioning Markup Language (SPML v2) in early...
View ArticleRSA SecurID, Crypto, and Satan’s Computer
You may have read about two recent vulnerabilities associated with RSA authentication products. Last month, a researcher specified how to copy a SecurID software token from one computer to another,...
View ArticleIdentity Management Questions for AWS, Azure and GCP
I am looking forward to the Gartner IAM Summit in Las Vegas next week. In addition to three talks on Office 365 and IaaS, I have curated a panel to discuss the state of identity management within IaaS....
View Article
More Pages to Explore .....