Filling the holes: thoughts on an EMC/Courion combo

So RSA’s parent company, EMC has entered into agreement with Courion to offer Courion’s suite of products including:

  • PasswordCourier – password management
  • AccountCourier – user provisioning
  • RoleCourier – role engineering and management
  • ComplianceCourier – policy verification and self-assessment

This, as Ian Yip points out, does fill the gapping hole in the EMC/RSA identity management story left by Oracle purchasing Thor, RSA’s old user provisioning partner.

The other side of this equation is that Courion has lacked a web access management tool.  That is not to say that I think they truly needed one and I applaud Courion for sticking to their knitting and making a really great business/end-user focused suite.  But that being said, they are in Gartner’s leadership quadrant for user provisioning with the big boys, all of whom have WAC/WAM capabilities.  In a toe-to-toe fight against those guys I am sure there are cases where no having a WAM product has hurt them.  (Although people proclaim the identity management suite dead or at least a non-issue, I have to imagine that there are still RFPs out there looking for the whole enchilada no matter how poorly integrated it might be.)  This is the long way around to say that RSA Access Manager (Securant not to be confused with Securent – anyone else confused by this?) helps fill a hole in the Courion family of products.

All in all if EMC were to actually buy Courion, it would be too surprising.  At the very least, it wouldn’t increase employees’ commute to work too much…

ERM and the organization: Kevin’s response

A while back I had commented on consolidation in the role management world.  As I have said before, from product management and marketing perspectives, integrating a role management tool into an existing identity management suite is a no-brainer.  This is not to say that the implementation and deployment are no-brainers as well – so don’t get too excited Greg 😉  What is more interesting is where major vendors like Oracle and Sun will take enterprise roles management.

I had also mentioned that it would be great for Kevin Kampman of Burton to weigh in on the subject, and sure enough, he did.  I am intrigued by his concept of “return on organization.” But to see this return it first requires identity management vendors to share this value proposition with the parts of the enterprise that really care; it forces IdM vendors to sell to “the business.”  Making identity management truly relevant to the entire business has always been one of IdM’s challenges.  Role management does present a new way of taking older topics to a new audience but I wonder if potential customers are ready to hear it.

Congratulations to IBM: Tivoli Identity Manager 5.0 is released!

A hearty congrats to my friends and old co-workers at Tivoli on a job well done.  ITIM 5.0 has been officially released!

Having been part of the beta program, I can say that this is an amazing release.  A great deal of thought and research has gone into ITIM 5.0 and in the bits I have seen, customers are really going to enjoy using it.  Yes, I said enjoy.  The new user interfaces are enjoyable to use.  Amazing and true.

Good work everyone.

The Enterprise Role Management Integration Challenge

Nishant, in a light hearted manner, took my post on Sun acquiring Vaau as a bit of a dare. This is how I responded to his comment:

Since I don’t believe that ERM is an end in and of itself, I am more curious where the market and technology will go now that two “suite” vendors have made acquisitions. If, by orchestrating some sort of challenge between Oracle and Sun to integrate and innovate, I can help move things along, then yes, by all means, consider it a challenge. Maybe the gang at Burton Group can referee this?

How vendors like Sun and Oracle integrate their ERM acquisitions will have a very tangible impact on the future direction of identity management. Both are in a position to unlock the true value of enterprise role management.

The step of integrating ERM in user provisioning is a no brainer, though it will be interesting to see how fast each vendor can do it. What is more interesting is the step beyond that. I started to ruminate on that before… guess we’ll have to wait and see what comes.

In the meantime, it would be great if someone like Kevin Kampman would weigh in on this.