Earl PerkinsIBM’s announcement today of their acquisition of Q1 Labs, a security information and event management (SIEM) company, highlights a growing industry trend that has implications for identity and access management: acquiring tools and services available to support a formal security and IAM ‘intelligence’ practice in an enterprise or on behalf of an enterprise. What has been said in past discussions on this topic bears saying again now to emphasize this trend: the real value that IAM can provide to the business is in the intelligence it generates and owns about identity and access activities and events, not in the control it provides for access. IBM recognizes this with this and earlier acquisitions, Oracle recognizes it here at Open World this week with its emphasis on analytics across the enterprise (including security and IAM), NetIQ with Sentinel and its integration with their IAM portfolio, HP with its acquisition of ArcSight and integration into their security and IAM practices– the list goes on. Other security and IAM vendors in the industry are making similar moves in an effort to look at this as a ‘horizontal’ offering (across security and IAM products) that can be and is initiated as a distinctive practice in client enterprises.
No, they didn’t think of this all on their own. Their clients asked for it. As larger and more sophisticated IAM shops evolved their practice, they realized that without having a continuous stream of intelligence available to them from the processes IAM was involved in, they would be unable to answer important questions regarding matters related to forensics (e.g. detecting and preventing fraud during the access process) or compliance (e.g. providing detailed reports on meeting regulatory requirements as required by government and policy). It wasn’t enough to store identities and attributes, or to log authentication events– some method and tool was also needed to make sense of what was happening, to understand through correlation and analysis of data from a number of different sources the true picture end to end of those activities in identity and access management that occur every day to get work done.
While IAM has its own forensices, analytics, and data collection and correlation tools, to really have this generate the intelligence required for business-level decisions, other inputs, other ‘partners’ are required in the data gathering, correlation, analysis and reporting arena. That’s where someone like Q1 Labs comes in for IBM. IBM already has other tools for this practice from previous acquisitions (e.g. Internet Security Systems), Q1 Labs will provide another in their portfolio to offer experienced security and IAM shops the means to use identity and access intelligence effectively in decision-making.
Category: IAM Tags:
1 response so far ↓
1 Alexander October 13, 2011 at 6:48 am
Interesting post!! I really like this site, and hope you will write more, thanks for your information.