Gartner Blog Network

Mark Diodati
Research VP
12 years at Gartner
27 years IT industry

Mark Diodati is a Research Vice President with Gartner's IT Professionals research and advisory service. His focus topics include IoT, IaaS, authentication, hybrid and cloud identity, and API identity service (e.g., OAuth, OpenID Connect and SCIM).Read Full Bio

Dialoguing about SCIM

by Mark Diodati  |  February 23, 2012

Gartner’s Identity and Privacy Service (IdPS) has closely tracked provisioning standards since 2003. I published our first research document on Service Provisioning Markup Language (SPML v2) in early 2006. Additionally, I published a realistic assessment of developing an SPML service in early 2010. A few months later, I worked with industry leaders to publish a […]

Read more »

Commentary on Centrify’s new MDM product

by Mark Diodati  |  February 19, 2012

Industry analysts discuss emerging concepts and current events with journalists. We are misquoted more than you might think (or we would like). Sometimes the misquote is minor. On occasion, the statement attributed to us differs materially from our original statement; we are inclined to speak out and make a correction. Misquotes can be the result […]

Read more »

Déjà Vu – The Sykipot Attack on Smart Cards

by Mark Diodati  |  January 15, 2012

Kelly Jackson Higgins at Dark Reading provides an excellent summary of the Sykipot malware variant attack on smart cards. The malware opens the smart card and uses it for private key signing functions. Signing functions are the backbone of public key technology—they enable users to authenticate to mutually authenticated SSL and Microsoft Windows sessions, for example. […]

Read more »

How Soon is Now: NFC Smartphones and Physical Access Control Systems

by Mark Diodati  |  October 31, 2011

You may have read about a recent pilot at Arizona State University, where 30+ students used their smartphones augmented with NFC (near field communication) to access facilities at the college. Instead of building access cards, the students used their smartphones. The pilot has fueled an already intense industry interest regarding the use of NFC and […]

Read more »

Of Identities, Clouds, and Bridges

by Mark Diodati  |  October 20, 2011

In response to the large number of client inquiries about identity management and the cloud, Gartner has recently published a research document that discusses identity management as a service (IDaaS)—turnkey identity management services that exist in the cloud. In the document (Market Profile: Identity Management as a Service (IDaaS) [subscription required]), I discuss over 20 vendors […]

Read more »

Quest Acquires Symlabs

by Mark Diodati  |  June 6, 2011

Quest is actively building out its identity management product portfolio.  Some notable acquisitions: Vintela (Active Directory Bridge – 2005) Völcker Informatik AG (provisioning/access governance – late 2010) e-DMZ Security—privileged account management – early 2011) Today, Quest announced the acquisition of Symlabs, a vendor with virtual directory and federation products. In its early days, virtual directories […]

Read more »

The Seed and The Damage Done: RSA SecurID

by Mark Diodati  |  June 2, 2011

The fallout from the March attack on RSA has arrived. Per the news agencies—and the excellent blog post by Bob Cringely—several large defense contractors (Lockheed Martin, L-3, and potentially Northrop Grumman) were attacked using the information stolen in the March attack. The tokens associated with the stolen information should now be considered compromised. Recent events […]

Read more »

SCIM and the Future of Standards-Based Provisioning

by Mark Diodati  |  May 6, 2011

Here at Gartner/Burton Group, we have been closely tracking identity standards—including Service Provisioning Markup Language (SPML)—since 2003. The standard has some serious flaws, which we have articulated in our research documents and blog posts. In the summer of 2010, the participants at the Gartner Catalyst Conference Standards-Based Provisioning Special Interest Group issued a consensus statement […]

Read more »

Perspectives on OTP Authentication and Migration

by Mark Diodati  |  April 1, 2011

At last measurement, authentication dialogues were 25% of the total number of dialogues in our Identity and Privacy Strategies service. A common dialogue request goes something like this: “We have a one-time password (OTP) authentication solution. We want to evaluate another vendor’s lower cost OTP solution, or a smart card solution for physical and logical […]

Read more »

RSA SecurID: What If?

by Mark Diodati  |  March 22, 2011

While we wait for more information from RSA about the recent attack on its SecurID tokens, I’d like to revisit a potential attack vector that I discussed in my first blog entry on the topic (March 18). The OTP device’s seed and the serial number are present during the manufacturing process. What if the OTP […]

Read more »