For decades, identity management has played a major role in enterprise security.But SoMoClo changes it all: as cloud computing, mobile device access and social networking redefine the network boundary, identity is taking center stageThe walled fortress is done:The perimeter is no longer defined by your network and your definition of secure, non-secure, internal or external is irrelevant. With a fluid enterprise, users and the devices used to access your critical data are multiplying. Add virtualization, public, private and hybrid cloud environments to the mix, and you get a Volatile, Uncertain, Complex and Ambiguous (VUCA) network. With less physical control, it's not about securing what's behind your firewall, but securing what's beyond.Status quo not an option:Get identity right and you'll harness the power of these disruptive mega-trends for a competitive advantage. Get it wrong and entering this new world order will be painful, costly and potentially impossible.IDC shows 2010 IAM revenue at $3.7 billion and forecasts that the market will reach $5.5 billion by 2014. This is license and maintenance revenue only and is exclusive of managed service provider revenue (e.g., Accenture and Deloitte). Centrify also plays in the privileged identity management market; IDC sees this is a competitive market within IAM. PIM is critical to companies today as implementation drives the ability to monitor, track, and evaluate how access rights are being used deeper by focusing on the privileged user environment within an organization. PIM is projected to reach $425 million in software revenue by 2015.
Add’l Highlights from Forrester report around ENDPOINT:- Managers and execs are more than twice as likely to use Apple products.- Younger info workers are twice as likely to use Apple products as older ones.- Higher income workers are more likely to use Apple products.Note: The use of Apple products is pretty strong down the income scale. Most of our sample of 10,000 global info workers earns less than $50k, but the adoption rate of Apple products is almost 17% even in the bottom quartile of workers who make less than $12k per year.Info workers in countries outside North America and Europe are more likely to use Apple products for work.While North American companies no doubt like to save money, ease and speed of deployment are their top two reasons for SaaS adoption, followed by lower total cost of ownership, according to the Gartner research. North American companies also value SaaS' ability to lower capital expense more highly than their global counterparts do, says Gartner Research Director Sharon Mertz.CRM is the top SaaS application across all regions, almost surely due to the dominant position of Salesforce.com. North Americans are more likely than other regions to use SaaS Web conferencing, e-learning and travel bookingReferenceshttp://blogs.gartner.com/thomas_bittman/2012/03/21/top-five-server-virtualization-trends-2012/http://www.bloomberg.com/news/2012-05-24/vmware-declines-on-slower-growth-warning-san-francisco-mover.htmlhttp://www.mendeley.com/research/virtual-machines-market-share-through-2012/http://blog.sciencelogic.com/server-virtualization-management-and-more-at-gartner-summit/06/2010http://www.unitrends.com/blog/hyper-v-vmware-es-2012/http://blogs.forrester.com/frank_gillett/12-01-26-apple_infiltrates_the_enterprise_15_of_global_info_workers_use_apple_products_for_work_0http://techcrunch.com/2012/01/25/android-may-have-consumer-market-share-but-ios-is-tops-in-enterprise/http://www.imore.com/2012/01/27/ios-beats-android-enterprise-activations/http://www.itbusinessedge.com/cm/blogs/all/gartner-saas-growth-shows-no-signs-of-slowing/?cs=48600http://www.gartner.com/it/page.jsp?id=1791514http://softwarestrategiesblog.com/tag/idc-saas-forecasts/http://blogs.forrester.com/frank_gillett/12-01-26-apple_infiltrates_the_enterprise_15_of_global_info_workers_use_apple_products_for_work_0
Information risk management moves form the data center to the board room - Board room risk profiling will focus on information risk management and ways to connect strategy, risk management and policy directly to system level protection. - Most organization will be looking to implement guidelines similar to NIST SP 800-39 (Managing Information Security Risk Organization, Mission, and Information System View which provides framework for considering/implementing corpinforrmation security governance)Congress will enact more regulations to require enhanced controls - Bottom line: Threats will increase and regulation at State and Federal levels will become more stringent especially in the area of fines.Organizations will be required to tighten baseline controls and implement active monitoring - Outsourcing, the move to the cloud and shared environments will require locking down and tracking access to sensitive systems regardless of where they reside… - Some service providers are accepting risks that their clients are not fully aware of… organziations will need to have their own controls to secure access and track activity to manage their risk appetite while taking advantage of outsourcing, shared infrastructure economies of scale
