STKI Summit 2009 -Infrastructure Services Trends

Your Text here Your Text here

Shahar Geiger Maor
VP & Senior Analyst
shahar@stki.info

Visit My Blog: http://shaharmaor.blogspot.com/

1

Agenda
Information
1 Information Security Security

2 Communication
Networking Networking

3 Green IT Green IT

Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 2

2009: Application to-do-list
a. Flexible staffing based on good temps vendors
b. Contract renegotiations and multisourcing of temps
c. Requirement and portfolio management and rationalization
d. Maintenance and requirement release management
e. Application integration, reuse, atmaa and SOA
f. Automating and outsourcing testing
g. ERP instance consolidation
h. Application Hosting and SaaS
i. New licensing strategies
j. Self service software (even e-learning)
k. User authentication and password management
l. Automated compliance software


2009: Infrastructure to-do-list

a. Desktop simplification
b. End-user help desk
c. Green IT and recycling
d. Consolidation of servers, storage and end ser platforms
e. Demand management
f. Storage management and rationalizing
g. Exception oversight
h. Bandwidth prioritizing
i. Open source software
j. Print management
k. Hosting and utility computing

Information Security
Information
Security

GRC and Security market size (Ms of $)

Your Text here 2008 2009 Your Text here 2010
Governance & Risk Management
(also BCP) 35.0 42% 50.0 50% 75.0
Security (projects) 95.0 -10.53% 85.0 11.76% 95.0
Security (Software) 90.0 -5.56% 85.0 -5.88% 80.0
Total 220 0% 220 14% 250


Information

Security/Privacy In the News Security
-Trends



Information

Security Trends Security
-Trends

Cloud
Outsourcing cyber crime Virtualization
computing

Sensitive or
Inability to properly
confidential
identify and
Your Text here information may Your Text here
authenticate users
not be properly
End-user’s to multiple systems
protected
organization is
External threat of
unable to control
organized cyber
the data
criminal syndicates
management
environment Unauthorized
Third parties might
parties might be
be able to access
able to access
private files without
private files without
authorization
authorization


Information

Security Trends Security
-Trends

Data breaches
involving Peer-to-peer file Web 2.0 and
Mobility
personal sharing mesh-ups
information
Unsupervised
Use of P2P monitoring of
Your Text here Sensitive or might result in Your Text here
confidential the loss of employees’ use
Inability to
information that sensitive or of Web 2.0
properly
ends up in the confidential applications can
identify and
hands of cyber business result in the loss
authenticate
of critical
remote users criminals and information confidential
identity thieves including trade
secrets business data
on the Internet


Information

Underground Economy Security
-Trends

Items for sale on underground servers, appearance and price:


Source: Symantec

Information
Technologies Categorization 2009 Security
-Trends

Business Value
Investment
to make money Remote
Access
Cut costs, Increase Manage Sec.
productivity IAM/IDM Services IT Project
Business
SSO Cloud Project
App.
Your Text here Anti Your Text here
Sec. DLP Size of figure =
Commodity IT X Mobile
complexity/
EPS SIEM/SOC Sec.
Services cost of project

DB
Vir.
Network NAC
Sec. Sec.
Security
Investment
for regulations
GRC
Using Implementing Looking
Market Maturity

Information

STKI Madad 2008-2009
Security
-Trends

Network DLP Hardening
Market Players
5% 4% 3%
5%
Access
GRC 18%
5%
Miscellaneous EPS/Anti x
6% Your Text here Your Text here
14%

NAC DB Protection WAF & Apps
6% 7% 11%
Management Trends
8% 8%


Information

Security Ratios Security
-Trends

Organization Type Ratios of Security
Personnel (Israel)

Average Public Sector 0.1% of Total Users

Sensitive Public Sector 0.5% of Total Users


Information

Sophisticated Threat Environment Security
-Trends

First-Stage Second-Stage
Writers Middle Men End Value
Abusers Abusers

Hacker or Fame
Tool Writers
Direct Attack
Compromised
Host and
Application Theft
Malware Machine Extortionist
Writers Harvesting DDoS for Hire
Botnet Creation Espionage
Worms Spammer Text here
Your Text Information
here Your
Harvesting Botnet Extortion
Management
Viruses Internal Theft Phisher
Abuse of Commercial
Privilege Personal Sales
Trojans Information Pharmer/DNS
Poisoning Fraudulent
Sales
Information
Spyware Brokerage Identity Theft
Click Fraud
Electronic IP
Leakage Financial Fraud
Source: Cisco Israel

Information

Application Security Security
-App. Sec

STKI observation: Secure development should be an
integral part of any new project and therefore should be
calculated within the project’s budget. STKI survey shows
that spendings on secure development scale from 0% of
total project budget (Main-Frame based projects) up to
10% ( core web applications projects) of total project
budget. here
Your Text Your Text here
Average spending on secure development is 5% of total
project budget (including: training, code review and
penetration tests)


Information

Web Applications - Vulnerabilities Security
-App. Sec

Probability to detect vulnerabilities of
different risk degree (results of 32,717 sites
and 69,476 vulnerabilities of different
degrees of severity)

% Sites (All) % Sites (Scanned) % Sites (Black & Whitebox)

Source: http://www.webappsec.org/projects/statistics/

Information

Web Applications -Vulnerabilities Security
-App. Sec

Vulnerability frequency by types:
1. Cross-Site Scripting and SQL Injection vulnerabilities usually appears due to
system design errors
2. Information Leakage and Predictable Resource Location are often connected with
improper system administration (for example, weak access control)


Source: http://www.webappsec.org/projects/statistics/

Information

Application Security –Dev. LifeCycle
Security
-App. Sec

Security & Privacy Training Security
Security Security Security Final
Security & Security
& & Public Security
Security & Security Arch & Privacy & Push Security RTM
Privacy Privacy Release Servicing &
& Cost Privacy Attack Surface Best Dev
Docs
Best
Privacy
Privacy
& Or
Response
Privacy Analysis Design Review Practices
and Tools
Test
Response
Review Pen
Privacy RTW
Execution
Kickoff Best Risk For Plans Reviews
and Tools Practices Testing
Practices Analysis Product

Traditional Microsoft Software Product Development Lifecycle Tasks and Processes
Design Code
Feature Lists Testing and Verification Product Support
Specifications Signing +
Quality Guidelines Service Packs/
Checkpoint RTM
Arch Docs QFEs Security
Development Express
Schedules Functional Bug Fixes Signoff
Updates
Specifications of New Code

Support
Requirements Design Implementation Verification Release &
Servicing

Source: MICROSOFT SECURITYremove source or attribution from any graphic or(SDL)ofGUIDE
Shahar Maor’s work Copyright 2009 @STKI Do not DEVELOPMENT LIFECYCLE portion graphic 18

Application Security Information
Security

–Israeli Players and Positioning -1Q09
-App. Sec



Information

Web Application Firewall Security
-App. Sec

What is it?
"An intermediary device, sitting between a web-client
and a web server, analyzing OSI Layer-7 messages for
violations in the programmed security policy. A web
application here
Your Text
firewall is used as a security Your Text here
device
protecting the web server from attack.― (WASC)


Web Application Firewall
Information
Security

–Israeli Market Players
-App. Sec

Solution What Should I Know? Representatives/
Integrators
Applicure - dotDefender Host based Israeli WAF provider (On Apache and 2BSecure,
(Apache and IIS) IIS web servers). Awarded Frost & Sullivan Award Comtec,
for Successful Technology Innovation (Oct 08) Overline,
Msecurity,
Comda, New age
Barracuda - Web Provides single point of protection for inbound Trek-IT, ABnet
Application Firewall here
Your Text and outbound traffic for all Web applications. Text here
Your
(fromerly Appliance that has SSL Acceleration and Load
NetContinuum) Balancing capabilities.
Breach Security - Typically deployed in an out-of-line mode so it Direct sales
WebDefend present no latency threat to the network. Can
locate indications for poor web applications
design. Not quite common in Israel
Citrix - Application Strong attack detection and protection, traffic Aman Computers
Firewall (Formerly Teros) throttling and blocking. Excellent integration with
the NetScaler suite. Weak GUI compare to other
solutions. No projects in Israel yet.

Information
Security

–Israeli Market Players
-App. Sec

Integrators
Cisco* - ACE XML A key component of the Cisco ACE family. It Bynet, Taldor,
Gateway enables efficient deployment of secure, reliable, Bezeq Int.,
and accelerated XML applications and Web 2BSecure
services. Few Deployments in Israel
IBM* –Data Power Powerful XML FW with added values of WAF, load Tangram
balancing and applications acceleration. Very (Matrix), Elad
Your Text here strong presence in Israel as a XML FW solution. Group
Your Text here
Microsoft –IAG WAF IAG comes with built-in web application firewall Elad, Matrix,
for known web applications like: Outlook Web DBNet, HP,
Access, Share Point, iNotes, Domino Webmail, M-Security,
Microsoft CRM and more. Quite successful in Securenet
Israel
Protegrity - Defiance Based on KaVaDo, Strong presence worldwide, 012 Smile, Matrix
but few Israeli clients
Radware - AppXcel WAF Based on Imperva Bynet, Netvision
*Both Cisco ACE XML Gateway and IBM Data Power are not pure WAF players, but were added to the list

Information
Security

–Leading Players -1Q09
-App. Sec

Integrators
F5 - Application Security One of the best WAFs around. Features a good Trek-IT (Dis.),
Manager (ASM) policy toolset for adaptive learning. Offer strong Artnet,
integration to the TMOS family of products. Taldor, Spider,
Superb load balancing capabilities. One of two Bezeq Int., One
Your Text here leading solutions in Israel. Strong market Your Text here
NewAge, Netcom
presence
Imperva – SecureSphere The first in the Israeli market. Imperva has an Comsec (Dis.),
array of out-of-the-box policies and attack Netcom, Bynet,
signatures as well as superior learning mode . A Taldor, NewAge,
leading DB protection solution. Has a significant 012 Smile
market share


Information

Network Security Security
-Network Sec

Enterprise FWs have long become an essential security
foundation
FW selection should consider:
• Capabilities (especially deep inspection, blocking
Capabilities and throughput speed)
• Ease of deployment
• Integration with other network infrastructure
• Cost
The perimeter defense is not dead. Instead it got
thickened: Network complexity triggered the use of
virtual FWs running over one machine

Information

Network Security Security
-Network Sec

Business operations and networks have become very
complex
FW solutions should have strong management and
configurations capabilities in order to adjust themselves
(Next Generation FW): New versions Text here offer a
NGFW Your Text here Your of FWs
built in IPS solution. This convergence is logical since
both FW and IPS solutions are latency-sensitive and can
work together in high speed


Information

Israeli FW Market: Leading Solutions
Security
-Network Sec

Network FW market share as % of total deployments
100%
90%
80%
70%
60%
50% 92%
40%
30%
20%
10% 22%
0% 20%
14% 30%
CheckPoint Cisco
Juniper
Fortinet
Other


Israeli FW Market: Information
Security
Leading Solutions and Integrators -Network Sec

Checkpoint Juniper Cisco Fortinet
Bynet x x x
Taldor x x x
Bezeq Int. x x x
Netvision x x x
Netcom x x
012Smile x x
2Bsecure x
Your Text here x Your Text here
Artnet x x
IBM x
EDS (HP) x
Ness x
One x
Spider x
Matrix x
WE x
ICT x

Information
Israeli IPS Market: Leading Solutions Security
-Network Sec

IPS market share as % Of total respondents
40%
35%
30%
25%
20% 38%
15%
10% 21% 32%
5%
0% 9%

McAfee
IBM (ISS)
Juniper
Other/None


Israeli IDS/IPS Market: Information
Security
Leading Solutions and Integrators -Network Sec

McAfee IBM(ISS) Juniper Tipping point
(3COM)
Bynet x x x
2BSecure x x
Netcom x x
Aman x
Netvision x
Ness x
Taldor x
Spider x
Calcom x
WE x
Matrix x
One
Securenet x

Information

Network Access Control
Security
-Network Sec



Information

NAC Insights Security
-Network Sec

NAC has not been ―fully digested‖ by Israeli customers in
2008. There should be more activity in 2009
NAC can be deployed less expensively when it is an
embedded feature of an existing vendor and customers
take notice of it
Some network and security vendors alreadyText here
Your Text here Your have

solutions that can be part of the NAC process (AC, IPS) –
An important starting point for market domination
 Israeli customers first priority: implement a guest
networking control
Network or Security?
NAC is a Layer 2 vs. Layer 3 match

Information

NAC –Solutions Security
-Network Sec

Solution Value for Customer Notes

Access Layers – •Multiple switch vendor support Strong Israeli
Port Nox (Israeli •Agentless presence.
vendor) •Score based authentication Integrators:
•No 802.1x authentication Netcom, Netvision,
2BSecure, Trustnet
CheckPoint –NAC •Strong personal firewall and VPN client software Strength in NAC
(Israeli vendor) Text here
Your player Your Text depends on ability
here
•EPS & NAC functionality in a single endpoint client to compete in the
•OPSEC Alliance Endpoint
•ease of implementation in remote access applications Protection market!
CP is not a first
choice
Cisco -CNAC •Both Appliance & infrastructure-based approach Few projects and
•Support of non-traditional endpoints POCs in Israel.
•Large install base in Israel –cost effective solution Natural first choice
for many users

Information

-Network Sec


Enterasys -Sentinel •Cross-vendor platform Penetration mainly on
•MAC, 802.1x authentication and Enterasys install base in
more Israel. Netcom, Artnet
•Guest registration module are strong integrators

ForeScout -CounterACT (Israeli •Out-of-band NAC appliance No packet filtering
vendor) Your Text here •integration with a number of capabilities.
Your Text here
remediationdirectory solutions Few clients in Israel
•Built-in RADIUS proxy for 802.1X
support
HP Pro-Curve - •Both appliance-based and HP Pro-curve is gaining
Endpoint Integrity Agent ground in the Israeli LAN
•Strong management system market and therefore
(Identity Driven Manager) becoming an important
NAC player.


Information

-Network Sec


Insightix –NAC (Israeli •Real-time "state" of all devices connected Few implementations in
vendor) to the network Israel and abroad.
•Agentless visibility functionality Integrators: Bynet and
•Cross-vendor platform Overline
Juniper -UAC •Impressive array of enforcement options Some of the features
•supports third-party HW via 802.1x require other Juniper
Your Text here Your Text here in the
components
network (FW, IDS…)
McAfee -MNAC •comprehensive client security suite Best fit McAfee clients.
•One of the better integration strategies Strong EP player with NAC
with Microsoft NAP functionality

Microsoft -NAP •Has one of the strongest access and Integrate with many other
enforcement architectures NAC solutions. contributor
•Uses Forefront and AD for superior to the standardization of
policy management NAC
34

Information

-Network Sec


Nortel -SNA •Cross-platform device support unmanaged
•Appliance that collects contextual user and device
infrastructure information from multiple support -via NAP
network sources
Symantec -SNAC •Pure software-based solution Very good solution
•Provide strong threat protection solutions for EPS customers
Your Text here •One of the most comprehensive reporting Text here
Your
and auditing frameworks
XOR –SWAT •MAC based NAC Dozens of
(Israeli •Provides access control for switches and implementations in
vendor) devices that don’t support 802.1x Israel
•Cost effective 80-20 solution


Information

STKI Israeli Positioning
Security
-Network Sec

Not a technological positioning, refers only to Israeli market•
Focused on enterprise market (not SMB)•
Vendor A
Not an STKI recommendation•
Market Presence (X)  Vendor B
Local Support

Market share - existing and new sales (more emphasis) 
Mind share (how user organizations rate vendors) 
Local Support (Y) – is influenced by (X)  Worldwide
Leader
Experience & technical knowledge, localization, 
support, number and kind of integrators
Worldwide leaders marked, based on global positioning
Vendors to watch: Are only just entering israeli market
so can’t be positioned but should be watched
Vendors to Watch:
Vendor C
Market Presence

NAC Information
Security
-Network Sec
- Israeli Market Positioning 1Q09

Vendors to Watch:
HP Procurve
Check Point

Microsoft
Local Support

Cisco
Player
Symantec
Worldwide
Juniper XOR SWAT
Access Layers Leader
Enterasys Leap
McAfee
ForeScout
Insightix
Nortel
This analysis should be used with its
supporting documents

Market Presence

Information

Endpoint Security Security
-EPS



Information

Endpoint Security -Threats Security
-EPS



Information

Endpoint Security -Protection Security
-EPS
Organization

Outside


Information

-EPS
Organization

Outside


Information

-EPS

Anti X
DLP
Organization

NAC

Outside

Manageability


Anti -X Suites Information
Security
- Israeli Market Positioning 1Q09 (Enterprise Leaders Only) -EPS

Symantec
Local Support

McAfee
Trend Micro Player

Worldwide
Leader

Microsoft


Market Presence

Data Centric Security Data Centric
Security


Data Centric
Data Centric Approach Security


Build a wall – “perimeter “Business of Security” – Security
security” is built into the business process


Data Centric

Data Centric Security Arena Security

DLP ERM

Database
Encryption
Protection


Data Centric

Business
Efficiency

Ubiquitous Regulatory
access to
Your Text here
information Business Compliance here
Your Text
Goals for
Security
Today

Protection Protection
from of Assets
Financial from
Loss Threats


Data Centric

Develop practical
end–to-end solutions
that will protect your
information right
now with what you
Identifying, Defining
now have
& Assessing your Provide a pure and total
Data, Intellectual focus on this complex,
Capital and mission-critical area
Your Electronic Assets
Text here Your Text here

Security is
Business perspective an End-to-end view and full
approach – top down life-cycle security
ongoing
Process


Data Centric

Data Leak/Loss Prevention Security
-DLP



Data Centric

Data Leak /Loss Prevention Security
-DLP

 DLP is an overall framework into which different elements fit
 There are three types of data that may leak:
• Data at rest
• Data in transit
• Data on endpoints
 No single DLP focus area is full proof, an optimal solution
should cover all three areas
 DLP is a growing area, and vendors react accordingly
 It is suggested to use full-suite vendors in order
to avoid integration problems


Data Centric

DLP –Market Status Security
-DLP

DLP Deployments Status -Israel 1Q09

Solution Deployed
20%
Your Text here
PlanYour Text here
to Deploy
Not "There" Yet Soon
60% 20%


Data Centric

DLP–World Trends Security
-DLP


Source: Aberdeen Research

Data Centric

DLP –Market Status & Players Security
-DLP

World Leaders (consolidation in progress…):
• Symantec (Acquired Vontu, 2007, 350$ M)
• Websense (Acquired PortAuthority 2007, 90$ M)
• Reconnex (Acquired by McAfee, July 2008, 46$ M)
• Tablus Text here
Your (Acquired by RSA, 2007, 40$ M) Your Text here
• Vericept ? Workshare?
Main drivers for DLP are:
• Regulations such as Payment Card Industry (PCI),
Accountability Act (HIPAA)
• e-mail security, instant messaging (IM) and
endpoint monitoring solutions

Data Centric
DLP - Israeli Market Positioning 1Q09 Security
-DLP

Vendors to Watch:
ProofPoint
Workshare
IBM (ISS)
Local Support

Player

Worldwide
Leader
Websense
Fast
Movement

McAfee
Verdasys
Symantec
RSA

Market Presence

Data Centric

ERM
Security
(Enterprise Rights Management) -ERM

Enterprise Rights Management (ERM) technology—also
known as Enterprise DRM or Information Rights
Management (IRM)
What is it?
• ERMYour Text hereencrypting files that contain Your Text hereand only
entails content
allowing those users or devices that have proper
credentials to decrypt the files and access the content

Awareness of ERM has increased
ERM has been growing steadily since it became a
technology category unto itself about five years ago

Applications and File Formats Data Centric
Security

Used in ERM Implementations -ERM


Source: Gilbane Group

Data Centric

ERM –How Does it Work?
Security
-DLP

SQL Server
Active Directory 1. New user is authorized to use RMS

2. The User defines set of rules and content
usage rights for the data he wants to
share – He is the data owner
RMS Server 3. User distributes data to relevant recipients
4. When recipient tries to open a file –a
1 4 request is sent to the RMS Server in
order to authorize/deny access

5. RMS enforces rules made by the data
2 3 5 owner

Data owner Recipient

Source: Microsoft Israel

Data Centric

ERM -Israeli Market Players Security
-ERM

Microsoft -Rights Management Services
EMC- EMC Documentum IRM Product Suite
Oracle - Oracle Information Rights Management
Adobe –Adobe LifeCycle Rights Management
SU:
IsraeliYour Text here Your Text here

Secure Islands -A provider of an advanced information
protection and control (IPC) solution
Covertix –Develops innovative software technology to
track, monitor and control documents and files within
and outside the organization


Data Centric
Security
DB Protection –Market Status -DB
Protections

DB Protection Deployments Status -Israel 1Q09

Leading Israeli Players: Not "There"
•Sentrigo Yet
49%
•Imperva Plan to
•Oracle DB Vault Deploy Soon
•Guardium Text here
Your 30% Solution Your Text here
Deployed
20%
DB encryption: OtherDo Not
Decru –by NetApp Know
1%
Ged-i (Israeli SU): offers
high-level encryption to
Storage Data


Data Centric
Security
Masking of Production Data -Data
Masking

 What is it?
• The process of data masking is designed to ―de-identify‖ data,
such that the data remains based on real information, but no
longer has any practical usage or application
 What is the need?
• The drive to outsource and offshore application development
and Your Text here
testing work means that organizations will have little control
Your Text here
over who gets to see their data
• Test environments are not physically as secure as production
systems
 What can go wrong?
• Sensitive data might be downloaded to laptops and stolen
• Employees might misuse sensitive information and engage in
fraudulent activity


Data Centric
Security
Masking



Data Centric
Security
Masking


Source: Securosis.com

Data Centric
Security
Masking

Israeli market players (alphabetize):
• Compuware (File-AID) –Few
implementations
• DataVantage (Global)

• IBM (Optim) –Few POCs
• Informatica (PowerCenter) - Few POCs
• Oracle (Enterprise Manager Data Masking) –
For Oracle DBs only


SIEM/SOC SIEM/SOC


64

SIEM/SOC SIEM/SOC

 What is SIEM?
• Security Information & Event Management
 What is SOC?
• Security Operation Center

• Collects and analyzes all log data and basic event management
• monitors and manages all aspects of enterprise security in real
time, from a single, centralized location
• The NOC of security
 Why do we need it?
• Need for real-time awareness of internal/ external threats
• Ensure business continuity and comply with regulations


Silos of Redundant Information SIEM/SOC

Management


Source: Network Intelligence

An Enterprise Platform for Compliance SIEM/SOC

and Security

SIEM

Source: Network Intelligence

SIEM/SOC -Israeli Trends SIEM/SOC

CA has been the first to enter the market and gained
considerable market share in the high-end market
ArcSight was introduced two years later. This solution was
easer to deploy and much easer to manage
End ofYour Text here
2007: Symantec SSIM and RSA Envision were
Your Text here
introduced to the market, both easy to deploy, scalable
and relatively intuitive
CA has lost some of it market share to the other new
comers


SIEM/SOC -Israeli Players SIEM/SOC

Solution Leading Integrators
ArcSight We (Exclusive representative)
CA 1. Netcom
2. TrustNet
3. Ness
Cisco 1. Bynet
Your Text here 2. Netcom Your Text here
RSA 1. TrustNet
2. Xor
3. Bynet
IBM Ness
NetIQ Calcom (Exclusive representative)
Symantec 1. Netcom
2. Bynet


SIEM/SOC SIEM/SOC

- Israeli Market Positioning 1Q09
Vendors to Watch:
IBM -MSS
TriGeo
Local Support

ArcSight Player

Worldwide
Leader
RSA
Fast
Symantec
Movement

CA
IBM
Cisco
NetIQ supporting documents

Market Presence

Next Generation SIEM/SOC: MSS
SIEM/SOC
-MSS

What does MSS offer?
-Comprehensive solution for security management:
• Firewall/EP Management Service
• Intrusion Detection & Prevention Management Service
• Vulnerability Management Service
Why should we go there?
• Cost effective!
• Use of best-of-breed security
Why shouldn’t we?
• Who owns my data?
• No one else in Israel goes there…yet


SIEM/SOC
MSS Trends in Israel -MSS

STKI observation: MSS is well accepted in SMB
organizations, but Israeli CISOs in enterprises still
strongly oppose this trend

The current economic downturn should encourage
some enterprises to reconsider MSS
MSS providers addresses the management (CFOs and
CEOs) in order to attract new clients


SIEM/SOC
MSS –World Leaders -MSS

Delivery

Great Potential for:
•Current world leaders (IBM, Symantec)
• local ISPs
•Network integrators
•Traditional OS players

Market Penetration

(Source: Frost and Sullivan)

Identity & Access Management (IDM/IAM)
IDM/IAM



IDM Global Mega Trends IDM/IAM

 Fraud and identity theft will increase strong
authentication use

 Strong authentication and SSO will strengthen their ties

 Context-based authorization will put risk analysis here
Your Text here Your Text into
access control decisions

 Physical and logical security will continue to converge

 Federation will slowly grow


IDM/IAM Savings IDM/IAM


Source: http://blogs.technet.com/mcs-ireland-infrastructure/default.aspx

STKI Summit 2009 -Infrastructure Services Trends

STKI Summit 2009 -Infrastructure Services Trends

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

En vedette

En vedette (6)

Similaire à STKI Summit 2009 -Infrastructure Services Trends

Similaire à STKI Summit 2009 -Infrastructure Services Trends (20)

Plus de Shahar Geiger Maor

Plus de Shahar Geiger Maor (20)

Dernier

Dernier (20)

STKI Summit 2009 -Infrastructure Services Trends