IBM Betting Big on Identity Management

By John Desmond

(Back to article)

To IBM, identity management is bigger than big. IBM has always put a high priority on account control, and identity is inextricably linked to accounts. In the last few years, IBM has rounded out its identity management product offerings by making acquisitions, developing new products internally, integrated existing products, and forming partnerships.

At the same time, IBM is attempting to stay neutral and not require its customers to get locked into its own identity management products. The company is incorporating standards and supporting a range of directories, application servers, and databases.

IBM Goes Shopping for Identity Management

In mid-2000, IBM had a few loosely related identity and security products. In the approximately 30 months since then, IBM has invested in its directory services product, IBM Directory Server, filled in missing technology with acquisitions, and given its identity management effort a home in the Tivoli Division.

"IBM Tivoli Access Manager is a cornerstone of the play, with more customers and generating more income than other products in the suite," says Mike Neuenschwander, senior analyst with Burton Group, who issued a report in April 2003 titled, "IBM's Big Bet on Identity Management; Win by Breadth and Depth."

In 2002, IBM acquired two identity management companies: Metamerge, a maker of meta directories, and Access360, a provisioning company. Since then, IBM has been working to integrate the acquired products into the line and reduce overlap with existing products. "Customers have been griping a little about the integration issues," says Neuenschwander, acknowledging that prior to the acquisition, customers would have had multiple vendor relationships and completely separate products.

Joe Anthony, program director, security market management for IBM Tivoli, said the focus is on building a foundation for identity management within the enterprise. "It is typical for a large enterprise to have over 100 repositories for identities, in e-mail directories and applications," he says. "Where you are going to keep the authoritative source of identity information is the question."

The products in IBM's identity management line include:

  • IBM Tivoli Privacy Manager: An IBM-developed product used to grant access to certain records and databases, depending on the authority and job responsibility of the user. Privacy Manager is useful for proving compliance with government privacy and other regulations. It's based on the Platform for Privacy Preferences (P3P) specification of the W3C.

  • IBM Tivoli Security Compliance Manager: An IBM-developed product used to examine individual desktop and laptop computers for compliance to corporate policies on software and configurations. The server-based product allows administrators to maintain compliance without visiting individual machines. The product has its roots in IBM Global Services, which developed it from some of its engagements.

  • IBM Tivoli Risk Manager: An IBM-developed product that feeds information from identity management products into a single event console. The product can accept information from approximately 70 devices, such as Cisco firewalls.

    This article was first published on Inside ID, a JupiterWeb and EarthWeb site. To read the entire article, click here.