CrossIdeas Acquisition Expands IBM's IAM Capabilities

4 August 2014 ID:G00269490
Analyst(s): Felix Gaehtgens, Steve Krapes

VIEW SUMMARY

CrossIdeas brings a rich set of capabilities to IBM’s identity and access management portfolio. IAM leaders will now have the option of a complete IGA platform from IBM.

News Analysis

Event

On 31 July 2014, IBM announced the acquisition of CrossIdeas, an Italian company specializing in business-driven identity governance, risk-based compliance and threat analytics. The CrossIdeas software is immediately available as an IBM product. All employees of CrossIdeas have become IBM employees.

Analysis

CrossIdeas brings capabilities that address several deficiencies within the IBM Security Identity Manager (ISIM) product. Many Gartner customers use ISIM primarily for user provisioning but need third-party products or custom developments to bridge ISIM’s gaps in delivering a business-centric user experience with governance capabilities for identity and access management (IAM).

IBM customers will welcome the opportunity to receive a complete IBM identity governance and administration (IGA) platform. This single-vendor concierge approach positions CrossIdeas at the “value intersection” for clients seeking business-centric IGA.

IBM was working to address the specific gaps in its ISIM product but could not reach parity with the capability of competing products. CrossIdeas, which has a business-centric focus toward identity governance and analytics, will bring these much-needed capabilities to IBM. CrossIdeas already provides a standard integration with ISIM.

IBM’s technical challenge is to create a comprehensive integrated system from two loosely coupled products with overlapping features. Its commercial challenge is twofold:

  • IBM must maintain functional and time-to-market parity with competitors that already offer integrated IGA.
  • IBM must commit to CrossIdea’s platform-agnostic architecture or restrict platform support in future versions without alienating existing customers.

While these are formidable tasks, the IBM Security organization has demonstrated some skill in acquiring and integrating technology into its IAM stack, including Dascom, Datapower and Encentuate.

Apart from addressing obvious ISIM gaps, CrossIdeas brings fine-grained segregation of duties controls for SAP and non-SAP environments, risk-based role mining, attribute based access control, IAM-as-a-service readiness, and compliance reporting based on the way auditors define policies. If properly executed, these functions could enable IBM to take a leading role within the IGA market. Assuming that IBM continues the same level of innovation on the CrossIdeas product, we believe the outlook is positive on the integration within IBM’s IAM stack.

This acquisition bolsters an IAM industry trend of including business-centric IGA and analytics features as a baseline for an IAM vendor product.

Recommendations

IAM Leaders:

  • If you are an IBM ISIM customer and require IGA or analytics features, evaluate the CrossIdeas product and analyze the feature gaps in your current product set.
  • If your organization is governance-centric and you have eliminated the IBM ISIM platform from your vendor shortlist, re-evaluate the new ISIM/CrossIdeas platform.
  • If you are a CrossIdeas customer, watch for pricing and platform support changes and the integration road map between ISIM and the CrossIdeas products.
  • If you seek an IGA solution, evaluate CrossIdeas as a stand-alone solution or as part of a broader IBM IAM portfolio.