Products of the Year: Identity management

Information Security magazine unveils its identity management products of the year.

GOLD MEDAL: Control-SA
BMC Software, www.bmc.com
Rating: 76

The umbrella of identity management covers a lot of ground: passwords, authentication, access control, provisioning and auditing. Probably the most powerful tool in identity management remains BMC Software's Control-SA, which gives enterprises broad control over user accounts.

Here's the problem facing enterprises: You must provide users with access to multiple systems on different platforms, have the ability to monitor and audit their access to systems, and revoke permissions and accounts on a moment's notice. Control-SA was one of the first tools on the market to address these bedeviling problems.

"BMC Software has a mature product," says the VP of risk management at a large financial services firm. "It has a lot of functionality, and it covers a lot of platforms."

Control-SA's features give enterprises extensive power to provision, control and audit access to IT systems on different platforms. It uses group-based rules to provide users with access based on their departmental assignments, but also has the power to provide exceptions so certain users will have greater or lesser rights.

Managing user accounts also means periodic maintenance and modification. Control-SA has tools for adjusting access rights, such as removing certain permissions when a user changes jobs or requires special access for projects. It also automates account revocation, ensuring that an account is closed as a user's employment is terminated.

Auditing is critical to good identity management, especially in this age of Sarbanes-Oxley compliance. Control-SA comes with tools for identifying unauthorized use, improper permission and inactive accounts. This gives enterprises the ability to lock down accounts and demonstrate the strength of their security and integrity programs to regulators.

An added benefit is Control-SA's self-service password management system, which allows users to reset passwords across multiple platforms and cuts help desk costs.

"The self-service password reset works great," says a CISO. "There are a lot of cost-savings on the help desk."

Other vendors offer similar, worthy products, but BMC's Control-SA remains the leader and well-deserving of the gold award.

SILVER MEDAL: SSL Certificates
VeriSign, www.verisign.com
Rating: 75

USER COMMENT: "It integrates well with other products. VeriSign is world class and good for secure communication."

BRONZE MEDAL: Sun Java System Identity Manager (formerly Lighthouse)
Waveset (a subsidiary of Sun Microsystems), www.sun.com
Rating: 74

USER COMMENT: "Sun has a great LDAP server integrating with Waveset's identity management solution; they seem to work well together."

2004 PRODUCTS OF THE YEAR


This was first published in January 2005

Dig deeper on PKI and Digital Certificates

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close