Tivoli ID Manager Update Backs IBM Security Strategy

IBM pushes ahead with its security strategy with the release of a new version of Tivoli Identity Manager.

IBM has launched a new version of its Tivoli Identity Manager with an eye toward easing deployment and delivering on its promise of end-to-end security.

With Tivoli Identity Manager 5.0, IBM delivers a major addition to its identity management portfolio, which is an important element of its security strategy for 2008, IBM officials said.

"One of the big challenges we've seen so far is that other vendors have taken the approach of looking at this from an IT security perspective only," said Chris Bauserman, IBM Tivoli security and compliance product manager.

"But really, with the deluge of compliance requirements … controlling who has access to what information for what business reasons becomes a business problem, not just an IT security problem. What we did in [Version] 5 is to make sure that we also include security and user access rights in business language, so that marketers, managers and auditors understand what users can really do with the access rights."

That meant new out-of-the-box instructional wizards, templates and best practices to speed deployment and cut the learning curve required for new users. The software automates the task of setting up new accounts and passwords for users and provides a centralized point for administering it all, ensuring that business and security policy is set on all systems and applications across the company, IBM officials said.


Click here to read more about Tivoli's security compliance management product.

The product automatically remediates and removes noncompliant access rights through a periodic management review and sign-off. It also integrates tightly with IBM Tivoli Compliance Insight Manager, an enterprise security audit and compliance management product that produces audit reports that map to regulations and best practices.


Tivoli Compliance Insight Manager was released in November when IBM announced a broad security initiative for 2008. The company plans to invest $1.5 billion in security-related efforts to help the company become a more prominent player in what is estimated as a $100 billion global security market. As part of that effort, IBM has carved security into five domains: Information Security, Threat and Vulnerability, Application Security, Identity and Access Management, and Physical Security.


Today, Tivoli commands a significant share of the market for identity management, along with CA and Sun Microsystems. In a July report, IDC positioned IBM atop the $3 billion identity and access market in 2006, ahead of CA.

IBM's strategy of offering end-to-end security by leveraging multiple products may appeal to some customers looking to solve their identity access and management problems with a suite of products.

"Customers still make individual product decisions at least as often as suite or portfolio [decisions] if not more often," said Earl Perkins, an analyst at Gartner.

That is precisely what the company is hoping for, Bauserman said.

"[For] a lot of customers who, today, may be living with a patchwork of homegrown systems, this will now allow them to move to a comprehensive, centralized solution," he said.

Check out eWEEK.com's Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK's Security Watch blog.