Identity Management: New Challenges Demand New Solutions

IBM Launches IBM Identity Management Services to Help Clients Tackle Their Current and Emerging Identity Theft Challenges, Enable New Business Opportunities

Select a topic or year

ARMONK, NY - 14 Feb 2006: IBM today launched IBM Identity Management Services (IDMS), an end-to-end portfolio of capabilities that cover the entire identity management lifecycle -- from identity proofing, to user provisioning, to access control.

Organizations depend on identity systems to run their businesses every day, and to enable the products and services that will drive competitive advantage for them in the future. But there are increasing challenges. Identity theft, one of the fastest-growing crimes in the country, has already touched one in every 20 adult Americans, according to the FTC. So, as businesses grapple with identity management issues across an increasingly heterogeneous mix of infrastructures and environments, it is becoming increasingly important that they leverage identity management solutions that can help simplify their IT infrastructure, reduce risks and support business initiatives focused on revenue growth or profit improvement.

Incorporating a broad set of solutions, IBM Identity Management Services allow organizations to engage at any point in their identity management lifecycle and at every level of an organization, from business strategy, to applications, to IT infrastructure. The IDMS approach is designed to provide more robust identity management by reducing the number of systems involved; reducing costs by automating and lowering technical support needs; increasing efficiency of access control processes, improving productivity and usability for both users and administrators; and helping clients meet their ever-growing regulatory compliance needs.

"While people often think of identity management in 'defensive' terms, one of the most important benefits of IDMS is that it can help organizations to enable new services and business models that might otherwise be too risky too implement," said Cal Slemp, IBM's vice president of security and privacy services. "Financial institutions, for example, are under increasing pressure to eliminate business line silos and take a company-wide view of their customers, in order to better provide them with the products and services that meet their individual needs. Yet, this imperative challenges traditional identity management processes, controls and governance structures. IDMS is designed to help our clients minimize risk and fraud loss, as well as, help them develop the new processes and governance they'll need to offer robust identity-based products and services."

IDMS was also created with the understanding that identity theft and other identity issues are moving targets. For example, in its most recent Global Business Security Index Report, IBM's Global Security Intelligence team reported the growing prevalence of "spear" phishing, a highly targeted form of spam e-mails that cause much of today's identity theft. Phishing overall is on the rise, accounting for an average of one in every 304 emails, compared to one in every 943 in 2004.

On the other side of the equation, regulatory directives, policy recommendations and evolving best practices are effecting change in identity management competencies such as strong authentication. For example, the U.S. Federal Government's HSPD 12 initiative establishes stronger, more uniform standards for issuing government identity credentials. The interagency Federal Financial Institutions Examination Council (FFIEC), which promotes uniformity in the supervision of financial institutions, recently issued new guidance on the risks and risk management controls necessary to authenticate the identity of customers accessing Internet-based financial services.

To address these and other current and emerging needs, IDMS offers a portfolio of complementary services that can be implemented as integrated solutions or individual components. Key elements of IDMS include briefings, assessments and workshops; industry-specific identity management architectures and custom design services; and solution implementations and hosted services. IDMS utilizes best-in-class identity management products and technologies from IBM Tivoli and key IBM Business Partners including, ActivIdentity, ADT Security Services, Axalto, Cogent Systems, Encentuate, Exostar, GE Security, Lenovo, Passlogix, Verisign, Viisage, and others.

IDMS and the IBM Information Security Framework

IDMS also utilizes IBM's Information Security Framework (ISF), which was also announced today. The ISF is an IBM intellectual property asset that is designed to help clients better understand their entire security landscape. When ISF and IDMS are leveraged together, clients can reap the benefits of an even more robust set of assets and services to help them meet their security needs.

IBM developed the ISF in response to clients' needs to simplify and speed the planning and execution of their security programs. The ISF covers eight core areas and provides "best practices" developed by IBM professionals for planning and deploying the necessary related capabilities, organized in multiple maturity levels. These areas are:

-- Governance
-- Privacy
-- Threat mitigation
-- Transaction and data integrity
-- Identity and access management
-- Application security
-- Physical security
-- Personnel security

The ISF is designed to enable clients to review and assess their entire security landscape and develop a pragmatic, applicable roadmap to maintain an effective security program based on their needs. It builds upon IBM's research, extensive portfolio of security offerings, and leadership in performing assessments and developing, deploying and managing security solutions for clients globally.

For more information on IBM Identity Management Services and IBM's Information Security Framework visit

Related XML feeds
Topics XML feeds
Chemistry, computer science, electrical engineering, materials and mathematical sciences, physics and services science
Services and solutions
Information Management, Lotus, Tivoli, Rational, WebSphere, Open standards, open source