IBM whips out its checkbook to buy ID management specialist Lighthouse Security Group

2 Comments

Cloud is hot. Security is hot. Identity and access management (IAM) is hot. Which is, no doubt, why IBM(s ibm) is buying Lighthouse Security Group, an IAM specialist, just weeks after buying Crossideas, another IAM provider. Terms of the deal were not disclosed.

Lighthouse Security Group is a subsidiary of Lighthouse Computer Services, Inc., a Lincoln, Rhode Island–based IBM partner that also has ties to defense contractor Lockheed Martin(s lmi). Its strength is in allowing big companies to manage the identities of employees, customers and suppliers across cloud applications that the company does not necessarily control.

Now that almost everyone has social network accounts, organizations have to be able to manage user identities across those sites so that, say, a partner or customer executive with a LinkedIn(s lnkd) account can access some corporate assets but be blocked from others. “If you are on Facebook(s fb) and LinkedIn and are a customer in my directory, I need to figure out who you are and interact with you in a seamless way,” said Kris Lovejoy, IBM’s GM of security services.

That’s the capability Lighthouse Gateway provides, Lovejoy said. Crossideas, on the other hand, helps large organizations manage people with a lot of roles and ensure that, based on their role, they can’t do unsafe, non-compliant or illegal things. “For example, governance says if you create an account, you probably shouldn’t be able to write checks on that account,” Lovejoy said. Crossideas checks for conflicts like that.

IBM rivals Oracle (s orcl) — which just bought TOA Technologies to beef up its ERP platform — SAP (s sap) and Microsoft(s msft) are all buying companies to plug gaps in their respective cloud platforms. This buying spree shows no sign of abating. And in a world where nearly every business uses multiple clouds and SaaS applications and social networks, IAM looks to be a hot commodity for some time to come.

Kris Lovejoy, GM of security services for IBM.

Kris Lovejoy, GM of security services for IBM

2 Comments

RJP

Let’s not over-egg the social identity pudding.

Mechanisms like OAuth and OpenID are very useful and solve some identity management problems. But as things stand right now, out of the three basic functions of digital identity – identification, continuity and assurance – they only really simplify identification for service providers, and continuity of identity users.

We still have a long long way to go, and there are probably less than a hundred people in the world who really understand the challenge the internet poses to our traditional notions of identity.

Barb Darrow

Ok, i cannot wait to use “overegg the pudding” in a story…. thanks

and point taken… lot of stuff going on here in this field.

Comments are closed.