pricing for abandoned HP Identity Center security software customers aimed at helping them benefit from IBM's broad capabilities for securing and efficiently running IT for their business.

IBM also today announced new application security software and four new worldwide Trusted Identity Centers of Excellence to help organizations tie together physical and digital security to better manage the identity lifecycle of their customers and workforce. These efforts further demonstrate IBM's commitment to provide new capabilities that support the growing business need for identity management and security.

HP entered the identity management space with three successive acquisitions -- Baltimore Technologies in 2003, Trulogica in 2004 and Trustgenix in 2005 -- but then announced this year that it was stopping direct business focus on identity management while steering customers to other providers.

In response to HP's discontinued identity management products, IBM offers competitive migration pricing for software and migration services through IBM Internet Security Systems (ISS) to provide stranded HP customers the opportunity to efficiently convert from HP software to IBM's security offerings, such as IBM Tivoli Identity Manager, IBM Tivoli Access Manager for e-Business and IBM Tivoli Federated Identity Manager. IBM continues to strengthen its identity management commitment, most recently evidenced by the acquisition of Encentuate in March and release of the new Tivoli Access Manager for Enterprise Single Sign-On in September, adding new capabilities to help enterprises of all sizes minimize risk and cut operational costs through security.

Identity and access management software -- which helps organizations define IT system user roles and manage who has access to what applications and information -- was a $3.1 billion worldwide market in 2007, expected to grow to $5.3 billion by 2012 ⁽¹⁾ and is a major pillar of any service management strategy that manages IT data centers and technical infrastructure. Identity and access management software is critical to enterprises of all types, particularly businesses involved in transactional activity such as banking and retail, as well as medical institutions seeking to protect the privacy of patients.

"HP's decision to throw in the towel on its identity and access management software line has left a void for customers," said Al Zollar, general manager, IBM Tivoli Software. "Obviously security software is a critical linchpin for protecting a company's global assets and reputation. IBM is committed to delivering a comprehensive portfolio of security software and services."

According to a recent market share report from analyst firm IDC, IBM leads all vendors in worldwide revenue for identity and access management (1). As a leader in overall IT operations management software, IBM credits its success to the ability of its software to provide increased value when linked together, in addition to a coordinated development roadmap and highly skilled consulting and services support.

As Internet use for business purposes continues to rise, the threat of securing Web applications from hackers, while maintaining compliance with mandatory business regulations, is top of mind for organizations. Implementing proactive measures to identify and fix vulnerabilities across the software delivery process is instrumental for reducing risk and cost. Building on top of IBM's security foundation of identity and access management, IBM also announced new offerings to help customers secure their software applications: 

• IBM Tivoli Security Policy Manager -- Brand new IBM software that provides customers the ability to develop centralized security policy management for managing application entitlements driven by compliance, data security and intellectual property protection. The adoption of SOA and Web 2.0 technologies poses unique security policy management challenges for managing user entitlements -- the loose coupling of services and mash-up applications across a business creates multiple policy management points, each of which may require its own administration. The IT reality to manage these policies and entitlements in an environment full of different vendors' technology is manual, error-prone and creates costly islands of security administration. Tivoli Security Policy Manager, available by end of 2008, provides standards-based, centralized application entitlement and SOA security policy management capabilities to help users strengthen access to new applications and services and improve policy compliance and operational governance.
• IBM Rational AppScan Developer Edition -- New software, announced September 22, designed to lower business risks and reduce costs associated with conducting business on the web. Through the availability of Rational AppScan Developer Edition, IBM helps organizations take a preemptive approach to application security by providing resources needed to find security and compliance flaws at the earliest stages of the development process, before they ever pose a real risk or become highly costly to fix. IBM is the only company to offer security solutions that span all areas of application delivery, including the development, testing, deployment and operational phases. IBM Rational's portfolio for application security also includes: IBM Rational AppScan Standard, IBM Rational AppScan Enterprise, IBM Rational AppScan Tester Edition and IBM Rational AppScan Build Edition. To learn more, please visit: www.ibm.com/software/rational/offerings/websecurity/. 

New Trusted Identity Centers

IBM's four new IBM Trusted Identity Centers of Excellence also announced today -- based in Dallas, Texas; San Jose, California; Bangalore, India; and La Gaude, France -- extend IBM's identity management capabilities, helping customers link together physical and digital identities and improve trust and confidence in identities. The centers are staffed with skilled services leaders, architects and developers to assist customers with programs to manage the lifecycle of identities.

Billions of identities -- ranging from digital passwords to employee badges and driver's licenses -- are used each day to complete various types of transactions both on-line and in-person, granting individuals a wide range of physical and digital access privileges. As the number of identities and related theft rates continue to rise, the ability for organizations and individuals to trust that people, in fact, "are who they say they are" has become paramount, particularly in the global economy.

IBM's Trusted Identity initiative utilizes the company's security software technology and deep industry and security expertise from across IBM. It focuses on helping customers manage the identity lifecycle starting with the establishment and creation of new relationships through the use and upkeep of those relationships. These interactions between individuals, businesses, governments and organizations have evolved with a dependency on the integrity and strength of identity credentials. By establishing trusted relationships, and issuing strong, secure credentials, organizations can use these relationships to their full potential and reach consumers, employees and constituents in new ways.

IBM is working with the Insurance Corporation of British Columbia (ICBC) to help provide a security-enhanced driver's license program built on IBM's Trusted Identity capabilities. ICBC, which is responsible for driver and vehicle licensing and public insurance in the Canadian province of British Columbia, has selected IBM to help develop and produce new, security-enhanced driver's licenses and provincial ID cards for its customers.

As a trusted form of government-endorsed photo identification, driver's licenses are a favorite of identity thieves. Falsified licenses can be used illegally to obtain a bank account or credit card and gain access to government services and benefits.

"A fraudulently obtained driver's license can have serious economic, security and road safety impacts when used for criminal purposes or by dangerous drivers who have been prohibited from operating a vehicle," said Kathy Thomson, manager of provincial licensing, ICBC. "With the help of IBM, the new, more secure driver's license will help reduce the risk of these types of issues in the future."

⁽¹⁾ Source: IDC Worldwide Identity and Access Management 2008-2012 Forecast and 2007 Vendor Shares, August 2008, (doc # 213650).

Information Source:    IBM