Andras Cser

VP, Principal Analyst

Forrester Bio

Author Insights

BLOG

2013Q3 IAM Suites Wave is out today

Andras Cser September 4, 2013
 In Forrester's 16-criteria evaluation of comprehensive identity and access management (IAM) suites, we identified the nine most significant vendors in the category — Aveksa, CA Technologies, Courion, Dell, IBM, NetIQ, Oracle, Ping Identity, and SecureAuth — and researched, analyzed, and scored them. This report details our findings about how well each vendor fulfills our criteria […]
Read More
BLOG

RSA acquires Aveksa and finally joins the full-functionality IAM suites vendor party

Andras Cser July 9, 2013
  On July 1, 2013, RSA acquired Aveksa for an undisclosed sum. The Aveksa access governance solution, which includes access request management and approval, attestation, role mining and management, user account provisioning, identity administration and auditing will augment RSA's existing product lines for access control (RSA Access Manager, RSA Authentication Manager, RSA Federated Identity Manager, RSA Adaptive […]
Read More
BLOG

Want to win an iPad and get hardcore data on access recertification? Take the UBC-Forrester Access Recertification survey!

Andras Cser May 23, 2013
Want to know more about Access Certification and Attestation? Would you like to win an iPad and get a courtesy copy of a Forrester report on the findings of a survey on the topic?   Forrester is collaborating with the University of British Columbia (UBC) on an Identity and Access Management survey. The main topic […]
Read More
BLOG

XACML is dead

Andras Cser May 7, 2013
Conversations with vendors and IT end users at Forrester's Security lead us to predict that XACML (the lingua franca for centralized entitlement management and authorization policy evaluation and enforcement) is largely dead or will be transformed into access control (see Quest APS, a legacy entititlement management platform based on BiTKOO, which will probably be morphed […]
Read More
BLOG

Adding social network, geolocation, IAM logs, text analytics and link analytics Big Data to the arsenal of Fraud Management

Andras Cser May 1, 2013
A common theme during this week's SAS and FICO user conferences was how to use Big Data to make fraud decisions faster, more accurately and without impacting the customers in any negative way. Big Data is basically about 3Vs: Volume, Velocity and Variety of data to gain veracity and value in fraud management. Volume and […]
Read More
BLOG

Why the Samsung Galaxy S4 is important to watch for Fraud Management professionals?

Andras Cser April 25, 2013
Well, we just saw Samsung launch its latest ubergizmo with tons of interesting features, like pause video playback at the blink of the eye. However, there is an important hardware feature of the Samsung Galaxy S4 to note here: finally a Near Field Communications (NFC) chip is embedded in the device (something that Apple left […]
Read More
BLOG

Mobile application behavior detection: the cheap way to catch fraud

Andras Cser April 22, 2013
After RSA's acquisition of SilverTail, things are heating up in mobile application level behavioral detection.  We see fraud management vendors increasingly looking at mobile application behaviors (beyond web fraud management and device fingerprinting) to build out a normal and abnormal behavior profile for the network traffic signatures coming out of the application (similarly to how […]
Read More
BLOG

Want to know hardcore survey results on Access Certification and Attestation?

Andras Cser April 10, 2013
  Want to know more about Access Certification and Attestation? Would you like to win an iPad and get a courtesy copy of a Forrester report on the findings of a survey on the topic?   Forrester is collaborating with the University of British Columbia (UBC) on an Identity and Access Management survey. The main […]
Read More
BLOG

Forrester’s Enterprise Fraud Management Wave is Out!

Andras Cser February 13, 2013
We just published the Forrester Wave on Enterprise Fraud Management – piece of research that has been consistently asked for by our clients. See how vendors stack up on current offering criteria including statistical models, rules authoring, case management,, and reporting  and strategy criteria including vendor staffing, customer satisfaction and financial stability.
Read More
BLOG

Big Data for Fraud Management

Andras Cser February 6, 2013
We will be conducting research to look into how big data can be used for better fraud management. We define big data as data of Volume, Velocity and Variety. Our premise is that more and more granular data from more sources allows banks, insurers, government agencies, e-Retailers to cut fraud losses more aggressively.We are interested […]
Read More
BLOG

How Will The Extended Enterprise And Zero Trust Identities Impact Your Identity Administration Processes?

Andras Cser May 31, 2012
We regularly get inquiries from companies that feel the need to restructure their access controls to support extended enterprise user populations: firms have to support employees, contractors, business partners, customers and keep them contained to be able to access resources (applications, data, etc.) that they have a business need to access. Technology and protocols are […]
Read More
BLOG

Active Directory Moving To The Cloud?

Andras Cser May 2, 2012
We hear a lot about cloud IAM vendors offering metadirectories or user repositories in the cloud. We predict that in 1-2 years we'll see AD being moved from on-premises installations into cloud based services. This has a benefit of simpler provisioning, higher availability, muc, much easier support for federation both into SaaS applications and with […]
Read More
BLOG

Security Intelligence: Should We Send A Guy With A Gun Or A Wrench?

Andras Cser April 4, 2012
We are kicking off research on security and identity intelligence, which is about understanding risk and detecting abnormal behavior.  One thing is clear: companies don't even *know* what kind of security (SIM, data,  identity, email, etc.) information they should be inspecting to detect security threats and where they should start eating the giant elephant of […]
Read More
BLOG

Blending Cloud IAM Delivery Flavors: Convergence Of In-House And IAM Suite Offerings

Andras Cser March 14, 2012
Today we see two basic flavors of cloud IAM. One archetype is the model offered by Covisint, VMware Horizon, Symplified, Okta, OneLogin, etc.: these vendors provide relatively tight integration, but less capable identity services based on their respective firm's own intellectual property. Because of the above, these offerings clearly have a short implementation time. The […]
Read More
BLOG

Xmas IAM Spending Spree: Quest Software Acquires BiTKOO, Enters IAM Suite Provider Market

Andras Cser December 19, 2011
With only 4 stack players in Identity and Access Management, it is always welcoming news to see a new company joining the space. Quest Software is on a shopping spree: it acquired e-DMZ (privileged identity management), Völcker Informatik AG (provisioning), Symlabs (virtual directories), and now BiTKOO (XACML entitlement management). Forrester expects that in reaction to […]
Read More
BLOG

RSA Breach: Two-Factor Authentication Is Not Dead But Is Morphing And Getting More Granular

Andras Cser June 8, 2011
Many IT end-user companies deployed hard tokens at a time when intermediate-risk choices were thinner on the ground, and some of these companies would have benefited from a more granular approach anyway. In general, we are seeing companies moving towards risk-based authentication augmented by mobile soft tokens (sometimes called from a mobile application through an […]
Read More
BLOG

Losing Patience And Token Information

Andras Cser March 22, 2011
As we speak to companies worldwide, many express their frustration with the cost and complexity of physical tokens. Our staple response is: "Oh yes, these solutions are hard to integrate and operate, but they provide the extra level of security required in an enterprise environment." However, today’s RSA SecureID breach goes against our typical advice and demonstrates […]
Read More
BLOG

Watson Beats Jeopardy Champions: How Can You Capitalize On This In Risk And Fraud Management?

Andras Cser February 17, 2011
IBM's Watson (natural language processing, deduction, AI, inference and statistical modeling all served by a massively parallel POWER7 array of computers with a total of 2880 processors with 15TB RAM) beat the greatest Jeopardy players in three rounds over the past 3 days — and the matches weren't even close. Watson has shocked us, and now […]
Read More
BLOG

Quest Acquires e-DMZ: Get Ready For Consolidation In The PIM Space

Andras Cser February 15, 2011
Quest is making aggressive moves to extend into the heterogeneous, non-Microsoft-centric land of identity and access management. After acquiring Voelcker Informatik for provisioning, Quest just announced the acquisition of e-DMZ, an enterprise-class, high-performance PIM appliance vendor. Novell (now Attachmate) acquired host access control specialist Fortefi, Oracle bought Passlogix (vGO-SAM), CA extended Access Control, and IBM […]
Read More
BLOG

How Do You Support Splinternet Security On Mobile Devices?

Andras Cser February 8, 2011
Mobile authentication is nothing new.  SiteMinder, a prominent web access management tool, has been able to handle mobile browsers and sessions for at least 7-8 years. Some users complained of WAP and its limitations, but most could access information and log in to websites with minimal issues. WAP is gone and it is now replaced […]
Read More