Identity's gravitational pull
Sometimes the best way to illustrate the usefulenss of the identity industry map is to watch the bits of news that roll in every day:
Dave Kearns (of NetworkWorld) highlights ConSentry's identity-based Network Access Control
Authernative raises 2.5mm in Series A round
Symantec's CEO says that Security does not accurately describe their business - they're in "the protection business."
Taken separately, these pieces of news look quite unrelated. But when placed in the identity industry map, a different picture begins to emerge:
Virsa is a real-time compliance and auditing company -- one that falls squarely in the "analyze" category of the industry map. Their technology is in the same space as Prodigen, Sun's identity auditor, and EpicTide, and *all* of these companies are about using identity to provide real-time compliance with various pieces of government legislation (or industry guidelines). SAP's acquisition of this company begins to shed some light on SAP's foray into the identity space. Taken as part of a larger picture that includes SAP's investment in Ping Identity, their partnership with Siemens, and now their purchase of Virsa, and we can begin to see SAP filling out their portfolio for identity.
ConSentry is really interesting in the context of the identity map. Their network access control (NAC) products compete with the likes of Cisco, Juniper, etc, yet they have made the critical jump of realizing that in the world of the "semi-permeable perimeter" (Jim Allchin), access control can only be based on identity. Does this mean that Cisco and Juniper will soon be joining (if they haven't already) ConSentry in the control section of the identity map? You betcha. And don't forget the smaller competitors in the same space - folks like AEP and Identity Engines.
Authernative is but one example of what I term the "expanision" of the identity space. Amidst the wave of acquisitions that occurred last year, the often missed story was just how many other companies were either A) being funded as identity companies or B) converting their products to identity products. The net result has been that the identity space has actually grown amidst a wave of consolidation - i.e., we ain't seen nothing yet when it comes to dollars to be spent on digital identity.
Lastly, the statements from Symantec's CEO are particularly interesting -- if only because Symantec *almost* realizes they're in the identity business. They've finally decided their not in the security business, something of great importance because, as James Gosling once noted, "security" is like "love" - everybody wants it, but no one can actually tell you precisely what it is. Now we find out that Symantec is in the "protection" business. And what are they protecting (drumroll please)? Data. Ugh. So close. Symantec is on the verge of realizing that their business comes in protecting the attributes and data associate with identities. Whether its a phishing attack, or a major data leak at a credit card company, protection is actually about protecting identities. An acquisition, a conversion, expansion of the space, and a company moving toward identity -- all of these point to the giant gravitational pull that identity (or lack thereof) is exerting over technology and, more importantly, the Network as a whole. The reasons are something for another day...