In a past life, I was a “buy side” equity analyst for a Wall Street firm. I followed a number of mergers involving Computer Associates. CA Management made their model clear to investors: buy mature products where customers are locked in, and no (or very little) innovation is required.
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
The decline of site minder
1. It’s a safe choice, because Site Minder is currently the clear leader in terms of market
share. But is Site Minder really all that great?
If you were an enterprise in the early 2000′s, you were smart to deploy Site Minder. In
the late 90′s, the Integrity team’s pioneering work on Site Minder offered an epic
improvement on home-grown SSO authentication wam software approaches. However,
by 2003, the product was not too far from the product used today.
2. In a past life, I was a “buy side” equity analyst for a Wall Street firm. I followed a
number of mergers involving Computer Associates. CA Management made their model
clear to investors: buy mature products where customers are locked in and no (or very
little) innovation is required. Many of these deals contribute revenue long after their
expected expiration date. From that perspective, the Integrity acquisition was brilliant
“strategy” ( for CA…)
However, if you’re a customer of CA Site minder, think back to 2003… There were no
iPhones and Android would have to wait another five years to show up on the market.
There were no cloud servers. Web Services meant SOAP. And the idea that Linux would
replace Solaris in the enterprise seemed wildly over-optimistic.
You’d think that an important enterprise security system would need an equally
dramatic upgrade. Even when Site Minder was owned by Integrity, enhancements were
slow to arrive. If there is a new Site Minder feature you want, or a bug to be fixed, your
only recourse is to wait for a patch. Expect to wait a long time. Maybe this is good —
stability is good, right?
But as everyone knows, it’s hard to stand still in the tech market. Although commercial
companies can get to market more quickly, these days it’s inevitable that open source
software will follow. Usually it is better than the proprietary software. This is especially
true for software that implements open standards, and integrates with open source
products like the Apache HTTPD server. As Site Minder stood relatively still for the last
decade, open source software has risen to the occasion.
3. At this point, its Site Minder that needs to do the catching up, as the model for
authorization is no longer centralized… its federated. It’s not just one “Policy Server”
for a domain that controls security for a website… but websites need to check with
many authorization servers. Here is a hypothetical example: a website for the Army
might need to check policies for the Army, the Dept of Defense, and other autonomous
organizations.
I predict Site Minder’s market share has peaked. Of course, organizations don’t want to
overpay to be locked into proprietary software once there are any other options. The
market for access management has gotten more competitive.
Not only are there other enterprise suites (some of which are mentioned in the
Forrester report linked above), there are also SaaS identity services and open source
alternatives.
More and more organizations are adopting central idp shibboleth authentication and
authorization systems. With greater demand, prices have fallen dramatically. Lower
prices have brought the technology within grasp of exponentially more organizations,
thus increasing the total size of the market. Soon enough, many of Site Minder’s
customers will look at the current market price for the technology, and realize they are
paying far too much. It will be hard for Site Minder to adjust without destroying their
current business model.
Article resource:-http://www.blogster.com/thegluuserver/the-decline-of-siteminder-1