Wave Systems Corp. (fka WAVXQ)

[boombreaker]

The RSA conference was last week, and several things there stood out
for me. There was a record audience, record exhibitor presence, and a
lot of buzz. RSA is the leading security conference, but security wasn't
the hot topic. Rather, the words that got everyone's attention were
identity and compliance. It was quite entertaining to hear how vendors
tried to work those two words into their presentations, as it became
quite clear the audience was interested in little else (other than maybe
wondering if some new solution for spam or viruses had shown up - not
really.)

This confirmed what I've been seeing for a few months now, the identity
industry is reaching its first inflection point. Interestingly, it seems
that although everyone realizes that compliance is driving this increase
in sales, they aren't quite sure what that means. Is it a short term
bump, or a long term trend? What does it mean for the technology? It
was clear that many of those I talked to in the industry hadn't quite
sorted it out, even though they have the information in front of them
to do so.

What causes these major inflection points - where new technology finally
causes a paradigm shift and a new marketplace emerges? For LANs, it
was the concept of the file and print server that launched first Novell,
and then the ubiquity of local area networking. The Internet was just a
collection of interesting communications technology until the Web
browser and its hyperlink approach to real-time information organization
by the end user launched first Netscape and then the ubiquity of
global networking. There are other examples of true inflection points
in computing, where new technologies changed how everyone looked at
doing things. But what is it that they all have in common (and by
implication, how can you tell when another one is about to happen?)

The underlying theme is the emergence of what I will call "a universal
application" for the new technology that creates a solution to a
problem that nearly everyone has. It was the spreadsheet that sold
the PC, because that capability solved problems for nearly everyone
in business at any level. The file and print server solved problems
of sharing information in nearly every business setting. The web browser
solved problems of information research and organization "on demand"
that exist for nearly everyone.

Two days into the RSA conference, where the attendance was up over 30%,
the desire of the attendees for "answers" was palpable. As usual in
such a setting, vendors all have "an answer" to put forth, but something
wasn't quite lining up between what the audience wanted and how the
messages were put forth. The messages occurred at a level of technical
detail most of the audience no longer has patience for. People who in
the past gloried in hearing the details, now seem to be on some other
plane, and want more packaged "solutions." Explorers, who delight in
the technology itself, are giving way to those with real needs who
just want to know what works.

Slowly, listening to what triggered questions in sessions, talking to
people and vendors on the expo floor, the reason for this attitude
change emerged - they have a universal application now, and they just
want to know how to deal with it. That application goes by the name
of automating compliance, and it is on the verge of creating a significant
paradigm shift in the way we understand networked computing.

At this year's RSA conference you could see most of "security" morphing
into a component of something larger that needs to be integrated into
a compliance solution now or face becoming an ever more isolated set of
point solutions. The talk of strong authentication may seem to be based
in "security," but in reality it is all about creating a foundation for
automating compliance and assuring auditability. Identity management is
emerging in ways it never did before - driven almost exclusively by the
need to automate compliance. "Building trust in the network" surfaces
in discussions, but again it is driven by the need to create methods
that automate compliance. Just the whiff of the word compliance in a
pitch created a marked reaction from the audience. This is what they
wanted to hear about.

When the Web browser first surfaced, it was initially seen as "another
application" of internet technology, one among many. But it wasn't long
before it was clear, *this* was the paradigm shift that made the internet
have a universal application. Only after that occurred did email
consolidate its many forms into the one we know today, dragged along
only after the web browser made it clear that the internet was the
paradigm of the future for networking. Protocol wars that had raged
for years were suddenly resolved in favor of the TCP/IP and related
internet methods, because the Web browser made it clear which station
the train to somewhere interesting was leaving from.

In early 1994, it wasn't clear when or how "the inflection point"
for internet technology would ever occur. By mid 1995 it was quite
clear, and the reason was the emergence of the universal application
of the infrastructure - the web browser. Just as "security" still
needs to chase down viruses and worms, "remote access servers" then
still needed a lot of evolution and development. But the paradigm
shift had happened, and the details of technology were suddenly just
something that just had to get worked out on the way to the real show.
From then on they were judged by how much the helped the web browser
based universal application to deploy.

Last week I got the clear picture that the first universal application
of identity infrastructure has surfaced, and that through automating
compliance a major inflection point is at hand. If I'm right, we'll
know soon, as the Digital ID World conference is only 70 days away.
And when that group of experts and end users convenes, I now suspect
that automating compliance will be animating the conversation and
taking it to a new level.

The identity conversation is about to get interesting to a whole
new (and much larger) audience, because it is now becoming seen as
the path to creating a universally needed application that nothing
else can satisfy. Fortunately, my editorial calendar has the next
issue of the Digital ID World print magazine focusing on compliance.
And the story is taking shape there quite nicely indeed.

Identity finally has its universal application - something every
business will have to implement. And this will dramatically change
identity technology and rapidly grow the identity marketplace over
the next 24 months.

http://conference.digitalidworld.com/2005/16.php