The Screwtape CISO: Memo #1 (silos, stovepipes and point solutions)
Perhaps you’ve heard of the Winchester house in Santa Clara, California – the mansion on which construction never ceased. Allegedly this never-ending project would appease the spiritsof those who were...
View Article“Poor Man’s IAM”
This week kicked off a multi-city seminar series – sponsored by Oracle – on the advantages of the “platform” vs. “point solution” approach in the area of Identity and Access Management (IAM). During my...
View ArticleThe Devil’s Dictionary for IT and IT Security: Two-Factor Authentication
Access Denied. (But I typed in the credentials right). Access Denied. (You’ve got to be kidding me. One more time.). Access Denied. (That’s it…this computer is going out the window). Your two-factor...
View ArticleStat of the Week: Rise of the User in IAM
Identity and Access Management (IAM). When many people think of IAM, it conjures up images such as IT revoking access privileges from users the moment they leave an organization. But the Best-in-Class...
View ArticleIAM Investing for Success — Are You?
In its research report, IAM Beyond Control, Compliance, and Cost: The Rise of the User, Aberdeen Group described how the strategic focus for enterprise identity and access management (IAM) systems has...
View ArticleIAM Focused On Users, and Getting Results
In the blog IAM Investing for Success — Are You?, Aberdeen Group described insights from its Q4 2015 study on Identity and Access Management (IAM), which examined the use, experiences, and intentions...
View ArticleHow to Ensure Proper SSH User Key Management
Secure Shell (SSH) key management is a critical security issue. After all, SSH keys act as a password of sorts to grant entry into an organization’s operating system. As organizations tackle the...
View ArticleTaking Control of Your Privileged Access Management
Privileged access management (PAM) has, by and large, always been a difficult topic for the enterprise. Now that cloud and IT services are being outsourced more often, PAM challenges are taking center...
View ArticleThe Security and Compliance Implications of SSH User Keys
Consider this true story: An auditor asked a developer how he gained access to his development environment to perform his daily tasks. The developer explained that the process involved going through a...
View Article