Category: News

How CIAM Creates a 360-Degree View of the Customer

Healthcare IAM
Each of us has multiple identities — personal, consumer, business-related, etc. To his family, a man might simply be “Sam,” but to his employer, Sam is a complex array of user IDs, passwords, and access privileges. Identity and access management (IAM) provides a disciplined approach for the creation, maintenance, and use of those digital identities. It integrates business processes...

DIT is now Clango

Distributed Information Technologies, Inc. (DIT) is now Clango. We’ve changed our name, but you can still rely on us to help organizations build identity-centric security programs.  From DevOps and Cybersecurity to Application Development and Enterprise Asset Management, Clango delivers.

NIST Cybersecurity Framework Gets an Update

Organizations are facing a “triple threat” when it comes to cybersecurity. Growing numbers of vulnerabilities and increasingly sophisticated attacks have made cybersecurity breaches virtually inevitable. However, many organizations lack the skilled personnel needed to combat these attacks, and open positions for security specialists tend to go unfilled due to the limited number of professionals in the marketplace. As a...

FIDO Alliance Specifications Enable Standards-Based Approach to MFA

In our last post, we discussed how so-called “aftershock” attacks are driving the need for multifactor authentication (MFA). Because most users rely on a handful of slightly varied passwords to access multiple sites and accounts, cybercriminals often use stolen passwords in hacking attempts. MFA adds an extra layer of protection by requiring more than a password for authentication. Traditionally,...

“Aftershock” Attacks Up the Ante for Multifactor Authentication

Aftershocks, in geological terms, often occur in the vicinity of an earthquake; they can happen weeks, months, or even years after the original seismic event. Security experts warn that high-profile data breaches can also produce aftershocks, and multifactor authentication (MFA) is the best defense against these attacks. Aftershock attacks occur when hackers use credentials obtained in previous data breaches...

Federated Identity Management Extends Control Across Hybrid Environments

ID Management
The continued adoption of Software-as-a-Service (SaaS) solutions and other cloud-based services has blurred the concept of the network perimeter. At the same time, organizations have become increasingly dependent on partners who span supply chains, brokers, and other networks. These distributed computing models have created new challenges for identity and access management (IAM) solutions, which provide a framework for managing...

The Proper Role of Identity Management in Regulatory Compliance

According to Gartner’s “Survey Analysis: Trends in End-User Security Spending, 2017,” organizations are increasing their cybersecurity budgets due to fears of data breaches and related business risks. Regulatory compliance is also a top concern that’s driving security spending. Organizations face significant financial penalties if they fail to meet increasingly strict regulatory requirements for data security and privacy. The 2016...

The Cloud Demands a Centralized Approach to Identity and Access Management

Ever-increasing numbers of users, both inside and outside organizations, need convenient access to corporate IT resources that exist both on-premises and in the cloud. The result is a porous network perimeter that relies heavily on user authentication to prevent unauthorized access. However, many organizations are finding that their identity and access management (IAM) platforms are inadequate. Growing security threats...

Why the Internet of Things Needs Enterprise Asset Management

Asset management
The Internet of Things (IoT) makes it possible to turn virtually any object into a source of data. Machines can communicate and share data with each other without the need for human intervention and deliver a wide range of information to data centers for processing. Organizations can be alerted when equipment malfunctions or routine maintenance must be scheduled. Real-time...

Keystroke Cops: Authentication by Typing Patterns

In the early days of World War II, Army Signal Corps officers made a startling discovery about intercepted Nazi telegraph transmissions. Though they weren’t able to understand the messages, which were in an encrypted version of Morse code, they were able to determine that the “dots” and “dashes” came in highly distinctive speeds and rhythms. Using a methodology that...