Tag: Access

Research Digs into Privileged Access Management Capabilities and Challenges

Traditionally, workers relied on IT teams to provide privileged access to the resources needed to perform tasks. Today, workers demand unprecedented rights to perform tasks on servers, applications, data, and other IT resources. While privileged access can increase user freedom and productivity and reduce administrative efforts and costs, security requirements are rarely a consideration. The key is to determine...

Effective Privileged Account Management Requires Identity Governance

Privileged ID Governance
The typical enterprise has an ever-increasing number of privileged accounts to manage across on-premises and cloud environments. These privileged accounts extend outside the organization to contractors, business partners, and other third parties. Holders of privileged credentials access systems and data from a wide range of devices and diverse locations. Many systems and applications also use privileged credentials to access...

Employees’ Access Credentials Linger Long after They Leave

Employee Access
Identity and access management (IAM) has become the front line of security. To reduce the risk of data leaks and security incidents, organizations must ensure that only the right individuals have the right level of access to the right resources. IAM plays a particularly critical role in preventing the insider threats that pose the greatest security risk. One of...

GDPR Compliance Will Impact Physical Access Controls

GDPR
The European Union (EU) General Data Protection Regulation (GDPR) places strict new security and privacy requirements on any data related to persons living in the EU. In documenting and managing such data, organizations should not overlook physical access control systems. As we noted in a previous post, physical security typically falls under the purview of a Chief Security Officer...

Enabling Identity Management for Microservices and Cloud-Native Apps

Clango
Cloud access security brokers (CASBs) enable organizations to extend their internal security policies to cloud-based applications and services. A CASB serves as a sort of gatekeeper, sitting between an organization’s onsite infrastructure and the cloud. It can be deployed as an on-premises software tool or a cloud-based service, and may use proxies or APIs to monitor traffic and enforce...

NIST Offers New Guidelines on Identity Management

NIST
The National Institute of Standards and Technology (NIST) is updating its Cybersecurity Framework, as we reported in a previous post. Designed to provide a “prioritized, flexible, repeatable, performance-based and cost-effective approach” to managing cybersecurity, the framework has seen broad adoption by organizations worldwide. NIST issued a draft of version 2.0 in January 2017, incorporating feedback received since the original...

UMA Meets Privacy Requirements by Giving Customers Control Over Their Data

UMA
In our last post we discussed the growing need for customer identity and access management (CIAM) solutions. Like identity and access management (IAM), CIAM has to do with the registration and authentication of users so they can gain secure access to online resources. However, CIAM is also about the aggregation and synchronization of customer data across sales, marketing, and...

How CIAM Creates a 360-Degree View of the Customer

Healthcare IAM
Each of us has multiple identities — personal, consumer, business-related, etc. To his family, a man might simply be “Sam,” but to his employer, Sam is a complex array of user IDs, passwords, and access privileges. Identity and access management (IAM) provides a disciplined approach for the creation, maintenance, and use of those digital identities. It integrates business processes...

Federated Identity Management Extends Control Across Hybrid Environments

ID Management
The continued adoption of Software-as-a-Service (SaaS) solutions and other cloud-based services has blurred the concept of the network perimeter. At the same time, organizations have become increasingly dependent on partners who span supply chains, brokers, and other networks. These distributed computing models have created new challenges for identity and access management (IAM) solutions, which provide a framework for managing...

The Proper Role of Identity Management in Regulatory Compliance

IAM
According to Gartner’s “Survey Analysis: Trends in End-User Security Spending, 2017,” organizations are increasing their cybersecurity budgets due to fears of data breaches and related business risks. Regulatory compliance is also a top concern that’s driving security spending. Organizations face significant financial penalties if they fail to meet increasingly strict regulatory requirements for data security and privacy. The 2016...