Tag: management

Research Digs into Privileged Access Management Capabilities and Challenges

Traditionally, workers relied on IT teams to provide privileged access to the resources needed to perform tasks. Today, workers demand unprecedented rights to perform tasks on servers, applications, data, and other IT resources. While privileged access can increase user freedom and productivity and reduce administrative efforts and costs, security requirements are rarely a consideration. The key is to determine...

Why Identity Governance Is Ripe for a “Shift Left” Approach

As organizations seek to bolster security and improve the user experience, the “Shift Left” movement is gaining steam. The term actually has a number of definitions, depending on context. In software development, where it originated, Shift Left refers to an approach in which testing is done earlier in the process — that is, it is shifted left on the...

Effective Privileged Account Management Requires Identity Governance

Privileged ID Governance
The typical enterprise has an ever-increasing number of privileged accounts to manage across on-premises and cloud environments. These privileged accounts extend outside the organization to contractors, business partners, and other third parties. Holders of privileged credentials access systems and data from a wide range of devices and diverse locations. Many systems and applications also use privileged credentials to access...

Is Blockchain the Answer to Identity Management?

Clango
The ideal in identity management is to have a single source of truth — one repository that holds a unique ID for each user and allows users to access all the resources they’re entitled to. Very few (if any) organizations have achieved this ideal. In most cases, users maintain multiple sets of credentials to log into various systems. Single...

Privileged Account Management Is Critical in the Cloud

Cloud Security
The move to the cloud began in earnest in 2007, as organizations looked for ways to cut capital expenses during the Great Recession. Fast-forward a decade, and the cloud is more popular than ever. According to a recent survey by LogicMonitor, 68 percent of workloads are running in public, private, or hybrid clouds, and that number will increase to...

How to Minimize the Risk of Local Admin Rights and Privileged Account Attacks

EPM
In our last post, we discussed the risks of granting administrator rights to end users at the workstation level. Local admin rights enable users — or hackers — to do whatever they want with a machine. An attacker who is able to obtain local admin credentials can launch a “pass-the-hash” attack, leveraging well-known Windows vulnerabilities to obtain higher-level privileged...

What Is Privileged Session Management and Why Is It Important?

PSM
The critical first step in privileged account management (PAM) is to identify, consolidate, and lock down privileged credentials so only authorized users have access to them. However, this is only the first step. To be effective, PAM should include privileged session management as well as credential protection. Privileged session management is a security control involving the monitoring and recording...

The Benefits and Potential Pitfalls of IT Self-Service

Clango
Organizations are increasing their use of self-service tools to streamline help desk operations. Most IT self-service tools focus on the automation of manual processes related to password resets and other common identity management tasks. Given that approximately 80 percent of all help desk calls are related to password resets, self-service reduces the strain on the help desk and the...

Why EAM and ERP Should Work Hand in Hand

Clango
For many years, a debate has raged regarding the relative merits of enterprise resource planning (ERP) and enterprise asset management (EAM) systems. Typically, this debate pits an organization’s finance department against its operational teams, with IT stuck somewhere in the middle. Finance might argue that ERP is critical to the business, and ERP modules can provide some EAM functions;...

Federated Identity Management: More than Single Sign-On

Clango
In a previous post, we discussed how lax password management is putting organizations at risk. A recent Ovum study found that most organizations rely on employee education and self-monitoring to ensure the use of strong passwords. Few organizations have automated tools for password management, creating a burden on employees and help desk personnel. Identity and access management (IAM) technology...