For many years, a debate has raged regarding the relative merits of enterprise resource planning (ERP) and enterprise asset management (EAM) systems. Typically, this debate pits an organization’s finance department against its operational teams, with IT stuck somewhere in the middle. Finance might argue that ERP is critical to the business, and ERP modules can provide some EAM functions;...

Earlier this year, a phishing attack targeting Google Docs abused OAuth to give hackers full access to victims’ Gmail accounts and contacts. Google blocked the attack within about an hour, but it might have affected as many as a million Gmail users. Here’s how it worked. The attackers got access to Google’s OAuth APIs by posing as legitimate third-party...

In a previous post, we discussed how lax password management is putting organizations at risk. A recent Ovum study found that most organizations rely on employee education and self-monitoring to ensure the use of strong passwords. Few organizations have automated tools for password management, creating a burden on employees and help desk personnel. Identity and access management (IAM) technology...