Category: News

OAuth Is Convenient, But Is It Secure?

Clango
Earlier this year, a phishing attack targeting Google Docs abused OAuth to give hackers full access to victims’ Gmail accounts and contacts. Google blocked the attack within about an hour, but it might have affected as many as a million Gmail users. Here’s how it worked. The attackers got access to Google’s OAuth APIs by posing as legitimate third-party...

Federated Identity Management: More than Single Sign-On

Clango
In a previous post, we discussed how lax password management is putting organizations at risk. A recent Ovum study found that most organizations rely on employee education and self-monitoring to ensure the use of strong passwords. Few organizations have automated tools for password management, creating a burden on employees and help desk personnel. Identity and access management (IAM) technology...

Identity Management Becoming Key to Mobile Security

Clango
Workers today spend more than a third of their time away from their desks, leveraging a mix of mobile devices and applications to access and share information and collaborate with others. While mobile devices give us unprecedented connectivity options, they also create significant security challenges. In a survey of 4,500 business users, the research firm Ovum found that 70...

How to Boost Security by Gaining Greater Control over Passwords

Clango
Most organizations recognize the dangers posed by weak passwords and have implemented policies requiring users to follow password best practices. Enforcing those policies can be a challenge, however. Faced with a mind-boggling number of passwords to remember, users tend to use the same credentials for most or all applications, or simplify passwords to the point that they’re easy to...

Why Incident Response Needs Identity Management

Identity
In our last post, we discussed the importance of incident response in minimizing the cost of a data breach. Costs rise the longer it takes to identify a security event and mitigate the damage. An incident response plan creates a detailed process that speeds detection and resolution. Identification of an incident is not as straightforward as you might think....

How an Incident Response Plan Helps Reduce the Cost of a Security Breach

Incident Response
Data breaches are enormously expensive. According to data from the Ponemon Institute’s 2017 Cost of Data Breach Study, organizations paid $3.62 million on average to recover from security incidents in which sensitive data was compromised. That represents a 10 percent decline from the 2016 results — the first overall decrease in the history of the global study. Nevertheless, organizations...

The Most Common Cybersecurity Threats Impacting Organizations Today

Cybersecurity
Organizations face an increasing number of cybersecurity threats, taxing the ability of IT teams to protect their systems and networks. An understanding of the most common threats and sources of compromise enables them to focus their efforts and increase the odds of preventing a security breach. To that end, the SANS Institute conducted a survey of more than 250...

Why Identity Management Is Critical in Mergers and Acquisitions

IAM Mergers
Mergers and acquisitions are all about finding synergies that increase efficiency and shareholder value. However, M&A deals are inherently risky, requiring careful examination of a target company’s assets, liabilities, and vulnerabilities. Generally, the focus is on financials, but cybersecurity is playing an increasingly important role. EY recently released the 16th edition of its Global Capital Confidence Barometer, with data...

Employees’ Access Credentials Linger Long after They Leave

Employee Access
Identity and access management (IAM) has become the front line of security. To reduce the risk of data leaks and security incidents, organizations must ensure that only the right individuals have the right level of access to the right resources. IAM plays a particularly critical role in preventing the insider threats that pose the greatest security risk. One of...

Senior Oracle Identity Engineer

No image
Apply Now!Send your resume and cover letter to careers@clango.com today! ____________________________________________ Clango, Inc. is seeking an Senior Oracle Identity Engineer to participate in and help manage a multifaceted Cybersecurity team. Duties will consist of scoping and leading projects for the installation, configuration, upgrade, and patching of Oracle identity and Access Management products, including OUD/OVD, OIM, and OAM, as well...