Category: News

How Do We Gain Total Access Visibility Across the Enterprise?

Previously, we asked this question: Who has access to what, why, and who approved it? Our answer was to establish an integrated enterprise identity and access management (IAM) platform. The basic IAM components are fairly straightforward. Establishing the platform starts with maintaining a list of the identities that will need access to resources (systems, services, applications, information, and controls)...

Why Identity Governance Must Be a Top Priority as EU Privacy Deadline Looms

Any organization that controls or processes data on consumers in the European Union (EU) will soon be required to comply with the General Data Protection Regulation (GDPR). The new law, which goes into effect May 25, 2018, is expected to have a sweeping impact on the data protection and privacy practices of companies worldwide. Those organizations that aren’t fully...

Using KPIs to Redefine IAM Success, Part 2

In part 1 of our series on Using KPIs to Redefine IAM Success, we began talking about why identity management projects fail — or at least why they are perceived to have failed. In most instances, organizations adopt identity management solutions to reduce the risk of unauthorized access to systems and data. However, criteria such as operational complexity and...

Why IAM Is Often Put on the Back Burner and Why It Shouldn’t Be

So, you’ve just been breached. Now what? Many questions come to mind. Is the breach contained? Who was behind it? Were they internal or external? How did they get in? What did they get? Depending on your organization’s level of sophistication in response to such incidents, a number of processes, controls, and workflows will be initiated and checked. Some...

Who Has Access to What, Why, and Who Approved It?

Identity management (IdM) is an essential discipline in today’s increasingly complex information and operational technology environments. Organizations must efficiently provide secure and compliant access to large numbers of users across more systems and applications than ever – and at the same time be able to state accurately who has access to which systems and who granted that access. Additionally,...

Are You Really Protecting Your Endpoints?

Terence Jackson
According to Gartner, “Endpoint hardening, including vulnerability, patch, privilege and policy management and application control, is currently the most effective form of malware defense; however, most organizations are unwilling or unable to invest in the upfront effort required to reduce the attack surface.” The 2015 Verizon Data Breach Investigations Report stated that “95 percent of successful cyberattacks start with...

How to Breeze Through a Maximo Upgrade with No Downtime

In late 2014, IBM released version 7.6 of its Maximo product, with new features designed to increase efficiency and reliability. Maximo 7.6 has a new user interface with a customizable dashboard that displays the most relevant information at a glance. Under the hood are many improvements in functionality and reporting that enhance the value of this enterprise asset management...

Using KPIs to Redefine IAM Success, Part 1

“The global identity and access management market is expected to swell to $24.55 billion by 2022, according to a new report from Grand View Research, Inc.” – Grandview Research, “Identity And Access Management Market Analysis By Deployment, By End-Use and Segment Forecasts To 2022″ ~ Organizations are prioritizing investments in identity and access management (IAM). In a recent survey...

The Role of Context in ICS Security Risk Assessment

In our last post Understanding the Security Risks of Industrial Control Systems we discussed the growing security threat to the Industrial Control Systems (ICS) used to support critical infrastructure and drive processes in a number of industry sectors. Increasingly, ICS components and systems are connected via the public Internet rather than private networks. Many of these components have weak...

Understanding the Security Risks of Industrial Control Systems

An Industry Control System (ICS) component is a device, such as a digital controller, that accepts input, performs a specific function and provides output. For example, a digital controller in an HVAC unit might monitor ambient air temperature and tell the system to turn on or off based upon its settings. The definition of such a controller can be...