Tag: Access

Data Manipulation: A More Troubling Problem than Data Theft

Many people are concerned about the theft of sensitive information, and rightfully so. According to the 2016 Identity Fraud study by Javelin Strategy and Research, identity theft cost U.S. consumers $15 billion in 2015. Businesses also fall victim to identity theft, to the tune of $221 billion worldwide each year. But a more insidious data security problem is gaining...

Why the IoT Needs IAM, Part 2: The Complexity of Controlling Access

DDOS
In a previous post Why the IoT Needs IAM, Part 1: Rise of the Botnets, we discussed the growth of the Internet of Things (IoT) and the enormous attack surface created by billions of Internet-connected devices. Many of these devices have been recruited into botnet armies that are used to launch distributed denial of service (DDoS) attacks. Others are...

Automation Helps Meet Regulatory Requirements for Privileged Accounts

Automation
Privileged account security has become a focal point of many government and industry regulations. Take, for example, the latest version of the Payment Card Industry Data Security Standard (PCI-DSS), which mandates security practices and controls that must be implemented by organizations that store, process, or transmit payment card data. PCI-DSS 3.2 requires that organizations change vendor-default passwords for privileged...

Why the IoT Needs IAM, Part 1: Rise of the Botnets

DIT
In the Internet of Things (IoT), billions of connected objects quietly collect and transmit data and perform a wide range of functions, generally without human intervention. Imagine vending machines that tell you when they need to be replenished, vehicles that schedule their own maintenance, and “smart home” products that let you lock your doors, control your thermostat, and peek...

Why Does Identity and Access Management / Governance Matter?

IAM
The risks associated with insider-threat theft and data breaches are well known. At the very least we ought to be aware of who is currently able to access our information resources and operational controls. We need to understand the risks to the enterprise if information or access falls into the wrong hands, or is corrupted in some way. Whatever...

How Do We Gain Total Access Visibility Across the Enterprise?

Previously, we asked this question: Who has access to what, why, and who approved it? Our answer was to establish an integrated enterprise identity and access management (IAM) platform. The basic IAM components are fairly straightforward. Establishing the platform starts with maintaining a list of the identities that will need access to resources (systems, services, applications, information, and controls)...

Why IAM Is Often Put on the Back Burner and Why It Shouldn’t Be

So, you’ve just been breached. Now what? Many questions come to mind. Is the breach contained? Who was behind it? Were they internal or external? How did they get in? What did they get? Depending on your organization’s level of sophistication in response to such incidents, a number of processes, controls, and workflows will be initiated and checked. Some...

Who Has Access to What, Why, and Who Approved It?

Identity management (IdM) is an essential discipline in today’s increasingly complex information and operational technology environments. Organizations must efficiently provide secure and compliant access to large numbers of users across more systems and applications than ever – and at the same time be able to state accurately who has access to which systems and who granted that access. Additionally,...

Using KPIs to Redefine IAM Success, Part 1

“The global identity and access management market is expected to swell to $24.55 billion by 2022, according to a new report from Grand View Research, Inc.” – Grandview Research, “Identity And Access Management Market Analysis By Deployment, By End-Use and Segment Forecasts To 2022″ ~ Organizations are prioritizing investments in identity and access management (IAM). In a recent survey...