Tag: Cybersecurity

The Critical Importance of Managing Business Partner Security Risks

Partner Security
It is well known that the 2013 Target data breach was the result of a compromised third-party vendor. Attackers sent a phishing email to a refrigeration company that did business with Target and had access to some of Target’s computer systems. At least one user fell for the phishing email, causing malware to be installed on the company’s systems....

Mature Identity Management Processes Equate to Reduced Security Risk

Clango
Identity and access management (IAM) is often approached tactically, as a means of giving users access to resources while minimizing IT operational overhead. The threat mitigation and risk management aspects of IAM are not prioritized, leaving gaps in the organization’s security strategy. Cybersecurity spending, which IDC says will reach $81.7 billion this year, remains heavily weighted toward network security...

The Benefits and Potential Pitfalls of IT Self-Service

Clango
Organizations are increasing their use of self-service tools to streamline help desk operations. Most IT self-service tools focus on the automation of manual processes related to password resets and other common identity management tasks. Given that approximately 80 percent of all help desk calls are related to password resets, self-service reduces the strain on the help desk and the...

Why EAM and ERP Should Work Hand in Hand

Clango
For many years, a debate has raged regarding the relative merits of enterprise resource planning (ERP) and enterprise asset management (EAM) systems. Typically, this debate pits an organization’s finance department against its operational teams, with IT stuck somewhere in the middle. Finance might argue that ERP is critical to the business, and ERP modules can provide some EAM functions;...

OAuth Is Convenient, But Is It Secure?

Clango
Earlier this year, a phishing attack targeting Google Docs abused OAuth to give hackers full access to victims’ Gmail accounts and contacts. Google blocked the attack within about an hour, but it might have affected as many as a million Gmail users. Here’s how it worked. The attackers got access to Google’s OAuth APIs by posing as legitimate third-party...

Federated Identity Management: More than Single Sign-On

Clango
In a previous post, we discussed how lax password management is putting organizations at risk. A recent Ovum study found that most organizations rely on employee education and self-monitoring to ensure the use of strong passwords. Few organizations have automated tools for password management, creating a burden on employees and help desk personnel. Identity and access management (IAM) technology...

Identity Management Becoming Key to Mobile Security

Clango
Workers today spend more than a third of their time away from their desks, leveraging a mix of mobile devices and applications to access and share information and collaborate with others. While mobile devices give us unprecedented connectivity options, they also create significant security challenges. In a survey of 4,500 business users, the research firm Ovum found that 70...

How to Boost Security by Gaining Greater Control over Passwords

Clango
Most organizations recognize the dangers posed by weak passwords and have implemented policies requiring users to follow password best practices. Enforcing those policies can be a challenge, however. Faced with a mind-boggling number of passwords to remember, users tend to use the same credentials for most or all applications, or simplify passwords to the point that they’re easy to...

Why Incident Response Needs Identity Management

Identity
In our last post, we discussed the importance of incident response in minimizing the cost of a data breach. Costs rise the longer it takes to identify a security event and mitigate the damage. An incident response plan creates a detailed process that speeds detection and resolution. Identification of an incident is not as straightforward as you might think....

How an Incident Response Plan Helps Reduce the Cost of a Security Breach

Incident Response
Data breaches are enormously expensive. According to data from the Ponemon Institute’s 2017 Cost of Data Breach Study, organizations paid $3.62 million on average to recover from security incidents in which sensitive data was compromised. That represents a 10 percent decline from the 2016 results — the first overall decrease in the history of the global study. Nevertheless, organizations...