The Internet of Things (IoT) makes it possible to turn virtually any object into a source of data. Machines can communicate and share data with each other without the need for human intervention and deliver a wide range of information to data centers for processing. Organizations can be alerted when equipment malfunctions or routine maintenance must be scheduled. Real-time...

In the early days of World War II, Army Signal Corps officers made a startling discovery about intercepted Nazi telegraph transmissions. Though they weren’t able to understand the messages, which were in an encrypted version of Morse code, they were able to determine that the “dots” and “dashes” came in highly distinctive speeds and rhythms. Using a methodology that...

Emerging technologies and competitive pressures are driving increased interest in enterprise asset management (EAM). With the right strategy and an experienced partner, organizations can capitalize on the opportunities of EAM while minimizing its challenges. According to multiple industry reports, the market for EAM systems is experiencing steady growth. Scalar Market Research pegged the market at $3.89 billion in 2016...

In a perfect world, the lifecycle of any identity is readily tracked and managed. The policies that determine basic access are derived from the relevant characteristics of the identity – role, function, business unit, project team, location, certifications, etc. Additional access rights may require a resource owner’s permission. All of these inputs and controls are effectively managed in a...

In September 2016, New York Governor Andrew Cuomo announced new regulations that established minimum security requirements for the protection of sensitive data in the financial services sector. The first state-mandated regulations of their kind in the nation, the new rules cover banks, insurance companies, and other financial services firms licensed by the New York Department of Financial Services (DFS),...

Many people are concerned about the theft of sensitive information, and rightfully so. According to the 2016 Identity Fraud study by Javelin Strategy and Research, identity theft cost U.S. consumers $15 billion in 2015. Businesses also fall victim to identity theft, to the tune of $221 billion worldwide each year. But a more insidious data security problem is gaining...

In a previous post Why the IoT Needs IAM, Part 1: Rise of the Botnets, we discussed the growth of the Internet of Things (IoT) and the enormous attack surface created by billions of Internet-connected devices. Many of these devices have been recruited into botnet armies that are used to launch distributed denial of service (DDoS) attacks. Others are...

Privileged account security has become a focal point of many government and industry regulations. Take, for example, the latest version of the Payment Card Industry Data Security Standard (PCI-DSS), which mandates security practices and controls that must be implemented by organizations that store, process, or transmit payment card data. PCI-DSS 3.2 requires that organizations change vendor-default passwords for privileged...

In my last two articles, I discussed various aspects of privileged account and endpoint security, with a focus on implementing a new solution. But what if you already have one of these solutions in place? Are you aware of all its features? Have you deployed it for the correct use cases? Are there integrations with other systems you already...

Rather than simply stealing data, malicious actors are changing it to disrupt processes and cast doubt on information integrity. The threat extends to identity data and user credentials, which could be manipulated to gain physical access to secure facilities or logical access to sensitive data. In light of this threat, organizations are advised to rethink their identity and access...