Blog

Why the Internet of Things Needs Enterprise Asset Management

Asset management
The Internet of Things (IoT) makes it possible to turn virtually any object into a source of data. Machines can communicate and share data with each other without the need for human intervention and deliver a wide range of information to data centers for processing. Organizations can be alerted when equipment malfunctions or routine maintenance must be scheduled. Real-time...

Keystroke Cops: Authentication by Typing Patterns

Keystroke
In the early days of World War II, Army Signal Corps officers made a startling discovery about intercepted Nazi telegraph transmissions. Though they weren’t able to understand the messages, which were in an encrypted version of Morse code, they were able to determine that the “dots” and “dashes” came in highly distinctive speeds and rhythms. Using a methodology that...

The Opportunities and Challenges of Enterprise Asset Management

EAM
Emerging technologies and competitive pressures are driving increased interest in enterprise asset management (EAM). With the right strategy and an experienced partner, organizations can capitalize on the opportunities of EAM while minimizing its challenges. According to multiple industry reports, the market for EAM systems is experiencing steady growth. Scalar Market Research pegged the market at $3.89 billion in 2016...

How Do We Optimize Access Control Performance?

Identity
In a perfect world, the lifecycle of any identity is readily tracked and managed. The policies that determine basic access are derived from the relevant characteristics of the identity – role, function, business unit, project team, location, certifications, etc. Additional access rights may require a resource owner’s permission. All of these inputs and controls are effectively managed in a...

New York’s New Security Rules Emphasize Identity and Access Management

NY Security
In September 2016, New York Governor Andrew Cuomo announced new regulations that established minimum security requirements for the protection of sensitive data in the financial services sector. The first state-mandated regulations of their kind in the nation, the new rules cover banks, insurance companies, and other financial services firms licensed by the New York Department of Financial Services (DFS),...

Data Manipulation: A More Troubling Problem than Data Theft

PAS
Many people are concerned about the theft of sensitive information, and rightfully so. According to the 2016 Identity Fraud study by Javelin Strategy and Research, identity theft cost U.S. consumers $15 billion in 2015. Businesses also fall victim to identity theft, to the tune of $221 billion worldwide each year. But a more insidious data security problem is gaining...

Why the IoT Needs IAM, Part 2: The Complexity of Controlling Access

DDOS
In a previous post Why the IoT Needs IAM, Part 1: Rise of the Botnets, we discussed the growth of the Internet of Things (IoT) and the enormous attack surface created by billions of Internet-connected devices. Many of these devices have been recruited into botnet armies that are used to launch distributed denial of service (DDoS) attacks. Others are...

Automation Helps Meet Regulatory Requirements for Privileged Accounts

Automation
Privileged account security has become a focal point of many government and industry regulations. Take, for example, the latest version of the Payment Card Industry Data Security Standard (PCI-DSS), which mandates security practices and controls that must be implemented by organizations that store, process, or transmit payment card data. PCI-DSS 3.2 requires that organizations change vendor-default passwords for privileged...

The Role of User Behavior Analytics in Threat Detection

Computer
Rather than simply stealing data, malicious actors are changing it to disrupt processes and cast doubt on information integrity. The threat extends to identity data and user credentials, which could be manipulated to gain physical access to secure facilities or logical access to sensitive data. In light of this threat, organizations are advised to rethink their identity and access...