Access "Managing identities in hybrid worlds"
This article is part of the April 2013 / Volume 15 / No. 3 issue of Managing identities in hybrid worlds
You would think that managing identities and access rights in an organization would be settled, solved and routine by now. But the ebb and flow of disruptive technologies such as cloud-based systems, mobile apps and bring-your-own-devices (BYOD) have made it as elusive as ever. Identity and access management, or IAM, is the business and technology concerned with effective management of all users’ access to an organization’s assets and facilities. It is difficult to fund IAM projects because they consume resources without actually adding business functionality. IAM is a part of the organization’s plumbing; you take it for granted until you turn on the hot water and nothing happens. Many organizations do not realize that their IAM is out of control until one of the following occurs: Security incident caused by an insider with excessive privileges Security incident caused by a former employee who still has access rights An external auditor or regulator discovers lapses in IAM processes resulting in too many people having access to too many roles and systems ... Access >>>
Premium Content for Free.
Managing identities in hybrid worlds
by Peter H. Gregory
Are you losing control of access management as SaaS and mobile devices take hold? To achieve better operational consistency and scale, consider a centralized IAM system.
Address IPv6 security before your time runs out
by Fernando Gont
Most networks have partial deployment of IPv6 often without IT realizing it. It’s time to take stock of the security implications before attackers do.
- Managing identities in hybrid worlds by Peter H. Gregory
Botnet takedowns: A dramatic defense
by Kathleen Richards
The infections and cyberattacks that botnets are used to launch remain hard-to-detect malware threats that have moved beyond PCs to mobile devices.
- Botnet takedowns: A dramatic defense by Kathleen Richards
Security transitions: Changes that make a difference
by Robert Richardson
This month, Information Security Magazine examines security industry changes that can really make a difference: improving identity management and building security into software from the get go.
CISOs: From no seat to multiple hats
by David J. Sherry
The CISO role in many enterprises is expanding beyond security risk mitigation to risk management, privacy and regulations, and compliance.
Why information security education isn’t making the grade
by Doug Jacobson and Julie A. Rursch
Security experts explain why a holistic approach to security is critical to training computer engineers and computer scientists for a career in information security.
Cyberwar calls for software and system investment, not hacking back
by Gary McGraw, Contributor
Hacking back isn't the way to win the cyberwar. Gary McGraw says building software and systems with fewer vulnerabilities is stronger protection.
- Security transitions: Changes that make a difference by Robert Richardson
More Premium Content Accessible For Free
Next-generation authentication technologies emerge to restore balance
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization security dynamics get old, changes ahead
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Insider edition: Layering mobile security for greater control
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...