Identity and Access Management - Blog

  • A Bold Statement – Dell Rocks Privileged Account Management

    Okay, I’m really proud of who I work for and what I work on. One of the biggest sources of pride for me at Dell is the privileged account management (PAM) suite that we’ve put together. I’ve been there from the time that we were a tiny struggling start-up (called Vintela) with a cool PAM idea; through years at Quest Software, where we meticulously built a comprehensive PAM portfolio; and now at Dell where we’ve seen the fruits of our labors in a wildly successful identity and access management business, that boasts PAM as one of its crown jewels. Last year, Gartner...
  • The Dangers of Governance in Silos

    It seems that governance is all the rage these days. Every identity and access management vendor (Dell included) is jumping on the governance bandwagon, and rightfully so. The key activities that make up governance are becoming more and more critical to a successful security and compliance program. Those activities are: Provisioning – making sure that the access rights assigned to each individual are appropriate for that individual and follow well-thought-out security policy Attestation/Recertification – enabling the business to accurately and completely certify to the appropriateness...
  • Four Tips to Drive Towards Governance Success

    The whole point of technology is to help people do their jobs better so that the organization can achieve its business objectives – whether that be profits ad revenue, serving constituents, or changing the world. So in an ideal world every person would have unlimited access to everything, they would all be entirely trustworthy and capable, and would only do the right things with the stuff they have access to. But the word is far from perfect … that’s why we have things like authentication, authorization, and identity administration (the key ingredients of identity and access...
  • Stories in the IAM Trenches – the Gartner Security & Risk Summit Edition

    I’m here in National Harbor, Maryland at the Gartner Security and Risk Summit. One of the advantages of sponsoring the event is the opportunity to do what Gartner calls a “Solution Provider Session”. Most sponsors use their allotted time to pitch their solutions – that’s why we’re here isn’t it, to sell some stuff? But we’ve always chosen to use our session to provide some real-world perspective on the difficulties of identity and access management. So we invite a few of our customers to tell about their IAM journey, and hopefully expose the rest...
  • The Four Tenets of Privileged Account Management Success

    I’ve been working in the privileged account management space for years, including a continuous line from Vintela, where we pioneered the Active Directory bridge space; through Quest Software, where we built the industry’s most comprehensive PAM offering; to Dell, where we’ve unified those powerful PAM solutions with governance. During that time thousands of organizations have used our solutions to address their PAM challenges. When we’ve seen customers have success it’s been because they’ve embraced some simple tenets. And when they’ve struggled it’s...
  • Five Lies That Can Doom Any Privileged Account Management Program

    We all do privileged account management (PAM), we have to. Maybe you do it pretty well. But I bet you have room for improvement…who doesn’t? PAM is so critical to security and compliance that even the slightest hiccup or misplaced emphasis could be catastrophic. As we at Dell have helped organizations do PAM and do it right, we’ve come across five popular lies that people tell themselves that indicate a APM program that may be headed in the wrong direction. “Sudo is good enough” “I trust my admins” “All we need is a credential vault”...
  • What Governance and Psychology 101 have in Common

    Remember back to your freshman year in college and you took that required Introduction to Psychology course? Remember learning about Maslow’s Hierarchy of human Needs? If technology (or more-specifically identity and access management) were mapped to Maslow’s pyramid, Governance would be at the apex. Governance is the “self-actualization” of the IAM world. In other words, everything we do should be leading to governance, and failure to satisfy lower levels of the pyramid actually prevents full maturity and success. And that’s why governance is so elusive, many of...
  • How to choose between an on-premises Identity solution or SaaS

    Finding the right Identity and Access solution has never been more critical. With application portfolios growing and employees’ responsibilities constantly changing, organizations need to ensure that each user has access to exactly the right resources to limit the risk of a security breach. But they simply cannot afford hours of IT effort every time a user needs to be provisioned or de-provisioned. Today’s next-generation IAM solutions can not only solve your security challenges, but also help your organization become more strategic and agile. But there are several IAM delivery models...
  • Governance … Everyone Has to Do It, so Why Is It so Hard?

    It seems that we live in a world driven by buzzwords, particularly when it comes to technology. Whatever the press or analysts say is the next big thing, we feel obligated to pay attention and figure out a way to make it part of our day-to-day operations. A few years back the buzzword-of-the-moment was compliance and everything we did was colored by the impact it would have on compliance. Once compliance became yesterday’s news, the next big thing was governance and now if we don’t deal with governance we’ve missed the boat. So what is governance and do we really need to worry...
  • How Come So Many Privileged Account Management Programs Fail?

    Perhaps the fastest growing market in the already fast growing identity and access management (IAM) sector is privileged account management (PAM). It goes by many names (PAM, PIM, PIAM) but really it boils down to the age-old need to control and monitor what superusers do with the all-powerful administrative accounts that are a necessity on virtually every system. The emphasis is well-deserved – most major breaches are due to abuse or misuse of these credentials. I’m sure you have a PAM program already, and I’m equally sure that you have room for improvement – everyone does...