• The Quest for Universal Single Sign-On Solutions

    For a long time the “Holy Grail” of identity and access management has been single sign-on (SSO) – at least when you ask end users and executives that’s what they would say. After all, nothing makes regular folks happier than easy access to everything they need, with only one password to remember, and no need to call IT – ever – to fix your mistakes, because you don’t make them anymore. It all sounds good, but as any of us who have tried to achieve SSO know, it’s not quite that simple. Maybe “less” sign-on, or “reduced”...
  • Understanding Identity and Access Management Compliance Requirements for PCI, HIPAA, SOX and ISO 27001

    Watch Now: OnDemand Webcast Learn IAM best practices to keep your systems compliant and secure. Your IT systems and process have to be compliant, and they have to be secure. That’s why, ideally, your security investments should also help with compliance and vice versa. Discover the role that identity and access management (IAM) plays in compliance as well as security. In this webcast, experts explain the scope of PCI, HIPAA, SOX and ISO 27001 requirements as well as how to apply IAM controls to each one. What you will learn How IAM can have the broadest impact on...
  • Flexibility is key to success in Identity and Access Management (IAM)

    Webcast with Martin Kuppinger , Principal Analyst, KuppingerCole Register Today!! Jan 12, 2016 4:00pm CET, 10:00am EST, 7:00am PST IAM (Identity & Access Management) is a central discipline of Information Security. But it rarely starts on a green field – commonly there are already some IAM components in place such as directories, Single Sign-On etc. There might also be e. g. IT service management tools in the company. Thus, IAM must integrate well into the existing landscape. Depending on their current infrastructure and requirements, organizations therefore might want to...
  • The Recipe for IAM Success – The Gartner IAM Summit Edition

    We just completed participating in the Gartner Identity and Access Management Summit in Las Vegas. The show is always great for us from the standpoint of talking to lots of people that are facing IAM challenges and learning from Gartner what the future holds and best practices for making IAM work. We (the Dell One Identity team) get the opportunity to present a “solution provider” session at the show, and as in years past, we decided to bring a few customers onto the stage and let them talk about their IAM projects – warts and all. The topic of our session was: “A Recipe...
  • What Does a Game of Capture the Flag Have in Common With Privileged Accounts?

    As I date myself by admitting that I am a child of the 70’s (I will let you try to guess the year) we used to play an outdoor game called Capture the Flag. For all of you that don’t know the game, I won’t bore you with all the details but the main premise is there are two teams on a field of battle each of which is trying to capture the flag of the other team. It was generally a winning strategy for each team to put some of their best players closest to the flag in order to guard the flag from being captured. Then in the 90’s at a Defcon conference, one of the world’s...
  • Leveraging the NIST Cybersecurity Framework to Improve Your Cybersecurity Risk Management

    Make the seemingly complex seamlessly simple. With its 102 example subcategories and lengthy descriptions, the NIST Cybersecurity Framework can at first appear to be an exercise in eye strain. Yet this powerful set of best practices is critical to implement, as the big question about cybersecurity shifts from not if your agency or organization could suffer a serious attack, but when . The best remedy for eye strain is to relax your eyes. Let’s start the relaxation process by looking at the Framework’s top level. There are five, and only five, main Framework functions: Identify...
  • Can You Achieve Security and Governance With Your Identity and Access Solution?

    Many organizations haven’t met governance and compliance requirements because of loose user access controls and lack of visibility over who is accessing data which could end up having critical information in it like social security numbers, credit card data, health care or proprietary info. The complexity of managing the user and data lifecycle is often compounded by a lack of transparency: the organization cannot be sure of who can do what in which IT system, which information they can access, and so on. Is everyone who has access supposed to? Is achieving user and data governance...
  • How to Accelerate Multi-factor Authentication for Federal Agencies

    Dell Software’s on-demand knowledge webcast series, addressing the directives Federal CIO Tony Scott gave to agencies for the 30-day Cybersecurity Sprint in July concludes with a discussion of the fourth and final directive: “ Dramatically accelerate implementation of multi-factor authentication, especially for privileged users. Intruders can easily steal or guess usernames/passwords and use them to gain access to Federal networks, systems, and data. Requiring the utilization of a Personal Identity Verification (PIV) card or alternative form of multi-factor authentication can significantly...
  • Observations on Dell World 2015

    So here we are about half way into Dell World 2015 and I have some thoughts based on this year’s version of the event, compared to previous editions. Software is big. Since joining Dell almost three years ago we’ve seen a steady increase in the interest attendees show in Dell Software and the relevance of Dell software solutions have in the lives of our customers. That’s not just a good thing, it’s a great thing. Security is even bigger. I may be biased here (Okay I know I’m biased here) but of all the software things to talk about at Dell World, people...
  • Improve Privileged Account Management for National Cybersecurity Awareness Month

    With October being National Cybersecurity Awareness Month , Dell Software is continuing its knowledge series of four on-demand webcast series addressing the directives Federal CIO Tony Scott gave to agencies for the 30-day Cybersecurity Sprint in July. The Third Directive “ Tighten policies and practices for privileged users . To the greatest extent possible, agencies should: minimize the number of privileged users ; limit functions that can be performed when using privileged accounts; limit the duration that privileged users can be logged in; limit the privileged functions that can...