Identity and Access Management - Blog

  • How to choose between an on-premises Identity solution or SaaS

    Finding the right Identity and Access solution has never been more critical. With application portfolios growing and employees’ responsibilities constantly changing, organizations need to ensure that each user has access to exactly the right resources to limit the risk of a security breach. But they simply cannot afford hours of IT effort every time a user needs to be provisioned or de-provisioned. Today’s next-generation IAM solutions can not only solve your security challenges, but also help your organization become more strategic and agile. But there are several IAM delivery models...
  • Governance … Everyone Has to Do It, so Why Is It so Hard?

    It seems that we live in a world driven by buzzwords, particularly when it comes to technology. Whatever the press or analysts say is the next big thing, we feel obligated to pay attention and figure out a way to make it part of our day-to-day operations. A few years back the buzzword-of-the-moment was compliance and everything we did was colored by the impact it would have on compliance. Once compliance became yesterday’s news, the next big thing was governance and now if we don’t deal with governance we’ve missed the boat. So what is governance and do we really need to worry...
  • How Come So Many Privileged Account Management Programs Fail?

    Perhaps the fastest growing market in the already fast growing identity and access management (IAM) sector is privileged account management (PAM). It goes by many names (PAM, PIM, PIAM) but really it boils down to the age-old need to control and monitor what superusers do with the all-powerful administrative accounts that are a necessity on virtually every system. The emphasis is well-deserved – most major breaches are due to abuse or misuse of these credentials. I’m sure you have a PAM program already, and I’m equally sure that you have room for improvement – everyone does...
  • The Wild West of Data Quality and its affect on Identity Governance and Administration

    The concept of automated role- or attribute-based provisioning for user accounts and permissions is nothing new to the world of Identity Governance and Administration (IGA). Customers evaluating Identity Governance solutions such as Dell One Identity Manager see the value in creating dynamic business logic to assign permissions to peoples’ accounts. This could be for pure governance reasons such as periodic attestation or to simply enhance the efficiency of provisioning; both are valid. In today’s market it is a given that IGA solutions will automatically assign role membership based...
  • Simplify your IAM environment by finding the right approach for you: on-premise, SaaS or hybrid

    Identity and access management is all about granting employees the access they need in a way that is as painless as possible (for you and them) so they can simply get on with doing their jobs. Sounds simple, right? However, it can be difficult if your IT department doesn’t have the time or tools to effectively and accurately manage employee access. Done right, you’re the hero. Done wrong, your company’s most valuable asset—its data is at risk. In today’s technology-driven world, there are more and more applications that require access control. The average user accesses...
  • The Lesser of Two Evils: A Data Breach or a Failed Audit?

    The lesser of two evils principle as defined by one of my favorite resources Wikipedia is the principle that when given two bad choices, the one which is not as bad as the other should be chosen over the one that is the greater threat. But that might be difficult to determine when choosing between data breaches and failed audits. For example, you can fail an audit for several reasons with varying degrees of consequences ranging from small penalties and minor remediation efforts to huge penalties, prison sentences and massive infrastructure upheaval. You can also endure all types of data breaches...
  • The Recipe for IAM Success

    Six ingredients that ensure you get IAM right Identity and access management (IAM) is a treacherous road that, more often than not, leads to a destination different than you originally planned. This road is littered with IAM projects gone wrong, wasted money, increasing complexity, security vulnerabilities, and skyrocketing risk. But you’re on the road and you can’t get off…what do you do? You can’t live without the fundamental principles of IAM – making sure that the right people have the right access to the right things in the right way – it’s...
  • Your IAM Isn’t That Bad…Everyone Else Is Just as Messed Up as You Think You Are!

    New IAM e-book offers real-world examples, of real-world organizations, solving real-world problems, and getting it right…finally I talk to a lot of people about identity and access management (IAM) and one common theme I see across all of them is that IAM is hard, and that projects rarely live up to expectations. In other words, if you’re like most people you probably have an IAM inferiority complex. The truth of the matter is you are probably no worse off than anyone else. The typical obstacles to IAM success and the symptoms of an IAM project headed down the wrong path are common...
  • Grasping IT compliance acronyms is like decoding a teen’s text

    If you have a smartphone, a teenager or both, then acronyms like OMG (oh my gosh), OMW (on my way) and AFAIK (as far as I know) are probably pretty familiar to you. However, the last one – LoProCo - probably belongs more in a list with HIPAA than BTW (by the way). So what is LoProCo? Well it starts with HIPAA (if you would like to learn more about HIPAA, google it) and the mandate that each and every breach be reported even if no harm was done. This draconian standard was amended recently to help organizations define a breach - and the acronym for this clarification is LoProCo. LoProCo...
  • All advantage goes to the offense in cyber-war

    I watched the 60 Minutes segment on the attack on Sony recently (4/12/15). If you didn't get a chance to watch I'd recommend you follow the link and watch it. There are a number of lessons and learnings for us all. The piece revealed that more than 3,000 computers and 800 servers were destroyed by the attackers. Astonishing. One of the experts interviewed stated that "even big corporations with sophisticated IT departments are no match for the dozens of countries that now have offensive cyberwar capabilities." Followed by this comment a bit later: "There are probably three...