Identity and Access Management - Blog

  • How to Make Security a Business Enabler, Not a Barrier

    For years, identity and access management (IAM) has carried the stigma of denial, restriction, limitation, and sometimes, failure. The processes and technologies required to enhance security seemed destined to stifle collaboration and interfere with revenue-generating work. At times, employees, partners and customers were forced to spend precious time searching for ways to circumvent the IAM infrastructure just to do their jobs. A new day for IAM The next generation of IAM solutions is already driving away the dark cloud of workarounds and decreased productivity that earlier products were...
  • When You're Dealing With Directories, They're All Special, but Some Are More "Special" Than Others

    Let’s talk directories for a minute. In identity and access management (IAM) it all starts with the directory – after all, you need someplace to set up the account and hold authorizations and you need something to authenticate against. Everything that someone needs to log into requires a directory. Sometimes they are built in and included, sometimes they are more universal and shared across a number of systems, sometimes they are simple, sometimes they are standards-based, and sometimes they are just a mess. When I started my career in IAM I joined a little start up, full of Linux...
  • Automation is Key For Cleaning Up User Accounts and Reducing Risk

    There are so many challenges in today’s organizations with keeping user accounts clean and up to date. Every organization has to deal with turnover and growth, contractors, mergers or acquisitions, non-human accounts, multiple admin groups and different system requirements. If not addressed, all of these factors expose a security and risk factor to an organization. Although, some organizations try to maintain clean user accounts manually, it leaves lots of room for inaccuracy, out-of-date and inconsistent access rights. In addition, it could take days, if not weeks, to remove access rights...
  • Is the Race Really Over? Federal Cyber Sprint Hits the Finish Line

    We’ve reached the finish line of Federal CIO Tony Scott’s 30-day “Cybersecurity Sprint,” but the race is far from over. Over a mere 30 days, federal agencies have made significant improvements to their overall cybersecurity, and during the past year, the public sector has made tremendous strides to enhance and strengthen the federal government’s overall cybersecurity . However, with the effects of recent cyber incidents still being felt throughout government, it is more crucial than ever that agencies continue to take concrete steps to mitigate risk and strengthen...
  • When it Comes to IAM, Active Directory Matters

    Active Directory holds such a prominent position in the enterprise, that inadequate management and security of this universally accepted directory can be a major barrier to IAM success. For all its goodness, AD is woefully lacking in native management tools, privileged account management and natural integration with the rest of the heterogeneous enterprise. Consequently many enterprise IAM project fail to get off the ground simply because IAM for AD is so difficult. Dell, and specifically our Dell One Identity family of IAM solutions, has a legacy of AD expertise and thousands of customers that...
  • Evaluate Your Organization's Cybersecurity Readiness: The NIST Framework

    The NIST Cybersecurity Framework. A broad framework which spans an entire organization’s cybersecurity readiness. Technological components, organizational components, everything from network security to physical access to recovery planning. Make sure you have plenty of coffee available, yes? As a one-time implementer of IT projects – as a technologist, architect, and service owner – I used to associate frameworks with MORE work. And a visit to an optometrist. And a lot of self-calming affirmations. I appreciate frameworks; they provide context and rationale for IT decision...
  • AGL Energy Enhances Business Agility, Empowers Staff and Boosts Compliance

    “We have created a more agile business where personnel are empowered around access rights. We’ve made the working environment more flexible, giving people access to the applications they need, just when they need them, through Dell One Identity Manager.” - Stephen Herman, IAM Initiative Project Manager, AGL Energy AGL Energy (AGL) , one of Australia’s leading integrated energy companies, saw limitations in its IAM framework. It could take up to three days for a new starter to gain access to the applications they needed. Managers email the IT help desk with all the...
  • Automate Your Identity Management System Before Data Clean-up

    A healthy organization today is anything but static. Growing enterprises are always hiring new talent, enabling employees to pursue new opportunities within the organization, and seeing some employees leave the organization. They often make use of contractors and other temporary resources who come and go. Moreover, the organization’s employee base can change radically due to mergers and acquisitions. Before you can effectively use an identity management system, you need to clean up your data so that: • Each employee has a unique ID that is valid organization-wide. • Each account...
  • Achieving Superior Single Sign-on – Three Tips

    Ask anyone that’s not an identity and access management expert to define IAM, and I’ll bet the majority of the time they’ll describe single sign-on (SSO). It’s the easiest to understand, most visible and perhaps highest impact area of IAM – at least as far as end users (and sometimes management) are concerned. SSO has long been considered the “holy grail” of IAM. But anyone that’s attempted a single sign-on project knows that they can be difficult and with the constantly evolving landscape of user types, applications, authentication methods, and security...
  • Choices When Integrating IAM with the NIST Framework

    It has been said that there are 10 types of people in the world, those that understand binary and those that do not. Any number of binary choices can be created to help define distinctive groups and reveal contrast in their experiences and micro-cultures. I recently used a ‘bowlers vs. golfers’ analogy with my son, only to realize -- and regret -- the blank, blinking expression on his face which came from him having seen my performance in both activities. I would suggest that this is definitely not the expression that you want to receive from your upper management after running into...