identity and access management

Eliminating Access Blind Spots in the Modern Enterprise

Last year, 63% of data breaches involved compromised identities. This year, it’s up to 81%. As the world settles into the “new normal” of mobile, cloud and other nontraditional access points for applications and other resources, the problem of identity-related attacks isn’t going anywhere; to the contrary, it’s getting bigger. We can’t promise those numbers…

Your Cell Phone has a dirty little secret it does not want to tell you

If you are a fan of the CBS Show 60 Minutes  you may have seen a couple of well-done episodes around the espionage and intrigue of spies hacking cell phones. The problem is that these episodes don’t go far enough informing the average user as to the extent of the vulnerabilities. Inter-telco communications leverages a protocol…

Reimagine Your Identity Strategy

We are at the edge of yet another evolution for the Identity and Access Management (IAM) industry. Applications are being deployed at incredible speeds with user populations demanding access from wherever they are, whenever they want, from any device. The network is no longer clearly defined, in fact, identity is the new perimeter. Regulations and…

Identity Comes into Focus at RSA Conference

We are less than two weeks away from RSA Conference, the world’s largest security event! This year’s theme – The Power of Opportunity – emphasizes “unity.” Clever, right? We think so. Not only is it a great time to call for unity in cybersecurity among vendors and practitioners, but also end users. Every day we’re…

Identity and Access Management Strategies: IAM Spending to Increase in Europe

Businesses around the world recognize that it’s crucial to take the necessary precautions to verify identities and manage digital credentials when conducting business online. In fact, a recent study by Pierre Audoin Consultants (PAC) found that 93% of 200 polled European businesses claimed that they planned to maintain or increase their identity and access management…

Hackers Hunt for Healthcare Records

What’s the difference between data theft from a bank account versus a healthcare record? For starters, think of theft from a bank account as the equivalent of a single withdrawal; one and done. Sooner than later it’s discovered, a new account number is issued and, as a hacker, you’re effectively cut off. When it comes…

“I am an imposter.”

I was invited to give a keynote at the Cloud Security Alliance (CSA) Congress in Dublin recently, on behalf of my EMC colleague Said Tabet. Two years before, I had spoken at the CSA Congress in Rome about the EU-funded SPECS and SPARKS projects and their relevance to cloud in terms of GRC and security analytics.…

Identity for Modern IT: A New Appreciation for User Experience

The following is a simple analysis that puts into perspective the user experience of modern IT that organizations typically require their users to endure: Imagine a midsize enterprise with 1,000 users, each of whom has between one and three devices that connect to the enterprise infrastructure. Each user has installed between 25 and 100 applications…

LinkedIn Breach: The Death of Passwords Has Finally Arrived

The headline screamed at me this morning when I opened my inbox, “117 million LinkedIn user credentials compromised.”  I had no reaction as I went to get my first cup of coffee.   Credentials have become a commodity to hackers and are sold widely and cheaply in different venues—both in the deep-and open-web.   Stolen credit cards…

Identity for Modern IT: Balancing Provisioning and Integration in IAM

With the introduction of RSA Via Lifecycle and Governance 7.0, RSA Vice President of Engineering and Product Management Jim Ducharme emphasized “make it easy” as one of the four main themes for this latest release, particularly in the areas of onboarding new users and integrating new applications. Research from the Aberdeen Group on identity and…