Identity Management & Cybersecurity News | 6.7.2018

Posted: 
Jun. 7th, 2018

Protecting Privileged Identities: Why IAM starts with PAM   cybersecurity

A frequently underestimated aspect of Privilege Account Management (PAM) – and any subsequent Identity and Access Management (IAM) project – is the breadth of systems and the variety of accounts that are involved.  Like any good security measure designed to protect critical information assets, managing and protecting privileged accounts requires both a plan and an ongoing program. Identifying these accounts should be a continuing priority, as well as ensuring only those who need access to them have it.  Read more...

 

Three steps to avoid being the next victim of an insider data breach

Add analytics to the mix. Controlling the flow of passwords is a valuable and necessary action, but it is not the apex of privileged access management. Analytics can be additional support that further minimizes risk while adding important insight to bolster the security of a privileged access management deployment. There are two types of analytics that prove valuable. First is behavioral analytics. This technique looks at user actions, and even biometric data, such as keystroke and mouse movement tendencies, to detect instances where criminal activity is being performed on a legitimate account. Second is identity analytics. This approach looks at the potential for bad actions by evaluating the permissions granted that are granted to every user and administrator account. Identity analytics can find permissions that are out of alignment with company policy, group norms, or even when compared to outside organizations and similar job roles.  Read more...

 

Digital Detritus of Unstructured Data

I’ve been working in the information security field for twenty-five years now. I was a hobbyist for many years before that point. Over the years, this has led to an accumulation of a vast array of files from many different operating systems and numerous different applications along the way. So much unstructured data clogging the hard drives and networks of not only my office, but systems globally.  Read More...

 

Getting smart about intelligent automation

Several participants said a holy grail for identity and access management would be continuous multifactor authentication that could manage physical and digital access and be standardized across agencies.  “It would happen on entry,” one executive said. “Walking in the first turnstile, you look at the camera. Better than having a card. That entrance security system should notify the IT system that, ‘Hey, Bob just walked in the door.’” The camera on the user’s computer would verify that “that’s the same guy who walked in,” and anywhere that individual goes in the building, there “should be a sensor that knows, ‘Hey, that’s him. Yeah, he can come into this office. Or no, he can’t.’ It’s got to be continual.” Read more...

 

Author Information