Filter By:

Type

Topic

Recent Blogs & Podcasts

Insights Portal

\ Identity & Access Management 



February 14, 2018 | Authentication
By Andrew Carroll, IANS Faculty

 Understanding Blockchain‚Äôs Promise for Identity Management

While blockchains were developed to solve problems very different from identity management, some vendors (and enterprises) are beginning to explore how blockchains could be used to both secure and provide more granular control over digital identities. In this report, IANS Faculty Andrew Carroll explains the pros and cons of using blockchains for identity, and provides a practical overview of the vendors addressing the space.  

Read More »


January 18, 2018 | Mobile Access and Device Management
By IANS Faculty, IANS Faculty

 Balance Security and Usability with Mobile Passcodes

When it comes to mobile device passcodes, organizations constantly search for a happy medium between security and usability. In this Ask-an-Expert live interaction, IANS Faculty Justin Wilder details the various options and recommends allowing less complex passwords and Touch ID access, but also adding compensating controls to ensure data stays safe. 

Read More »


January 8, 2018 | Privileged Access Management
By Andrew Carroll, IANS Faculty

 CyberArk vs. Osirium: A PAM Tool Comparison

Managing privileged users is becoming increasingly critical, but choosing the right enterprise-grade PAM tool is not straightforward. In this Ask-an-Expert written response, IANS Faculty Andrew Carroll underscores the importance of matching the tool to the use case and compares CyberArk and Osirium across key use case criteria.

Read More »


December 21, 2017 | Encryption, Digital Signatures, Certificates, Tokenization
By Aaron Turner, IANS Faculty

 Manage SSH and RDP Securely

SSH and RDP are widely leveraged across most enterprises, but what are the best practices for securing them? In this Ask-an-Expert written response, IANS Faculty Aaron Turner underscores the importance of segmentation/filtering, jump servers and multifactor authentication in ensuring both protocols are implemented and managed securely.

Read More »


December 18, 2017 | Password Management
By Aaron Turner, IANS Faculty

 Choose an Effective Password Manager

Consumer-grade password management options abound, but can any of them be considered enterprise-grade? In this Ask-an Expert written response, IANS Faculty Aaron Turner says no password manager can replace an effective federated identity strategy, although they can help with certain enterprise use cases. 

Read More »


December 5, 2017 | Authentication
By Rich Guida, IANS Faculty

 9 Options for Phone-Based Customer Authentication

With the Equifax breach, many organizations are rethinking their use of customer Social Security numbers as a means of authentication. In this Ask-an-Expert written response, IANS Faculty Rich Guida details nine different options for authenticating customers via the phone, but underscores that none are secure enough to be used in isolation.

Read More »


November 27, 2017 | Directory Services

 Active Directory Operations RACI Template

The Active Directory (AD) Operations RACI (Responsible, Accountable, Consulted, Informed) Template allows users to assign the tasks and functions that need to be done in the AD world. The Template breaks down the major roles associated with various procedures within the AD realm. 

Read More »


November 15, 2017 | Authentication
By Aaron Turner, IANS Faculty

 Correlate Real-World Users to Digital Identities

From ERP systems to Active Directory, digital identities are spread throughout our digital infrastructures. Unfortunately, most large organizations have no good way of correlating those digital identities to actual humans, a situation that both opens security holes and makes moving to new technologies like cloud and mobile much more difficult than it needs to be. In this report, IANS Faculty Aaron Turner shows how three key identity management building blocks can be used to effectively correlate real-world users to digital identities and improve enterprise security.

Read More »


November 14, 2017 | Authentication
By James Tarala, IANS Faculty

 Prep Now for an MFA/PAM Future

Deploying multi-factor authentication and privileged access management to manage server admin access, elevated privileges and remote access is a good first step, but organizations should be planning now for a completely password-less future. In this Ask-an-Expert live interaction, IANS Faculty James Tarala offers a brief history of MFA and PAM, as well as tips for eventually implementing strong authentication for everyone.

Read More »