We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Statement.

Filter By:

Type

Topic

Recent Blogs & Podcasts

14 Results for: "Andrew Carroll"

 


March 13, 2018 | Account Provisioning
By Andrew Carroll, IANS Faculty

 Ease IDAM by Automating Three Key Processes

Automating identity and access management (IDAM) processes can make a security organization more efficient and effective, but where to start? In this Ask-an-Expert written response, IANS Faculty Andrew Carroll suggests automating three key functions: network provisioning/de-provisioning, entitlement review and application role provisioning.

Read More »


March 6, 2018 | Privileged Access Management
By Andrew Carroll, IANS Faculty

 A PAM Tool Comparison (Updated)

Managing privileged users is becoming increasingly critical, but choosing the right enterprise-grade PAM tool is not straightforward. In this update to a previous Ask-an-Expert written response, IANS Faculty Andrew Carroll underscores the importance of matching the tool to the use case and adds Centrify to his comparison of CyberArk and Osirium across key use case criteria.

Read More »


February 14, 2018 | Authentication
By Andrew Carroll, IANS Faculty

 Understanding Blockchain’s Promise for Identity Management

While blockchains were developed to solve problems very different from identity management, some vendors (and enterprises) are beginning to explore how blockchains could be used to both secure and provide more granular control over digital identities. In this report, IANS Faculty Andrew Carroll explains the pros and cons of using blockchains for identity, and provides a practical overview of the vendors addressing the space.  

Read More »


January 8, 2018 | Privileged Access Management
By Andrew Carroll, IANS Faculty

 CyberArk vs. Osirium: A PAM Tool Comparison

Managing privileged users is becoming increasingly critical, but choosing the right enterprise-grade PAM tool is not straightforward. In this Ask-an-Expert written response, IANS Faculty Andrew Carroll underscores the importance of matching the tool to the use case and compares CyberArk and Osirium across key use case criteria.

Read More »


October 24, 2017 | Enterprise and IT Compliance Management
By Andrew Carroll, IANS Faculty

 Meet PCI Standards for Penetration Testing

PCI DSS requires Level 1 merchants to perform an annual penetration test and mitigate any vulnerabilities found, but what does the whole process entail? In this Ask-an-Expert written response, IANS Faculty Andrew Carroll explains exactly what PCI DSS requires and offers tips for ensuring compliance.

Read More »


August 15, 2017 | Application Development and Testing
By Andrew Carroll, IANS Faculty

 Help Developers Understand the Importance of Least Privilege

Developers usually push to access any data they want anytime they want it, but unfettered access can open the whole organization up to unnecessary audit, financial and reputational risks. In this Ask-an-Expert written response, IANS Faculty Andrew Carroll suggests educating developers on the risks, implementing least privilege and layering on controls to ensure compliance.

Read More »


June 27, 2017 | Malware and Advanced Threats
By Daniel Maloof, IANS Managing Editor

 GoldenEye Ransomware Wreaks Havoc on Global Networks

The ransomware hits keep on coming, and just like the WannaCry outbreak, this looks like a big one. For the second time in as many months, corporations around the world are experiencing a massive cyber-attack that’s once again crippling enterprise networks and demanding a Bitcoin ransom to decrypt files.

Read More »


December 20, 2016 | Authentication
By Daniel Maloof, IANS Managing Editor

 Never Waste a Good Crisis: Yahoo Edition

If you’re a CISO, you’re likely fielding warm holiday emails from your board wishing you a great time with your family and asking you what the heck the Yahoo breach means (if not, Yahoo announced last week that one billion user accounts had been accessed.

Read More »