Join IDSA
Join IDSA

Archives

  1. IAM Best Practices Blog Series: The Importance of an Authoritative Identity Source

    September 11th, 2020 by Jennifer Kraxner | Posted in Best Practices | No Comments

    How much do you really know about those with access to your resources? As a company that hires employees, we know a lot about them before we give them access. We spend a lot of time vetting them and their appropriateness for a role or position. Teams are dedicated to finding and hiring the right…

  2. BYO[D] Doesn’t Have to Mean Bring Your Own [Vulnerability]

    June 1st, 2020 by Baber Amin | Posted in Best Practices | No Comments

    The Bring-Your-Own-Device (BYOD) model of operating has been a double-edged sword for IT professionals. On the one hand, it empowers and allows for business productivity. On the other hand, it continues to create a serious challenge for organizations as IT and security professionals find ways to enforce access control across a diverse ecosystem of mobile…

  3. Adapting the IDSA Framework to Keep Pace with Evolution of Identity and Security Industry

    May 14th, 2020 by Asad Ali | Posted in Best Practices | No Comments

    Today we are excited to announce the latest adaptation of the Identity Defined Security Framework, which offers practical, vendor-neutral guidance on how to achieve identity-centric security. The update is the culmination of numerous whiteboards, conference calls, and a two-day Technical Working Group workshop in San Francisco, where over 15 IDSA member companies came together to discuss…

  4. Research Shows How Forward Thinking Enterprises are Preventing Breaches

    May 14th, 2020 by Jeff Reich | Posted in Best Practices | No Comments

    Last fall we published our first research, the results of a survey of 511 security leaders, to get their perspective on identity, including importance and organizational challenges that might create added risk. We found explosive growth of identities in the last five years (half of the companies experienced five-fold growth in the past 10 years) and…

  5. Customer Advisory Board Conversations: Zero Trust and the Remote Workforce

    May 4th, 2020 by Jeff Reich | Posted in Customer Advisory Board, Perspective | No Comments

    Until the last 45 days, an organization’s industry, company culture and the role of an individual were the primary drivers behind remote working policies. However, recently we’ve seen an unprecedented shift to remote working due to the concerns over Covid-19. For some organizations it’s been relatively uneventful, for others it has been a monumental change…

  6. The Language of Identity: Bringing Everyone Together

    April 28th, 2020 by Richard Bird | Posted in Perspective | No Comments

    Everyone in computer science understands the importance of standardized programming languages, and yet, in conversations between security practitioners and IT infrastructure managers about identity, much seems to get lost in translation. Terms like authorization and authentication are often used interchangeably, but also have distinct meanings to different people. Say authentication to a security person, and…

  7. Zero Trust Myth Series: Keep Users at the Forefront of Your Security Approach

    March 3rd, 2020 by Torsten George | Posted in Perspective | No Comments

    Friction is the enemy of cybersecurity. Tools and approaches that make it more difficult for users to do their jobs turn security solutions into impediments, digital stop signs in an era when business leaders are demanding agility. For organizations implementing a Zero Trust approach, the subject of user experience should not be far from mind….

  8. Identity-Centric Security: 10 Data Points from 10 Different Vendors (and a book) Make the Case

    February 12th, 2020 by Matt Miller | Posted in Perspective | No Comments

    There’s almost universal consensus that perimeter-centric security is insufficient for today’s distributed IT environments. But where debate amongst IT pros and vendors now rages is whether the optimal enterprise security approach today is application-centric, data-centric, or identity-centric. Data-centric and application-centric approaches have merit, but each can be undermined simply by the wrong identity accessing data,…

  9. Zero Trust Myth Series: Leveraging Risk Analysis to Enhance Trust

    January 28th, 2020 by Torsten George | Posted in Perspective | No Comments

    Trust is a foundational part of personal relationships, and it is a foundational part of the digital relationships between employees, their devices, and the enterprise. However, the sad fact facing security professionals is that there are some insiders – whether they are disgruntled employees or external threat actors acting as legit users that penetrated the…

  10. IAM Best Practices Blog Series: Why it is Critical to Establish an IAM Governance Committee

    January 15th, 2020 by Julie Talbot-Hubbard | Posted in Best Practices | No Comments

    In previous IAM Best Practices blogs my fellow customer advisory board members dove into identity ownership, ensuring identity uniqueness, where to start with provisioning and de-provisioning, discovery of assets for privileged access and establishing processes for incorporating IAM into new applications. In this blog post, I will explain why it is critical to establish a governance committee as part of identity and access…

« Previous EntriesNext Entries »
Background

READY TO MAKE AN IMPACT?

Let's work together to help everyone become more secure.
Join the IDSA