Sometimes the hardest part of a journey can be its first step. As organizations try to keep up with the demands of digital transformation and cloud adoption, starting an identity program can be a daunting process. Between customers, employees, and non-human identities such as systems and applications, there is a lot to think about—and a…
Archives
-
The Unique Challenges of Customer Identity and Access Management
As the world faced quarantines, stay at home orders and shuttered businesses, even normally reluctant consumers were forced to go online to grocery shop, order take-out and stay connected to friends and family. This focus on transacting daily tasks on-line placed a major spotlight on an emerging subset of identity security, customer identity and access…
-
Mission Possible: Better Identity Through Public/Private Sector Collaboration
One of the most entertaining parts of the Mission Impossible movies is watching the characters don masks of targets they want to impersonate and slip into and out of the secret identities like gloves. In the digital world, impersonating people is much simpler. Thankfully, government officials and the consumers they represent appear to want to change that. In…
-
Privileged Access Management Starts with Endpoint Privilege
Investigate any data breach impacting today’s enterprises, and you will likely find evidence of credential theft and lateral movement by attackers. Stopping threat actors from gaining persistence and deepening their compromise once they have gotten through the digital door remains part of the daily routine of security professionals. In a traditional work environment, an employee…
-
Identity-Centric Security Empowers Businesses
Between the explosive growth of enterprise mobility and the increased adoption of cloud services, the number of workforce identities has skyrocketed. Accompanying that increase is a sobering statistic: according to a recent survey by the Identity Defined Security Alliance (IDSA), 79% of security and identity professionals say their company has experienced an identity-related breach in…
-
IAM Best Practices Blog Series: The Importance of an Authoritative Identity Source
How much do you really know about those with access to your resources? As a company that hires employees, we know a lot about them before we give them access. We spend a lot of time vetting them and their appropriateness for a role or position. Teams are dedicated to finding and hiring the right…
-
NIST SP 800-207 – Zero Trust Architecture – Finalized with More Emphasis on Identity
Last week, the National Institute of Standards and Technology (NIST) published its guidance for implementing a Zero Trust architecture, SP 800-207. This latest publication consolidates industry input received on previous draft versions of the architecture. As part of IDSA’s mission to promote identity-centric security, we provided feedback to NIST and are pleased to see some of our recommendations…