As we count down the final days of 2019 (and amazingly the decade!), it’s that time of year where we reflect on our performance, make a few tweaks based on what we’ve learned and set our intention for the upcoming year. For the Identity Defined Security Alliance, 2019 was a very significant year. We officially launched…
Archives
-
Identity Defined Security Alliance Adds New Members
As we wrap up a great year for the Identity Defined Security Alliance, we are pleased to announced four new vendor members to the Alliance: Omada, Remediant, Saviynt and SecZetta. We are excited to have these identity and security leaders join us in our mission to help organizations reduce risk by providing education, best practices and resources to implement identity…
-
IAM Best Practices Blog Series: Making IAM an Integral Part of Application Onboarding and Major Changes
In previous IAM Best Practices blogs my fellow customer advisory board members have discussed identity ownership, ensuring identity uniqueness, where to start with provisioning and de-provisioning and discovery of assets for privileged access. Now that you have a solid foundation for your IAM program, it’s time to move on to establishing processes for incorporating IAM into new applications. Application onboarding…
-
IDSA Response to NIST Zero Trust Architecture SP 800-207
Recently, NIST released 800-207 draft document, which is intended to provide guidance for government and non-government organizations on implementations of a Zero Trust architecture. The document provides a definition of the core components that make up a “zero trust architecture (ZTA) network strategy,” a gap analysis of areas where more research and standardization is required, establish an…
-
IAM Best Practices Blog Series: Asset Discovery is an Essential Step for Privileged Access Management
In a digitally-driven business world, today’s infrastructure, applications and networks are spread across on-premise and in the cloud environments, with mobile and virtual elements. With such a dynamic set of circumstances, identifying and safeguarding critical “crown jewel” assets and their access becomes a key risk mitigating control to proactively address security risks. A first step…
-
IAM Best Practices Blog Series: Align Automated Provisioning and De-provisioning with Business Priorities, But Focus on Risk
Provisioning access for new employees can be a time-consuming exercise without the proper processes and tools in place. Even more challenging and important is de-provisioning user access when roles change, or people leave the organization. In the last IAM Best Practices blog, Tom Malta discussed the value in establishing and maintaining unique identities and its importance in establishing…
-
LogRhythm’s Journey to Identity-Centric Zero Trust
The original Zero Trust model was developed by Forrester in 2010, but not fully embraced until Google successfully developed and implemented their version of Zero Trust, Beyond Corp, almost six years later. Let’s explore what exactly the Zero Trust model is and what it means to implement one. This shifts away from the large, corporate perimeters, with layered-in…
-
Controlling Identity with the Endpoint
The year is 2019 and if you’re like most of us, you’re seemingly gravitating closer and closer to all things ‘aaS’. Software, Identity, Infrastructure, Access Management, Integration – you name it and there’s a similar (if not superior) version of a core business service available in the cloud. While this shift has resulted in an…
-
September 26th Webcast: The Case for Identity Centric Security – Adobe’s Path to ZEN
Join us for our first ever live IDSA Webcast on September 26th, 2018 at 11:30am MT. Join Adobe’s Den Jones, Director of Enterprise Security, and Carlos Martinez, Sr. Systems Engineer, to hear how they overcame the struggle to find the balance between a pleasant user experience and stringent security requirements through a Zero-trust Enterprise Network…
