Tag: Access Management

Unified Security: Avoid becoming a statistic

Take 3 minutes to learn why this best practice is not only the next evolutionary step in IT security management, but affordable, manageable and more effective than individual point solutions. Unified security from the cloud transforms IT security from reactive collection to proactive and actionable defense while limiting costs and preserving resources.  It leverages the the collective power and intelligence capabilities of SIEM, log management, vulnerability scanning/assessment, Identity management (IDM), access management and single sign on under a single pain of glass…and in real time

Analyzing the Top 10 benefits of Unified Security from the cloud (Part 2)

If you missed Part 1: read it HERE More than security from the cloud, the concept of unified security takes the method another step forward in terms of best practices—the ability to deploy a holistic security initiative, AND  one that seamlessly collaborates with the other components; that shares input across the enterprise so that a clearer understanding of vulnerabilities can lead to effective preventive policies and actions. They say the whole is greater than the sum of its parts. And that is the core of

Analyzing the Top 10 benefits of Unified Security from the cloud (Part 1)

Of all the strategies and tactics available to prevent breaches, deter data leakage and theft, control access and secure beyond the so-called network perimeter, the one that is emerging as an achievable and affordable best practice is that of unified security from the cloud. But if you look across the web, you will no doubt come across various versions of what constitutes “unified,” what is “protected,” and, what is “security from the cloud?” Luckily this means that the concept of unified security from the cloud

Consolidating the Variables: Augmenting Existing Identity Management Systems

The modern enterprise is a fluid entity. As an IT construct it expands and contracts (sometimes simultaneously), and many of the moving parts (like users and applications) are themselves evolving and changing. This creates unique challenges in operational efficiencies, core competency support, compliance observance and risk management.  The central theme to all these challenges is establishing and maintaining control of applications which serve as gateways to all the valuable data (personal, trade secrets and other IP) on which an enterprise exists. Many companies have turned

Synchronization enforces control for cloud integrated IDaaS and Access Management (SSO)

When Olympic rowers glide across the water’s surface at speeds of more than 25 mph, it’s because all the crew are in synch with one another. It’s a collaborative effort. As appropriate…if you are of a certain age and watched films from in science class and the guy in the lab coat was speaking but his words would burble out a second of two later. Not only is this synch off, but the power of the message of symbiosis is gone too. And in cloud

Mirror Mirror: the difference between Identity Management & Access Management

One of the biggest misconceptions in cloud security is the perception that identity management (IDaaS) and access management (SSO) are the same thing. They’re not. And it took a viewing of the famous Star Trek episode called Mirror Mirror for me to best illustrate and articulate the difference between the creation and management of a user account and credentialed rights and the funneled applications that entity is allowed to see. For those unfamiliar with the episode, it’s the one where Kirk is transported into an

Identity-As-A-Service (IDaaS) is more important than ever

Conspiracy theorists and other concerned citizens will insist the government is watching every keystroke, keeping a record of every website, transaction, text and email. Shades of 1984’s Big Brother, right? These last few weeks, the news has been brimming with revelations of data surveillance and monitoring by the government (not to mention data harvesting corporations like Google, Yahoo, Facebook etc…). Everyone, including the security buffs at CloudAccess, is sensitive as to what is being looked at, stored, and analyzed for hazily defined purposes. Privacy is

Integrated provisioning and access: He said it was too good to be true

It’s no covert fact that my secret identity is that of a mild-mannered cloud security executive. And as such, I don’t try to directly promote or discuss any specific solutions my firm offers. However, I was showing a recent upgrade of an access and identity management integration to a CIO of a large medical management company and he offered up the best compliment I could hope for: “This is too good to be true.” What he was alluding to was the successful demonstration of a

Erasing the Identity Blind Spot

Security is not an all-or-nothing proposition. And that’s part of the problem. It creates blind spots; gaps in vulnerability. Partly because of the inherent complacency that after a company institutes a new security initiative that hackers will be held at bay, or the employees won’t be tempted to make off with a database or a hundred other internal or external threats. I have long promoted that security is as much about planning and process as it is about the various solutions that are deployed to

The Secret Sauce of User Provisioning

If you want the secret to user provisioning and de-provisioning in an enterprise setting, I’ll give you the one word answer, and then you can get on with the rest of your day… Integration. However, if you need to know why, how and with what…read on. The need to credential authorized users to your network and other proprietary assets is clear. You only want those with the proper rights in…and all others out. Complicating matters is that there are so many users these days…employees, channel