Tag: provisioning

Mirror Mirror: the difference between Identity Management & Access Management

One of the biggest misconceptions in cloud security is the perception that identity management (IDaaS) and access management (SSO) are the same thing. They’re not. And it took a viewing of the famous Star Trek episode called Mirror Mirror for me to best illustrate and articulate the difference between the creation and management of a user account and credentialed rights and the funneled applications that entity is allowed to see. For those unfamiliar with the episode, it’s the one where Kirk is transported into an

Integrated provisioning and access: He said it was too good to be true

It’s no covert fact that my secret identity is that of a mild-mannered cloud security executive. And as such, I don’t try to directly promote or discuss any specific solutions my firm offers. However, I was showing a recent upgrade of an access and identity management integration to a CIO of a large medical management company and he offered up the best compliment I could hope for: “This is too good to be true.” What he was alluding to was the successful demonstration of a

A de-provisioning proverb: When a door closes, just make sure you don’t leave a window open

Earlier this week I attended a local cloud developers group, and I met a gentleman who consults with companies to engage in deep dive forensic examinations of their networks. He looks for the virtual fingerprints of misdeeds, fraud, and misdoings that can be used for e-discovery in legal cases. He essentially gets down to the bits and bytes of how much information flows to certain IP addresses to ascertain whether or not proprietary data has been tampered or stolen. He confirmed something that I long

When is a stack not a stack? When it’s unified in the cloud

While trawling the blogs, feeds and news I came across an analyst’s article about best security practices in which he kept referring to “the stack.” And by this he meant a multitude of various solutions that address certain security needs and capabilities; everything from email filtering, firewalling, authenticating, credentialing, logging and intrusion detection, etc… And, if you read my blogs often enough, you know I am a big proponent of unified security. However, unified security is not a stack. It is easy to be confused

The Genie, The Bottle and BYOD

It’s safe to say the genie is out of the bottle. The rise of employees (and other credentialed users) using their own smartphones, tablets and other personal devices is rising and there’s little to nothing  IT can do about it…or is there? In the past weeks I’ve written about BYOD and password management, but I want to approach the subject from a slightly different perspective. Administrating access management and identity management from the cloud is a cost-effective and nearly-instantaneous way to quickly create, manage and