Articles about Identity Management

Identity and access management (IAM) is all about ensuring that the right people have the right access to the right resources and being able to prove that all the access is legitimate. But as those heavily involved in IAM know, that is much easier said than done. There’s a lot that goes into getting all of these elements "right."

First, you must set up the accounts that enable a user to get to the resources they need -- often called provisioning (and its dangerous sister, de-provisioning, when said user no longer needs that access). Second, in order for that account to grant the appropriate access, there has to be a concept of authorization which provides a definition for what is allowed and not allowed with that access. And third, there should be some way to make sure that provisioning and de-provisioning are done securely with efficiency and that the associated authorization is accurate -- i.e. everyone has exactly the access they need, nothing more and nothing less.

Continue reading →

Poor management of user accounts is leaving organizations open to security and compliance risks according to a new report.

Identity and access management specialist One Identity surveyed over 900 IT security professionals, in conjunction with Dimensional Research, and finds that what should be security best practices -- such as swift removal of access to corporate data and applications, dormant account identification, and role administration -- continue to be a challenge for many enterprises.

Continue reading →

Data breaches can often be traced back to weak or stolen credentials, add in a proliferation of systems in the cloud and increasing levels of mobile access, and protecting business systems becomes a major headache.

Independent identity provider Okta is launching its latest cloud-based Okta Adaptive Multi-Factor Authentication (AMFA) that makes two-factor authentication standard for every user.

Continue reading →

Enterprise identity management company SailPoint is using the Navigate '17 event to preview its new identity analytics solution, IdentityAI.

By adding analytics to SailPoint's existing open identity platform it will enable customers to improve their identity governance and mitigate potential threats.

Continue reading →

Increasing workforce mobility and the shift of systems to as-a-service models has meant greater need for a reliable means of controlling access and identifying legitimate users.

Identity management specialist SailPoint is launching a new service called IdentityNow Access Request that provides a simple, mobile-ready interface for delivering a self-service access request process to employees, contractors, and business partners. It's aimed at improving IT efficiency and reducing the risk of inappropriate access by consistently enforcing organizational access policies.

Continue reading →

Identity theft is a growing problem, but who is falling victim to online ID fraud, why is it still happening, and how can you protect yourself?

IT training specialist CBT Nuggets has carried out some research among more than 2,000 people in the US to find out, with some intriguing results.

Continue reading →

As we move into the tax return season a new study reveals that attitudes to identity theft and a pattern of poor practices are leaving much of the public vulnerable.

Data security and ID theft protection company CyberScout has carried out its second annual Tax Season Risk Report and finds 58 percent of Americans are not worried about tax fraud in spite of federal reports of 787,000 confirmed identity theft returns in 2016, totaling more than $4 billion in potential fraud.

Continue reading →

The use of the cloud and as-a-service software models is having a big impact on the way businesses operate, but just how is this shift playing out?

Identity management specialist Okta has collected anonymized data from its customers' networks around the world to create the third edition of its Businesses @ Work report looking at how organizations and the people who work for and with them get work done.

Continue reading →

Of companies that use two-factor authentication, 74 percent admit that they receive complaints about it from their users -- and nearly 10 percent of them just ‘hate it.’

This rather surprising information comes from a studty by access control company SecureAuth, carried out in conjunction with Amplitude Research, which surveyed 300 IT decision makers and cybersecurity professionals on industry perspectives and concerns over 2FA.

Continue reading →

Next month I return from my first—and hopefully last—summer sabbatical. I resume writing with a question for you: "When is stupidity fraud?" I ask because someone is using my gmail address to sign up for a humungous number of newsletters and websites. At first, I presumed someone trolled me. But that no longer appears to be the case. This guy, presumably living in North Carolina, either uses my address randomly to hide his identity, or he mistypes one that is similar. Given many of the services are for an unidentified widower looking for love, I assume the latter.

Behind my question are real concerns about identity and privacy that do not just apply to me. The email address gives me the ability to change the passwords and even cancel accounts—both of which I have done, treating his misuse of my email address as identity theft and violations of my privacy; after years of careful cultivation that reduced spam, crap is on the rise as this misuse spreads my gmail identity across dating and discount sites and sex webcams. Who knows on what mailing lists it will appear next.

Continue reading →

Digital device practices among US employees are exposing their employers to increased security risks according to a new study.

Identity management company OneLogin along with Arlington Research surveyed 1022 respondents in the US and found that 13 percent let their colleagues use a device that can access their employer's network. In addition nine percent allow their partners to access such a device, and one percent even permit their children to use it.

Continue reading →

New figures reveal a 52 percent rise in young identity fraud victims in the UK. In 2015, just under 24,000 people aged 30 and under were victims of identity fraud. This is up from 15,766 in 2014, and more than double the 11,000 victims in this age bracket in 2010.

The figures from fraud prevention service Cifas -- which is calling for better education about fraud and financial crime -- are released alongside a new short video designed to raise awareness of ID fraud among younger age groups.

Continue reading →

Since threats to enterprise systems often come from stolen or compromised credentials, managing user identity is a vital part of modern security.

Access control specialist SailPoint is announcing a plugin framework for its SailPoint IdentityIQ platform that will allow customers and partners to develop extensions to the core product features, so they can move towards a more identity-aware organization.

Continue reading →

Leveraging on possible opportunities on identity systems, Microsoft is looking into building a blockchain-based identity system and it has recently sealed a partnership to further this goal.

The tech giant has made an open source collaboration with companies Blockstack Labs and ConsenSys for their current Bitcoin and Ethereum-based identity solutions, together with various developers globally.

Continue reading →

According to a new survey 78 percent of organizations say that security outweighs cost savings and user experience when choosing identity management solutions.

The survey by access control specialist SecureAuth used responses from over 230 IT security professionals in the US and UK.

Continue reading →