Recent Posts by Scott Kortright

 
Scott Kortright has been a technology marketer for 20 years across a diverse set of industries and specializes in Technology Product Marketing and Sales Enablement. As Identity Automation’s Vice President of Marketing, Scott leads the company in the development, planning, and execution of strategic go-to-market, communications, and product marketing initiatives. He is an avid Syracuse Orange fan, doting father, border collie lover, and happy Blue Apron customer.

How to Prepare for the DFARS Compliance Deadline: Part 1

If you do business with the Department of Defense (DoD), get ready! After a two-year extension, the deadline for complying with the Defense Federal Acquisition Regulation Supplement (DFARS) data security requirements is fast approaching—December 31 of this year.

Read More

Why You Need to Immediately Cut Data Access When Employees Leave

When your company parts ways with employees, are you able to immediately terminate all access to corporate data? If not, you’re opening the organization up to a very real danger.

Read More

Privileged Access Management vs. Privileged User Management

The majority of major data breaches in recent years have resulted from hackers gaining access to unmanaged and unprotected privileged accounts and credentials.

Read More

Why SMS 2-Step Verification Won’t Keep You Safe

If you’re active with any online service, then you have probably gone through the process of SMS two-step verification, in which a company or app texts a one-time code to your phone as a way to verify you are who you say you are in order to access the service or reset a password. But have you ever stopped to consider how secure this method truly is?

Read More

CEOs: Get Everyone on the Same IAM Page


Properly managing cybersecurity risks demands that corporate leadership understands the full potential impact on your business—including reputational and legal risks. This starts with a dialogue about the security risks at your organization—how serious they are, how critical prevention and risk mitigation are, and how sophisticated attackers have become at stealing user credentials and breaching supposedly protected systems.

Read More

4 Ways Organizations Can Define Their Account Username Convention

Developing a company-wide account username convention as part of a company’s enterprise password management strategy is an important and challenging task. For organizations managing more than one set of credentials for their various systems and applications, a best practice is to consolidate all credentials into a single, enterprise-wide account username convention.

Read More

Why Your Organization Needs an Enterprise-Wide Account Username Convention

Is your organization using more than one account username conventions for your different systems and applications? If so, your organization isn’t alone. Since there is no one-size-fits-all naming convention, creating a single, enterprise-wide account username convention is easier said than done. However, using the right methodology, it is not only possible to create an enterprise-wide account username convention, but one that is an optimal fit for your organization.

Read More

What Is Risk-Based Authentication?

As businesses onboard more mobile and remote employees, partners, contractors, and other external users, the volume of people needing access to critical systems and data grows exponentially. And while this increased connectivity provides tremendous operational and productivity benefits, it also creates new attack vectors for intruders and cybercriminals.

Read More

Can Investing in IAM Save My Institution Money?


While the country as a whole has had more than seven years of recovery time since the Great Recession, many government agencies and institutions still find themselves struggling to fully mend. Across the U.S., many are still working to do more with less—a reality that is particularly true in public colleges and universities.

Read More

Enterprise Password Management: Mandatory Changes Out and MFA In

In enterprises around the globe, it’s becoming increasingly clear that implementing mandatory password changes is no longer considered best practice for securing key systems and data.

Of course, we’ve long known that passwords are a weak link in the security chain. Eighty percent of hacking-related breaches in 2017 leveraged either stolen passwords and/or weak or guessable passwords, according to the latest Verizon Data Breach Investigations Report.

Read More

Subscribe Here!