Recent Posts by Scott Kortright

 
Scott Kortright has been a technology marketer for 20 years across a diverse set of industries and specializes in Technology Product Marketing and Sales Enablement. As Identity Automation’s Vice President of Marketing, Scott leads the company in the development, planning, and execution of strategic go-to-market, communications, and product marketing initiatives. He is an avid Syracuse Orange fan, doting father, border collie lover, and happy Blue Apron customer.

How to Prepare for the DFARS Compliance Deadline: Part 2




As discussed in our previous blog post, the December 31 deadline for complying with data security requirements in the Defense Federal Acquisition Regulation Supplement (DFARS) is looming.

Read More

How to Prepare for the DFARS Compliance Deadline: Part 1

If you do business with the Department of Defense (DoD), get ready! After a two-year extension, the deadline for complying with the Defense Federal Acquisition Regulation Supplement (DFARS) data security requirements is fast approaching—December 31 of this year.

Read More

Why You Need to Immediately Cut Data Access When Employees Leave



When your company parts ways with employees, are you able to immediately terminate all access to corporate data? If not, you’re opening the organization up to a very real danger.

Read More

Privileged Access Management vs. Privileged User Management

The majority of major data breaches in recent years have resulted from hackers gaining access to unmanaged and unprotected privileged accounts and credentials.

Privileged and services accounts are a significant risk because of the access they provide the user with access to an organization’s systems and data. These accounts can be used to access the most sensitive data, lock out legitimate users, and create ghost accounts and backdoors that are not easily seen.

Read More

Why SMS 2-Step Verification Won’t Keep You Safe

If you’re active with any online service, then you have probably gone through the process of SMS two-step verification, in which a company or app texts a one-time code to your phone as a way to verify you are who you say you are in order to access the service or reset a password. But have you ever stopped to consider how secure this method truly is?

Read More

CEOs: Get Everyone on the Same IAM Page


Properly managing cybersecurity risks demands that corporate leadership understands the full potential impact on your business—including reputational and legal risks. This starts with a dialogue about the security risks at your organization—how serious they are, how critical prevention and risk mitigation are, and how sophisticated attackers have become at stealing user credentials and breaching supposedly protected systems.

Read More

4 Ways Organizations Can Define Their Account Username Convention

Developing a company-wide account username convention as part of a company’s enterprise password management strategy is an important and challenging task. For organizations managing more than one set of credentials for their various systems and applications, a best practice is to consolidate all credentials into a single, enterprise-wide account username convention.

Read More

What Is Risk-Based Authentication?

As businesses onboard more mobile and remote employees, partners, contractors, and other external users, the volume of people needing access to critical systems and data grows exponentially. And while this increased connectivity provides tremendous operational and productivity benefits, it also creates new attack vectors for intruders and cybercriminals.

Read More

Can Investing in IAM Save My Institution Money?


While the country as a whole has had more than seven years of recovery time since the Great Recession, many government agencies and institutions still find themselves struggling to fully mend. Across the U.S., many are still working to do more with less—a reality that is particularly true in public colleges and universities.

Read More

Enterprise Password Management: Mandatory Changes Out and MFA In

In enterprises around the globe, it’s becoming increasingly clear that implementing mandatory password changes is no longer considered best practice for securing key systems and data.

Of course, we’ve long known that passwords are a weak link in the security chain. Eighty percent of hacking-related breaches in 2017 leveraged either stolen passwords and/or weak or guessable passwords, according to the latest Verizon Data Breach Investigations Report.

Read More

Subscribe Here!