Identity Automation Blog

Stay up to date with all of the latest news and events.

Scott Kortright has been a technology marketer for 20 years across a diverse set of industries and specializes in Technology Product Marketing and Sales Enablement. As Identity Automation’s Director of Marketing, Scott leads the company in the development, planning, and execution of strategic go-to-market, communications, and product marketing initiatives. He is an avid Syracuse Orange fan, doting father, border collie lover, and happy Blue Apron customer.

With an incredible 95 percent of organizations already using the cloud in some fashion, it’s no surprise that there is an endless stream of advice on how to achieve a successful cloud migration.

In IT security, it’s often said that a company’s employees are its weakest link. As technology grows increasingly user-friendly, and the rules of digital “ownership” blur, rogue employees—those who don’t follow the standard IT security rules for one reason or another—are emerging as a significant threat to corporate security.

The term shadow IT conjures up images of a malevolent, invisible force that poses a threat to security policies. Sounds scary, right? While shadow IT does have the ability to create a bottleneck, it tends to occur in the most benign of situations.

At a certain point in your ongoing push to modernize security at your organization comes the moment of truth: time to present your initiatives, and your results, to your board of directors (BOD). In the past, you may have gotten by with little more than a cursory explanation, touching on little more than compliance issues, but in 2017, cybersecurity no longer flies under the BOD’s radar.

By this point in our series on security and the CEO, it should be clear that security isn’t just a technological issue. It’s a cultural one, and you must improve your organization’s security culture, as well as its security processes and technologies. To accelerate your digital transformation, security must become part of your company’s very DNA. That’s where the CEO comes into play.

In 2017, ransomware, the use of weaponized encryption to block access to a computer system or service until a ransom is paid, is all the rage among hackers. In fact, ransomware is now one of the top three most common malware threats.

The situation is dire, with hackers requesting ransoms of up to $73,000 per attack. Ransomware payments totaled more than $1 billion in 2016, a massive jump from the mere $34 million paid in 2015.

A specter is haunting your business—the specter of shadow IT. It’s circumventing your security policies, compromising your data sovereignty, and costing you money. It lurks on your networks, on your employees’ computers and devices, on your servers, and in the cloud. Ever-present and always out of sight…or, at least, that’s how it sounds.     

At this stage in your efforts toward modernizing your company’s information security program, it’s time to move beyond education and dialogue into more concrete action. By following these seven steps, you can pave the way toward a more secure future for your organization.

Now that your C-suite understands your company’s information security program, it’s time to move further into the educational phase.

As you evaluate and prioritize the risks your organization faces, identity and access management (IAM) should become a clearer and clearer priority. To help you educate your CEO on the need for increased investment in modern IAM solutions, here is some key IAM terminology that you can use as you work to transition your company to a more modern strategy.  

College and university IT teams are struggling with technical limitations that make it difficult to comply with evolving preferred-name policies—at least in a timely or automated manner—across a more complex digital environment. While it may seem like a student name change is a relatively easy task for an IT department, at the most recent EDUCAUSE annual conference, multiple schools expressed questions, concerns, and challenges regarding their ability to deal with preferred name changes in directory systems and downstream applications.