The goal of achieving compliance is to make sure that an organization is meeting minimum standards to protect sensitive data. In order to be compliant, a business needs only to meet the outlined requirements.

However, this does not mean that its systems and data are secure. Unfortunately, there are companies that treat compliance merely as a checkbox. Even when the minimum standards are met, data and accounts with elevated access are still vulnerable. Instead, achieving compliance should be viewed as the by-product of sound security practices. This starts with protecting the attacker’s most sought-after prize: privileged accounts with elevated access across the network.

In the first installment in this blog series, we looked at the many trends in the business landscape today (digital transformation, a changing workforce, and the shift to cloud IT infrastructures, among others) that are driving the need for a more comprehensive and integrated IAM solution. In our second blog in this series, we will take a look at why evolving regulatory and threat landscapes, combined with shrinking IT budgets, have necessitated more robust, modern IAM solutions.

When you hear about retail establishments suffering from a data breach, names like Neiman Marcus, Target, The TJX Companies, Michaels, and The Home Depot dominate the headlines. When you read these news stories, it might appear as if cyber criminals are only going after the big fish. Unfortunately, this might lull small and mid-sized businesses into thinking that they are not likely to be the targets of such an attack. This is supported by recent research that shows that more than three-quarters of all SMBs believe that they are safe from to cyber attacks.

The truth is, small and medium sized retailers make up 62 percent of the data-breach victim pool, because attackers know that small and mid-sized businesses are:

In Part 1 and Part 2 of my series on the value of identity, we looked at the consequences of revealing excessive personal information in public, more specifically the digital realm, can have on the individual and an organization. We saw that hackers can use the information you reveal on social media and the internet not only to impersonate and steal your identity, but to even infiltrate and take control of your company’s network. 

According to the new 2016 Verizon Data Breach Investigations Report (DBIR), legitimate user credentials were used in most data breaches, with some 63 percent of them using weak, default, or stolen passwords. This may come as some surprise to businesses that are not yet victims of such breaches as they continue to utilize homegrown, piecemeal, or legacy identity access management (IAM) solutions. While your CIO is focused on perimeter defense, your challenge is to shift this focus to the need for a more robust, modern, and integrated IAM solution, which is easier said than done.

In Part I of our “Building Web Services with RapidConnect” series, I described how to create a simple Web Service using RapidConnect.  To summarize, any RapidConnect action set results in having a new Web Service API method. The primary benefit is that users are limited only by imagination and available data to build powerful Web Services to use.

As you may have heard, we recently announced that we have become an Affiliate Member of the IMS Global Learning Consortium. 

The OneRoster standard is a subset of the Learning Information Services standard that focuses on the school’s needs to exchange roster information and grades. 

In my recent post, I discussed how in today’s world, identity is ubiquitous – it reaches into almost everything we touch, while identity theft and fraud have become near constant topics in the news.

Recently, our CEO, James Litton sat down with the South Texas chapter of ISSA as part of the organization's podcast series on cybersecurity. Their conversation covered a wide range of security and identity and access management (IAM) topics, including identity and the Internet of Things, the future of passwords, contingent workers, IAM and the cloud, and much more.

Over the past two decades, my work in information technology has exposed me to home end users, as well as corporate environments of every shape and size, throughout most sectors of the industry. These experiences have provided a unique perspective into the struggles that individuals and organizations face regarding personal information and proper user identity and data management.