Corporate Governance is More Than a Good InfoSec Policy

*Disclaimer: This article originally appeared on IDG Connect

Over the past few years, Governance, Risk, and Compliance (GRC) have become three of the hottest topics in Information Technology circles. The growing demand for compliance with federal and state laws, as well as industry best practices, has necessitated a closer look at IT governance, as well as solutions that help to ensure an organization has invested their time and efforts wisely, through management and implementation of such technologies as access control, data protection, and identity provisioning and management. Proper design, application, and usage of these key technologies (and others) help to control necessary risk management activities and ease the efforts that are required to remediate or address areas where compliance is lacking. 

Read More

6 Things Schools Can Do to Ensure Student Data Privacy

*Disclaimer: This article originally appeared in eSchool News

Student data privacy is quite a different topic from the headlines most people read concerning data breaches. It is not about malicious intruders hacking or stealing credentials to get into a system to steal corporate intellectual property or records to sell on the dark web. Student data privacy concerns, specifically, center on the misuse of personally identifiable information, known by its acronym PII.

Read More

Compliance Must Become More than Earning a “Participation Trophy”



One of the most concerning trends for 2016 seems to be "Another day, 
another healthcare data breach." Breaches are becoming an all too regular occurrence and not just among healthcare providers. Retailerscredit and financial institutionsentertainment giants, and even governmental agencies are falling prey to the hackers, and in many cases are allowing access to very private customer data, at an alarming rate.

Read More

Beyond Compliance with Privileged Access Management


The goal of achieving compliance is to make sure that an organization is meeting minimum standards to protect sensitive data. In order to be compliant, a business needs only to meet the outlined requirements.

However, this does not mean that its systems and data are secure. Unfortunately, there are companies that treat compliance merely as a checkbox. Even when the minimum standards are met, data and accounts with elevated access are still vulnerable. Instead, achieving compliance should be viewed as the by-product of sound security practices. This starts with protecting the attacker’s most sought-after prize: privileged accounts with elevated access across the network.

Read More

Making the Case to Your CIO to Upgrade Your IAM System, Part 2

In the first installment in this blog series, we looked at the many trends in the business landscape today (digital transformation, a changing workforce, and the shift to cloud IT infrastructures, among others) that are driving the need for a more comprehensive and integrated IAM solution. In our second blog in this series, we will take a look at why evolving regulatory and threat landscapes, combined with shrinking IT budgets, have necessitated more robust, modern IAM solutions.

Read More

Is Access Certification Needed?

Are you using access certification to remove access once it’s no longer needed? Do you find the access certification process to be inefficient and tedious?

Read More

Subscribe Here!