How to Prepare for the DFARS Compliance Deadline: Part 1

If you do business with the Department of Defense (DoD), get ready! After a two-year extension, the deadline for complying with the Defense Federal Acquisition Regulation Supplement (DFARS) data security requirements is fast approaching—December 31 of this year.

Read More

Why You Need to Immediately Cut Data Access When Employees Leave



When your company parts ways with employees, are you able to immediately terminate all access to corporate data? If not, you’re opening the organization up to a very real danger.

Read More

Why SMS 2-Step Verification Won’t Keep You Safe

If you’re active with any online service, then you have probably gone through the process of SMS two-step verification, in which a company or app texts a one-time code to your phone as a way to verify you are who you say you are in order to access the service or reset a password. But have you ever stopped to consider how secure this method truly is?

Read More

CEOs: Get Everyone on the Same IAM Page


Properly managing cybersecurity risks demands that corporate leadership understands the full potential impact on your business—including reputational and legal risks. This starts with a dialogue about the security risks at your organization—how serious they are, how critical prevention and risk mitigation are, and how sophisticated attackers have become at stealing user credentials and breaching supposedly protected systems.

Read More

What Is Risk-Based Authentication?

As businesses onboard more mobile and remote employees, partners, contractors, and other external users, the volume of people needing access to critical systems and data grows exponentially. And while this increased connectivity provides tremendous operational and productivity benefits, it also creates new attack vectors for intruders and cybercriminals.

Read More

Identity Management Best Practices: Start with the Basics

Another year, another Verizon Data Breach Investigations Report (DBIR), another depressing look into the state of global cybersecurity preparedness.  

Read More

Research Shows It Only Takes 9 Minutes Before Stolen Information Is Purchased & Used

What happens when stolen personally identifiable information (PII) is made public? Recently, the Federal Trade Commission (FTC) attempted to answer this question by designing and conducting a study to track the use of stolen information.

Read More

Yes, You Should Be Concerned about Rogue Employees (and Here's Why)


In IT security, it’s often said that a company’s employees are its weakest link. As technology grows increasingly user-friendly, and the rules of digital “ownership” blur, rogue employees—those who don’t follow the standard IT security rules for one reason or another—are emerging as a significant threat to corporate security.

Read More

Our Thoughts on InformationWeek’s “Five Ways to Shine a Light on Shadow IT”


The term shadow IT conjures up images of a malevolent, invisible force that poses a threat to security policies. Sounds scary, right? While shadow IT does have the ability to create a bottleneck, it tends to occur in the most benign of situations.

Read More

How to Report on Your IAM System’s Success

At a certain point in your ongoing push to modernize security at your organization comes the moment of truth: time to present your initiatives, and your results, to your board of directors (BOD). In the past, you may have gotten by with little more than a cursory explanation, touching on little more than compliance issues, but in 2017, cybersecurity no longer flies under the BOD’s radar.

Read More

Subscribe Here!