Cyber Attackers Are Increasingly Targeting Organizations Through Third Party Acces


What do Home Depot, Target, Jimmy John’s, Wendy’s, Scottrade, Gmail, and the National 
Security Agency have in common? Each has suffered a high-profile data breach related to third-party access in the past five years. It’s clear: Many organizations, across industries, are failing to put the necessary security measures in place to prevent or minimize the identity and access risks associated with third-party access.

Read More

Our Top Enterprise IAM Blogs in 2017


Another year, another look back at our top blogs! 2017 produced our our most read blog to-date, RBAC vs ABAC Access Control Models - IAM Explained. And from common Multi-Factor Authentication (MFA) terms and factor types to the top challenges and benefits, we also saw great readership on many of our MFA-related articles.

Read More

New RapidIdentity Product Capabilities Released in Fall 2017


At Identity Automation, we are continuously releasing new product capabilities for our RapidIdentity Identity and Access Management (IAM) solution. We’ve had a few releases this fall and wanted to make our customers aware of key capabilities that have been released over the past several months.

 

Read More

The Inherent Risks of Remote Third-Party Access

Businesses today are increasingly reliant on third parties, such as contractors, contingent workers, and vendors. And while these third parties enable organizations to decrease operational costs and increase productivity and agility, it also means greater numbers of external users need remote access to internal networks and sensitive corporate resources and data.

Read More

Meeting the DFARS MFA Requirements—What You Need to Know

As we noted in two previous blog posts, the deadline for complying with the Defense Federal Acquisition Regulation Supplement (DFARS) data security requirements is Dec 31, 2017.

In one post, we explained the basics of the DFARS data security rules, and in the other we explored the “14 families” of security measures outlined in National Institute for Standards and Technology Special Publication 800-171 (NIST SP 800-171). 

Read More

How to Overcome the Security Hate Factor when Implementing MFA

While best practice security policies and technology help to better secure an enterprise’s critical systems and data,  the added disruption, inconvenience, and effort required by this stepped-up security often create real headaches and bad feelings toward the new policies and technologies.

This is described as a “general hatred of security,” by Mike Pinch, the chief information security officer at University of Rochester Medical Center (URMC), in a presentation to the URMC Security Council.

Read More

University Security: Implications of BYOD Policies - Part 2

Bring-your-own-device (BYOD) policies are now a necessity for universities and colleges across the country. In Part 1 of this series, we covered the positives and negatives of BYOD, as well as the security implications of such policies. In this post, we’ll go over how to easily implement secure BYOD using a modern identity and access management (IAM) platform.

Read More

Why Are Flexible Authentication Policies Important in Today's Environment?

Gone are the days of your employees working a standard nine to five from within company walls. Today, employees often work remotely—from different devices and at all hours of the day.

Read More

Why SMS 2-Step Verification Won’t Keep You Safe

If you’re active with any online service, then you have probably gone through the process of SMS two-step verification, in which a company or app texts a one-time code to your phone as a way to verify you are who you say you are in order to access the service or reset a password. But have you ever stopped to consider how secure this method truly is?

Read More

What Is Risk-Based Authentication?

As businesses onboard more mobile and remote employees, partners, contractors, and other external users, the volume of people needing access to critical systems and data grows exponentially. And while this increased connectivity provides tremendous operational and productivity benefits, it also creates new attack vectors for intruders and cybercriminals.

Read More

Subscribe Here!