Common Account Username Convention Fails

Developing a single account username convention that meets all your organization's requirements and will work for both current and future users? Well, that's easier said than done—much easier said than done.

Read More

Why Your Organization Needs an Enterprise-Wide Account Username Convention

Is your organization using more than one account username conventions for your different systems and applications? If so, your organization isn’t alone. Since there is no one-size-fits-all naming convention, creating a single, enterprise-wide account username convention is easier said than done. However, using the right methodology, it is not only possible to create an enterprise-wide account username convention, but one that is an optimal fit for your organization.

Read More

Identity Management Best Practices: Start with the Basics

Another year, another Verizon Data Breach Investigations Report (DBIR), another depressing look into the state of global cybersecurity preparedness.  

Read More

Our Thoughts on InformationWeek’s “Five Ways to Shine a Light on Shadow IT”


The term shadow IT conjures up images of a malevolent, invisible force that poses a threat to security policies. Sounds scary, right? While shadow IT does have the ability to create a bottleneck, it tends to occur in the most benign of situations.

Read More

Executive Action Plan: 7 Steps to an Information Security Program

At this stage in your efforts toward modernizing your company’s information security program, it’s time to move beyond education and dialogue into more concrete action. By following these seven steps, you can pave the way toward a more secure future for your organization.

Read More

CEOs Must Understand Your Information Security Program


In the first installment of our series on security and the CEO, we discussed the dangerous disconnect between the rosy view of security held by the C-suite and the much grimmer reality seen in the trenches of IT. Today, we’re going to talk about the consequences of executive overconfidence in your information security program.

Read More

IAM Explained - Configuration, Customization, or Out of the Box?


When organizations start or plan to start a new IAM initiative, one of the first steps they take is some form of requirements gathering. The idea is that the requirements represent the functional and nonfunctional (IAM) needs of an organization. Then, typically through some form of procurement, the organization attempts find a solution/service/product(s) that best aligns with those requirements.

Read More

Beyond Compliance with Privileged Access Management


The goal of achieving compliance is to make sure that an organization is meeting minimum standards to protect sensitive data. In order to be compliant, a business needs only to meet the outlined requirements.

However, this does not mean that its systems and data are secure. Unfortunately, there are companies that treat compliance merely as a checkbox. Even when the minimum standards are met, data and accounts with elevated access are still vulnerable. Instead, achieving compliance should be viewed as the by-product of sound security practices. This starts with protecting the attacker’s most sought-after prize: privileged accounts with elevated access across the network.

Read More

Subscribe Here!