The breaches of Hollywood Presbyterian Medical Center and the United States Office of Personnel Management (OPM) have been hot topics in the last month. Hollywood Presbyterian because it’s so fresh in our minds and the OPM because of the fallout resulting from it, including House Oversight Committee hearings and the (forced) resignation of its CIO.

Last week, I wrote a post about how with the proliferation of the Internet of Things, “things” within an organization - those smart connected devices that are able to think on their own - will emerge as insider threats in the future. At the end of that post, I said that things will eventually become another identity we will have to secure and manage.

In the past, we’ve talked a lot about rogue employees and how they pose an internal threat to organizations if their identities aren’t properly managed. Last month, Troy discussed them again, building on our rogue employee archetypes by adding a few others to the list.

Yet as the Internet of Things continues to grow from a concept into something more tangible, I can’t help but think that “things” could eventually pose an internal threat to organizations as well.

The Internet of Things (IoT) has become a very popular topic with the media and bloggers over the past few years. When it’s discussed, it’s typically in association with consumer devices, an aspect I never gave much thought to until last week when I was discussing the 2013 Target breach, and this post from Brian Krebs in particular, with a colleague.

To say that the Internet of Things (IoT) has been a hot topic lately would be an understatement. Over the last few years, talk about IoT has rocketed from zero to a hundred, and has created a growing number of eager early adopters who want to take shiny, new IoT devices home with them right now. At the same time, some businesses have already started dipping their toes into the IoT lake. However, like many technologies ahead of their time, the increase in the number of IoT devices is quickly outpaced by the number of ways they can be breached by cyber criminals.

A few years ago, North Carolina’s Department of Public Instruction (NCDPI) selected Identity Automation to build a cloud identity platform to manage all its users in all its public schools. Each student, teacher, staff member and administrator at every K-12 public school would be using the platform to access all the state provided applications and programs they needed to use on a daily basis.

Digital tools are as critical to student learning today as pen and paper ​have been in the past. We at Identity Automation support the addition of the Enhancing Education Through Technology ​bill ​to the Elementary and Secondary Education Act​ (ESEA)​.​ This bill would ensure a dedicated and well-funded tech program would be part of the revised ESEA.​ The​ effort ​to make this revision ​is currently led by Senator Tammy Baldwin (D-WI) and Senator Lamar Alexander (R-TN) and is up for a vote later this afternoon. 

Joining over 100 corporations including Apple, Google, Khan Academy, and Microsoft, we are pleased to support Student Privacy Pledge in their mission to safeguard the privacy of students in grades K through 12.

Identity Lifecycle Management is a function that occurs in all organizations but is usually a manual process at best. Many organizations are being driven to implement processes to automatically curtail user access based on their role within the organization and to automatically revoke that access upon termination.

We have all heard the stories about businesses struggling to stay viable as we deal with the current economic slump. A topic that has been of particular interest to many of our existing and prospective customers in recent months has therefore been cost reduction. While the Identity Management space covers a lot of ground, one particular area that can have a big impact on cost is Password Self Service.