Can Investing in IAM Save My Institution Money?

While the country as a whole has had more than seven years of recovery time since the Great Recession, many government agencies and institutions still find themselves struggling to fully mend. Across the U.S., many are still working to do more with less—a reality that is particularly true in public colleges and universities.

Read More

Enterprise Password Management: Mandatory Changes Out and MFA In

In enterprises around the globe, it’s becoming increasingly clear that implementing mandatory password changes is no longer considered best practice for securing key systems and data.

Of course, we’ve long known that passwords are a weak link in the security chain. Eighty percent of hacking-related breaches in 2017 leveraged either stolen passwords and/or weak or guessable passwords, according to the latest Verizon Data Breach Investigations Report.

Read More

Why Most Identity Management Software Can’t Handle Transient Users at Scale


While every business faces some level of transience in its operations—namely employee or customer churn—community colleges, by the nature of their business, face the issue on a massive scale. For example, At Lone Star College, the nation’s third-largest higher-education system, up to 40 percent of the schools’ 100,000 students are transient users.

Read More

Single Sign-On vs. Full-Featured IAM Systems: Which Is Right for You?


When we engage with a new IT team and ask how they are currently managing user identities and access, more often than not, they simply point to a single sign-on (SSO) portal. This inevitably prompts a clarifying discussion around the meaning of SSO.

Read More

The Many Flavors of IDaaS: Choosing the Right One for Your Organization


In previous installments of this series, we discussed the emergence of Identity as a Service (IDaaS) and the benefits it offers. We also cleared up some of the most common misconceptions surrounding IDaaS. Now that you have a better understanding of the technology and its potential, let’s examine the most common IDaaS models, so that you can choose the right one for your organization.

Read More

The 2 Most Common IDaaS Misperceptions


In our last post, we discussed some of the most compelling reasons for adopting identity and access management (IAM) in the cloud. Like most other cloud services, identity as a service (IDaaS) offers cost-effective, high availability and affordable scalability. However, as you consider the possibility of moving from your legacy, on-premises IAM system to the cloud, it’s vital that you begin with a clear understanding of common misperceptions that haunt the emerging IDaaS market; here are the two biggest ones:

Read More

Single Sign-On vs Reduced Sign-On - IAM Explained


Whenever I am involved in the initial discovery phase of an Identity and Access Management (IAM) project, the term Single Sign-On (SSO) always comes up. SSO is often desired or a hard requirement of customers, which inevitably prompts a clarification discussion around just exactly what SSO means to them.


The customer’s definition of SSO is usually something along the lines of “customers have one set of login credentials for all of their web applications instead of a different set for each.” For example, a single “scarter” account and password can get me access to Salesforce and Google Apps versus having a separate “scarter1” account for Salesforce and then an “scarter2” account for Google Apps.  

However, this interpretation of what SSO means is actually only half correct.

Read More

5 IAM Metrics That Every Retail Organization Should Be Tracking

The easiest way to show success is through tangible measurement. When you roll out a new project or implement a new system, you can say that you think it’s working, but without evidence, you really can’t be sure. That is why metrics are so important to a business. Metrics enable an organization to know if productivity is up or if costs are down. They can also measure whether security has improved and identify opportunities to enhance processes. These reasons are precisely why it is so crucial to track identity and access management (IAM) metrics.

Read More

Why Most Enterprise Password Management Policies Fail

From the massive Target data breach in 2013 to the Wendy's, UC Berkeley, IRS, and U.S. Department of Justice breaches of 2015 and 2016, today's enterprise exists in a security minefield in which a single misstep could lead to a massive breach and public blowout. As IT departments shutter and make sure to shore up their perimeter security, unfortunately, many overlook the fact that it was actually legitimate user credentials that were used in most 2016 data breaches, with some 63% being the result of weak, default, or stolen passwords, according to the new Verizon Data Breach Investigations Report (DBIR). These results drive home the point that passwords are the weakest link in the security chain and malicious intruders know it.

Read More

Don't Stop at Single Sign On

There is no doubt that single sign-on (SSO) capabilities are an important part of any identity and access management (IAM) solution. SSO reduces user frustrations by eliminating the need to keep a list of separate login credentials for individual applications and lowers support costs by helping to reduce the amount of time IT spends addressing login issues and resetting forgotten passwords. Single sign-on can also be utilized for documenting user account activity.

Read More

Subscribe Here!