Data Breach
What a 3 Year Old can teach us about Information Security
It’s often said that children are born negotiators. They possess a natural ability to try to get what they want though trade-offs, attempting to only do something if they get something in return. It’s less said though that children are born Information Security specialists. Surprising you might think – afterall, as marvellous as the human…
Active Directory and the Problem of Privilege
A quick scan through your daily email or favorite news site brings news of yet another data breach, inevitably brought on by either a mysterious hacker, organized cyber-criminal group or even a malicious insider. What do all of these identities have in common? In more and more cases, these identities have gained and misused privileged…
Using Derived Credentials for Multi-Factor Authentication in Government Agencies
The rise of mobility in the workplace is prompting government agencies to investigate using multi-factor authentication for access to applications while maintaining compliance to Homeland Security Presidential Directive 12 (HSPD 12). Issued in 2004, this directive mandates common identification standards for federal employees and contractors. Among other security measures, HSPD 12 resulted in the use…
Using Identity-Powered Security to Close the Intelligence Gap
In the world of physical security, officers and guards are trained to set a baseline. This baseline tells them what is normal for the time and place. Sitting quietly and drinking coffee is normal for a coffee shop, while leaping and screaming may be normal for a rock concert. With this baseline, security professionals can…
Keep Your Friends Close, Your Insiders Closer…
No organization is immune from a data breach. The fact is, your organization probably already has been breached. A new survey from the CyberEdge Group and NetIQ shows you just where IT teams are finding the security vulnerabilities that can lead to breaches and audit findings. The good news is it’s not hard to find…
Managing Security Complexity with Identity-Powered Solutions
Identity defines who you are and what you do. But identity isn’t static—especially when it comes to IT. User identity can change and be manipulated, which introduces significant challenges for IT security teams. Multiple major data breaches made headlines in the past 18 months alone, and unless security teams start to focus on identity, they…
The Real Security Gap: Users
Enterprise IT teams use perimeter technologies like firewalls and intrusion detection to defend against potential attacks on sensitive information. They provide an ocean of data that security teams must wade through. IT security teams work to respond, but because of the information deluge they receive from their defensive technology and log analyses, it can be…
Human Error and IT: The Security Perspective
It’s impossible to tell with any precision if human error in IT is increasing, or decreasing. However, there is plenty of incidental data in the breach headlines of today to support the fact that human, or insider, error is prevalent – and not going away anytime soon. The Hack Heard Round the World For example,…
Playing Pitfall! with Enterprise Mobile Identity
Over three decades ago, the game Pitfall! came out for the Atari game console. In it, you control a character named Pitfall Harry, swinging over pits and crocodiles, avoiding fire, scorpions and many other dangers in the jungle while racing to gather treasure. The world is just as rife with dangers to your mobile enterprise…
All That, and a Bag of Chips: the Weakest Link in the System
Last week, a major financial institution in the US revealed that over 76 million households and seven million small businesses were compromised. The hackers don’t appear to have gained access to personally identifiable information, there’s no evidence that account information was taken, nor is there evidence of fraud. But it’s impossible not to worry about…
