Mobile Search Mobile Menu

By Abhi Yadav

The Lifecycle Management Opportunities of a Data Breach (Part 3)

This is our third in a series of commentaries on minimizing the risk of becoming the next front page news story on data breaches. Identity lifecycle management is one of the most critical parts of a security and identity and access management program.  Identifying the assets and setting a baseline for acceptable risk needs to […]

By Abhi Yadav

Managing the Keys to the Kingdom – Privileged/Shared Accounts (Part 2)

This is our second in a series of commentaries on minimizing the risk of becoming the next front page news story on data breaches. Privileged and Shared Accounts are some of the most critical assets to manage in an organization since they provide broad access to systems and sensitive corporate and state information. Privileged Accounts […]

By Abhi Yadav

Ensuring You Don’t Become the Next Data Breach Story (Part 1)

Recent headline Cyber Crimes at major retailers, health insurers, and even US Government agencies suggest that those involved were not necessarily performed by criminal masterminds, but rather by individuals that at one time had been properly credentialed to access systems or by individuals that were simply exploring open doors to identify vulnerabilities,. As information technology […]

By Abhi Yadav

Controlling the Core

Regardless of whether an application solution suite is hosted on premise, in the cloud or some combination of the two, someone somewhere still needs to access server space to perform the basic functions of installation, configuration and maintenance. Of course in cloud space this may be somebody else’s problem while in on premise space the […]

By Abhi Yadav

Simeio IO: The Power of One

One of the more challenging aspects of Identity and Access Management (IAM) is also one of the more routine: the day-to-day management and monitoring of accounts, such as access requests and certifications, provisioning, federation (SSO), application onboarding, security and risk intelligence and privileged access management. What makes these tasks so challenging is the number and […]

By Abhi Yadav

Part 1 – IAM Program: Guidelines for Success

It is no surprise that many IAM initiatives fail. An enterprise-wide Identity and Access Management initiative, by nature, is complex. It deals with so many facets of an organization such as IT, security, infrastructure, internal and external facing customers, vendors, partners and service providers, etc. In addition, it also deals with a multitude of services […]

By Abhi Yadav

IAM Virtualization

In IT today, there’s a growing use of virtualization: using a virtual — rather than an actual — version of an IT device, system or resource. Virtualization is commonly used for storage, networks and databases, but perhaps the most well known example is hardware virtualization used by Infrastructure-as-a-Service (IaaS) providers such as Amazon or Rackspace. […]

By Abhi Yadav

Of Sticky Notes, Shared Credentials and Hard Coded Passwords…

Whether you’re in a small business, a not-for-profit organization or large commercial enterprise, it’s virtually a guarantee that you are connecting to technologies that require a logon ID and a password. If there’s more than one person in your organization, it’s also likely there’s at least one password that’s shared among your team. Passwords themselves […]

By Abhi Yadav

Four Key Steps to Limit Vendor Risk

Every business relies on vendors. The efficiency and specialized expertise they offer make the business proposition too compelling for any organization to ignore. But along with that expertise and efficiency comes risk. To do their jobs, vendors need access to your internal resources – and often very sensitive resources. This opens the door to a […]

1 2 3