Entries by Howard Mahoney

Why All The Emphasis On Insider Threats? Three Reasons:

1. Insider security risks are more prevalent and potentially more damaging. According to a study conducted by the Ponemon Institute, 34% of data breaches in the U.K., come from malicious activity, including criminal insiders, and 37% of breaches come from employee negligence. A previous Ponemon study indicated that a third of malicious attacks come from […]

Recertification Health Check – 6 Steps

The regulatory push toward formal recertification of entitlements and privileges finds many enterprises in new compliance territory. PathMaker Group Chief Architect Jerry Castille shares six critical best practices to ensure strong governance. 1) Identify Target Applications: Collecting an inventory of applications that fall within the scope of a certification campaign’s requirements is the first step in […]

Compliance or Agility? (Why Not Both?)

The increasing number of disclosed security breaches has recently shifted the public’s attention away from compliance. While no longer a hot topic in the news, compliance is still a major focus for enterprises. However, most CIOs aren’t measured on how compliant the business is – their success is measured in how much value they bring […]

Top Six Things to Consider with an Identity-as-a-Service (IDaaS) Solution – Blog 5 of 6

5. Robust Access Policies and Multi-factor Authentication (MFA)   Today you live with the risks of users accessing many more services outside the corporate network perimeter as well as users carrying many more devices to access these services. Users have too many passwords and the passwords are inherently weak. In fact passwords have become more […]

Top Six Things to Consider with an Identity-as-a-Service (IDaaS) Solution – Blog 4 of 6

4. Mobile Access Management Mobile has become the de facto way to access cloud apps requiring you to ensure security and enable functionality of users devices. This includes deploying appropriate client apps to the right device and ensuring an appropriately streamlined mobile experience. Unfortunately, most existing Identity and Access Management as a Service (IDaaS) solutions […]

Top Six Things to Consider with an Identity-as-a-Service (IDaaS) Solution – Blog 3 of 6

3. Complete App Access Lifecycle Management When a user is new to the organization or takes on a different role within the company, an IDaaS solution should make it easy — and automatic — for you to provision users to cloud or on-premises apps with automated account creation, role-based license and authorization management, single sign-on, […]

Top Six Things to Consider with an Identity-as-a-Service (IDaaS) Solution – Blog 2 of 6

2. Identity Where You Want It An IDaaS solution also needs to be flexible, providing robust access to corporate identities managed on-premises (e.g., Active Directory or LDAP), a directory service in the cloud for non-AD users such as partners or customers, and when appropriate, a hybrid of the on-premisesand cloud directories. This is in stark […]