09/17/2010 |
Enterprise Single Sign-On
While the fear of leakage of sensitive data is on the minds of all IT security professionals and executives, there are no easy solutions for this enormous problem. Recommendations include developing a data security plan (which few have), and focusing first on protecting the structured data in one (or a few) key databases. Before buying add-on security solutions, delegates are
05/04/2009 |
Enterprise Single Sign-On
Role Based Access Control (RBAC) is the practice of allowing a user/identity admittance to the location of pertinent data through a defined organizational function as determined by the administrator. Instead of assigning permissions to an individual, the permissions would be assigned to a specific role or job description. A role is created for different job functions within a
03/02/2009 |
Enterprise Single Sign-On
Over the past few years, PCI has been one of the most talked about compliance subjects in information security. During that time, IANS has facilitated and engaged in discussions with hundreds of information security professionals about PCI.
11/07/2007 |
Enterprise Single Sign-On
Overview
Security managers are getting better at assigning quantitative values to threats. It’s a skill they must develop as they seek to prioritize among hundreds of patches; explain vulnerabilities in terms upper management can grasp; and determine which groups, applications, and workstations must be patched before all others.
As IT Security’s clout grows, the prospect of
11/07/2007 |
Enterprise Single Sign-On
Overview
Identity management and access control is messy, and few Delegates have actually implemented large-scale programs. Most organizations have a host of directories acting as identity stores from which access can be managed, and often they do not communicate with each other. Integrating legacy and custom applications into an access control system can be time-consuming and
06/20/2007 |
Enterprise Single Sign-On
The 2007 New York Metro Information Security Forum is the Institute’s 30th two-day, end-user event. To open each forum, the Institute’s Managing Partners share with the assembled delegates their view on the current state of the IT security profession based on interactions with end-users at prior Institute events.
11/14/2006 |
Enterprise Single Sign-On
Overview
Regulatory compliance and audit requirements are major drivers for Identity Management projects. Because these are subjects dear to the heart of upper management, this can help make funding available. But because of the complexity and the number of people, departments, and applications an ID Management project will touch in an organization, projects often must be scaled
11/07/2006 |
Enterprise Single Sign-On
Industry: Healthcare
Solution Provider or Product: IBM Tivoli Identity Manager
Background Info/Context: This major non-profit healthcare provider with more 11 million customers in four states was centralizing its IT program. Access management is a major component of that program. Outside access for customers was not included in the IT program, but a way was needed to standardize
09/18/2006 |
Enterprise Single Sign-On
Overview
The elephant in the room for identity management and access control is that the challenges often are more about people and processes than technology. About half of the Delegates were in the early stages of an identity management program, but none had implemented identify management products.
One of the problems is that automating current business processes offers few
09/18/2006 |
Enterprise Single Sign-On
Overview
Delegates spoke of their ongoing efforts to evaluate tools, products, and solutions for information protection; most evaluation efforts are still decidedly underway. Hence Delegates were especially interested to know which products others had tried, found successful, or opted not to use. They also wondered what today’s tools actually provide, and which features are still
Next Event
Space is limited, reserve your spot today