06/14/2011 |
Passwords
In the wake of news of breaches at defense contractor Lockheed Martin, RSA, The Security Division of EMC acknowledged the link between information compromised in a widely publicized breach in early 2011 and the SecurID hard tokens used to secure access to Lockheed systems. Client is looking to evaluate the need to replace a fleet of SecurID tokens, what alternatives exist, and
07/31/2007 |
Passwords
Responding to recent FFIEC guidance around multi-factor authentication, The Institute for Applied Network Security (IANS) convened a working group of IT Security leaders to establish a baseline of identity management practices among thought leading organizations. Specifically, the working group focused on the current multi-factor authentication solutions deployed today, as well as
09/18/2006 |
Passwords
Overview
Integrating identity management and access control technology with other applications and systems puts a premium on interoperability. This gives an advantage to large vendors that can field suites and large solutions rather than smaller, more nimble players with point solutions that must be integrated. Major players in the suite field include BMC Software, Computer
09/18/2006 |
Passwords
Title: Nontraditional Authentication Methods: What is Adequate Identification and Authentication?
Industry: Education (a university professional development program)
Solution Provider or Product: N/A
Background Info/Context: The presenter is director of a university’s Information Assurance Education Program, designed for working security professionals who are preparing for
07/19/2006 |
Passwords
Overview
The goal of access control is to automate the processes of managing organizational identities and provisioning
and deprovisioning access rights, which requires technology. But the consensus of Delegates is that while
technology is necessary, the key issues are essentially management, policy, and processes rather than
technical. Automating flawed processes only lets you
05/23/2006 |
Passwords
Industry: Oil field services
Solution Provider or Product: Homegrown smart card system
Background Info/Context: This company has 55,000 employees of 140 nationalities in 100 countries, many of them working in remote sites providing services for major oil companies. It also previously manufactured smart cards. Identity management under these conditions was a difficult job.
Problems
05/23/2006 |
Passwords
Industry: Health care
Solution Provider or Product: IBM Tivoli Identity Manager
Background Info/Context: This is a non-profit health care provider with 16,000 employees and 10 million customers in four states. As a health care company, it is subject not only to Sarbanes-Oxley’s requirements for controlling data, but to the Health Insurance Portability and Accountability Act (HIPAA
05/23/2006 |
Passwords
Overview
With the recent announcement of a major loss of personal information by the VA that could potentially compromise the identities of millions of individuals, the protection of data on mobile devices was on Delegates’ minds. Delegates listed their primary concerns, and discussed the tools and solutions that work for them.
Delegates focused on restricting or monitoring third
05/23/2006 |
Passwords
Overview
Access control requires a complex combination of technology and policy, with a high level of cost and a high level of pain. As a result, few Delegates have succeeded in fielding access control systems, largely because of a lack of management willingness to support the cost. The small number who have succeeded have done it by using access control to solve specific
05/23/2006 |
Passwords
Overview
IT security is a central feature of many laws and regulations, such as Sarbanes-Oxley, HIPAA, and industry-specific regulations from agencies like the FDA. Many of these laws stipulate that IT must create controls for changes to software and access privileges, and these controls must be tested and documented in a way that's acceptable to both internal and external
Next Event
Space is limited, reserve your spot today