Access Management

Students improperly view file that contained personal data

By

A file containing the personal information of current and former Colorado State University-Pueblo students was accessed last spring by unauthorized users.

Server breached at a Vancouver-area school

By

The personal medical data of nearly 13,000 students and staff at Canada's British Columbia Institute of Technology (BCIT) may have been exposed.

On creating an IAM governance body

On creating an IAM governance body

Identity and access management programs are quite tricky to scale across an organization, but implementing a governance team can go a long way to effectively using the technology to meet compliance and manage user permissions.

GAO again slams IRS over security weaknesses

Despite repeated warnings from the GAO, the IRS has not done much to improve its security posture, and the tax collector was chastised in yet another federal audit.

Facebook rolls out application-specific passwords

By

Facebook on Thursday introduced two new security features to help users better protect their accounts. The first is the ability to create unique passwords for each application a user accesses. (Normally they only need to enter in their standard Facebook credentials). The new capability allows members to create a password, which they won't have to remember each time they login to the app, by visiting Account Settings>Security>App Passwords. Meanwhile, the "Trusted Friends" feature allows a user to select three to five trusted individuals to serve as custodians of codes that can be used to access one's account if he or she is ever locked out.

Sponsored video: Richard Weeks of Cyber-Ark on identity and access

By

Richard Weeks, VP of business and channel development at Cyber-Ark, tells SC Magazine Executive Editor Dan Kaplan why stopping privileged users is a key strategy to deterring abuse coming from both inside and outside the network.

UCLA Health System fined over celebrity patient snooping

By

UCLA Health System must pay $865,500 as part of a settlement with the U.S. Department of Health and Human Services (HHS) over complaints that employees snooped on the health records of two celebrities.

More than 30 hospital workers fired for snooping

By

Thirty-two employees were fired from two hospitals in Minnesota after they viewed electronic records belonging to patients who were hospitalized after overdosing at a house party, according to a report in the Minnesota Star-Tribune. The employees, who worked at Unity Hospital in Fridley and Mercy Hospital in Coon Rapids, do have access to certain records, but in this instance, had no legitimate reason to view the documents. As hospitals transition to electronic health care records, more instances of unauthorized access, such as cases last year in California, have cropped up.

Wind power company disputes alleged SCADA hack

By

A major U.S. energy supplier has found no evidence of breach despite claims by a former employee that he hacked into the company's New Mexico wind turbine facility as revenge for being fired.

White House finalizes online identity strategy

By

The Obama administration released the final version of its National Strategy for Trusted Identities in Cyberspace, the goal of which is to create a so-called identity ecosystem where online transactions are more trustworthy.

ETSI releases identity management specifications

By

The European Telecommunications Standards Institute (ETSI), a nonprofit that produces standards for information and communications technologies, has completed a set of identity management specifications which outline how users can safely gain authorized access to data and services. The free specifications, which are aimed at network operators, internet service providers and systems designers, address access control issues related to third-parties and cloud environments. The specifications were created by ETSI's identity and access management for networks and services group, whose members include Nokia Siemens Networks, Alcatel Lucent, the University of Patras in Greece, and the University of Murcia in Spain.

When it comes to avoiding data breaches, universities can learn from the enterprise

When it comes to avoiding data breaches, universities can learn from the enterprise

With colleges and universities back in session, campus IT departments can take a page out of the enterprise playbook to help them deal with the unique security challenges facing academia.

Access management: Open the door and let me in ...

Access management: Open the door and let me in ...

By

It is access management time again. This month, we look at two groups that fit in that broad category: network access control (NAC) and identity management.

CA continues cloud buying spree with $200 mil Arcot buy

CA continues cloud buying spree with $200 mil Arcot buy

By

Continuing its cloud computing buying spree, IT management software provider CA Technologies announced Monday that it plans to acquire authentication solutions provider Arcot for $200 million.

Sign up to our newsletters

POLL