Identity and access management programs are quite tricky to scale across an organization, but implementing a governance team can go a long way to effectively using the technology to meet compliance and manage user permissions.
Sony's PlayStation Network again has been hit by hackers, but the limited damage that resulted could point to strides being made by the electronics giant.
Richard Weeks, VP of business and channel development at Cyber-Ark, tells SC Magazine Executive Editor Dan Kaplan why stopping privileged users is a key strategy to deterring abuse coming from both inside and outside the network.
The Federal Trade Commission in December plans to hold a workshop to investigate the privacy and security implications of facial recognition technology. The agency announced this week that the workshop, which is free and open to the public, seeks to bring together consumer protection groups, privacy experts, and industry and academic leaders. The meeting is expected to address such topics as whether consumers should consent to the collection and use of their images. Facial recognition products can provide an added security layer at places like airports or automate photo tagging on sites such as Facebook, but critics worry they also could be used for intrusive surveillance. As a result, offerings have emerged that can help people hide their faces from the technology.
An Apple operating system flaw could allow any user to obtain stored password hash data through an openly readable directory.
An employee of North Bay Regional Health Centre in Ontario, Canada accessed without permission the personal health information (PHI) of thousands of patients.
UCLA Health System must pay $865,500 as part of a settlement with the U.S. Department of Health and Human Services (HHS) over complaints that employees snooped on the health records of two celebrities.
Facebook is rolling out two-factor authentication to fight against the possibility of unauthorized account access.
The Obama administration released the final version of its National Strategy for Trusted Identities in Cyberspace, the goal of which is to create a so-called identity ecosystem where online transactions are more trustworthy.
Data breaches cost organizations $7.2 million on average in 2010, up seven percent from $6.8 million the previous year, according to a new study.
Every consulting firm that we are working with is requesting pros with identity and access management skills, says Joyce Brocaglia, CEO of Alta Associates.
Identity and access management frameworks can help distinguish between the various competitor and partner personas, and organizations such as the Transglobal Secure Collaboration Program (TSCP) are working to construct and use them.
Poor authentication standards encourage bad passwords and enable the data breach at Gawker to harm security across the web.
Trusting no one may soon become the new mantra in IT security, given the leak of sensitive U.S. diplomatic cables.
Facebook users are now able to download all of the data they've compiled in their profile onto a zip file, Facebook founder and CEO Mark Zuckerberg announced Thursday. But before users can do so, Facebook has instituted a number of security checks, consisting of "confirming your password and answering appropriate security questions," to validate their identity, Zuckerberg wrote in a blog post. Users also reportedly will have to fill out a captcha. The world's most popular social networking site launched the "Download Your Information" feature as a way for its more than 500 million members to better control their data, which includes wall posts, status updates and photos. — DK
Continuing its cloud computing buying spree, IT management software provider CA Technologies announced Monday that it plans to acquire authentication solutions provider Arcot for $200 million.
Thanks to compliance requirements and a threat environment marked by growing sophistication, sellers of software security products are expected to earn more than $16.5 billion in revenue this year, an 11.3 percent jump from 2009, according to a Gartner forecast released this week.
Glenn Hazard, CEO of identity and access management provider Xceedium, tells SC Magazine's Angela Moscaritolo what is driving this security industry sector and how it is morphing to keep up with the increasing mobile workforce.
A successful identity governance strategy requires a combination of transparency, analytics, automation and risk mitigation.
All it takes is a single employee or partner with improper access to bring an organization's network to its knees.
Drivers such as compliance and insider threats are helping to keep information security budgets at financial institutions alive and well, according to a new study.
Organizations must reconsider how they respond to compliance requirements.
Fremont, Calif.-based ActivIdentity on Monday acquired CoreStreet to complement its strong authentication and credential management solution portfolio. Under the $20 million deal, ActivIdentiy will gain Cambridge, Mass.-based CoreStreet's public key infrastructure certification (PKI) technology, distributed identity credential validation system and physical access control products, according to a news release. The two vendors already had been partnering to offer combined solutions for government and enterprise customers. — DK
Atlanta-based managed security services provider SecureWorks has extended its footprint in the European market with the purchase Tuesday of U.K.-based dns Limited, a 10-year-old MSSP and consulting provider. With dns Limited employees based in London and Edinburgh, Scotland, the acquisition is expected to expand SecureWork's client base and provide additional identity and access management practices. Terms of the deal were not disclosed. — GM