Ask The Security Expert: Questions & Answers
Identity Management and Access Control
Randall Gamby is the information security officer for the Medicaid Information Service Center of New York (MISCNY). MISCNY manages and maintains the largest state-run Medicaid claims data warehouse in the United States. Prior to this position he was the enterprise security architect for a Fortune 500 insurance and finance company. His experience also includes many years as an analyst for the Burton Group's Security and Risk Management Services group. His coverage areas included: secure messaging, security infrastructure, identity and access management, security policies and procedures, credential services, and regulatory compliance.
Prior to joining Burton Group, Randall was a senior consultant and infrastructure designer for Fortune 500 companies, global organizations, and federal governments developing integrated systems for enterprise, national and worldwide deployments. With 20 years of experience, Randall is a founding participant in OSI communications development and was a representative for McDonnell Douglas Corporation (now Boeing Aerospace) in the Aerospace Industries Association, which worked for standardized interoperation between aerospace organizations and the U.S. government.
Randall recently rejoined SearchSecurity.com's Ask the Experts panel, and is ready to answer your questions!
Have a question for Randall Gamby? Email editor@searchsecurity.com!
-
Enterprise user de-provisioning best practices: How to efficiently revoke access
Answer - Misplaced or stagnant employee access can be dangerous; Randall Gamby details user provisioning best practices for setting up a system to combat this risk. 17 January 2012 -
Role-based access control: Making an enterprise RBAC implementation easier
Answer - Learn the benefits of role-based access control based on job functions of network accessing employees, and how to make an RBAC implementation easier. 13 January 2012 -
Exchange Server administration policy: Managing privileged user access
Answer - Randall Gamby explains the important particulars involved with setting up and securely supervising an enterprise Exchange Server administration policy. 22 December 2011 -
Privileged account policy: Securely managing privileged accounts
Answer - Randall Gamby discusses how to securely implement a privileged account policy within the enterprise and collectively manage sensitive account information. 21 December 2011 -
Credential validation for an enterprise password storage vault
Answer - Randall Gamby offers advice on the credential validation process for an enterprise password storage system. 20 December 2011 -
Detecting and blocking suspicious logins, unusual login activity in the enterprise
Answer - Randall Gamby dissects the delicate but crucial science of detecting and blocking suspicious logins and unusual login activity in the enterprise. 13 December 2011 -
Perform a Windows Active Directory security configuration assessment
Ask the Expert - How secure is your configuration of Active Directory? Learn how to perform a security configuration assessment on such a directory in this expert response . 19 July 2010 -
How does DNA cryptography relate to company information security?
Ask the Expert - What is DNA cryptography, and would it be an effective method for us in enterprise information security? IAM expert Randall Gamby discusses how DNA cryptography works and how to use it. 08 July 2010 -
Can DHCP management tools be used to manage user account permissions?
Ask the Expert - Learn more about whether using DHCP management tools is an effective way to manage user account permissions, and what other options might be, in this expert response from Randall Gamby. 06 July 2010 -
What to include in a remote access audit
Ask the Expert - When conducting a remote access audit, there are specific questions you should be sure to ask to make sure everything is secure. In this expert response, Randall Gamby describes what to look for. 02 July 2010