Ask The Security Expert: Questions & Answers

Identity Management and Access Control

Randall Gamby, Contributor

Randall Gamby is the information security officer for the Medicaid Information Service Center of New York (MISCNY). MISCNY manages and maintains the largest state-run Medicaid claims data warehouse in the United States. Prior to this position he was the enterprise security architect for a Fortune 500 insurance and finance company. His experience also includes many years as an analyst for the Burton Group's Security and Risk Management Services group. His coverage areas included: secure messaging, security infrastructure, identity and access management, security policies and procedures, credential services, and regulatory compliance.

Prior to joining Burton Group, Randall was a senior consultant and infrastructure designer for Fortune 500 companies, global organizations, and federal governments developing integrated systems for enterprise, national and worldwide deployments. With 20 years of experience, Randall is a founding participant in OSI communications development and was a representative for McDonnell Douglas Corporation (now Boeing Aerospace) in the Aerospace Industries Association, which worked for standardized interoperation between aerospace organizations and the U.S. government.

Randall recently rejoined SearchSecurity.com's Ask the Experts panel, and is ready to answer your questions!
Have a question for Randall Gamby? Email editor@searchsecurity.com!

Display in sets of:

  • Time to consider image-based authentication?

    Answer - Randall Gamby addresses the criticisms of image-based authentication and considers if it's a viable enterprise alternative authentication method. 13 March 2012

  • Can the cloud replace passwords?

    Answer - Expert Randall Gamby details key strategies for SaaS access management and contemporary single sign-on technology that's truly interoperable. 13 March 2012

  • Enterprise user de-provisioning best practices

    Answer - Misplaced or stagnant employee access can be dangerous; Randall Gamby details user provisioning best practices for setting up a system to combat this risk. 17 January 2012

  • How to make an enterprise RBAC implementation easier

    Answer - Learn the benefits of role-based access control based on job functions of network accessing employees, and how to make an RBAC implementation easier. 13 January 2012

  • Exchange Server administration policy

    Answer - Randall Gamby explains the important particulars involved with setting up and securely supervising an enterprise Exchange Server administration policy. 22 December 2011

  • Privileged account policy: Managing privileged accounts

    Answer - Randall Gamby discusses how to securely implement a privileged account policy within the enterprise and collectively manage sensitive account information. 21 December 2011

  • Password storage vault: Credential validation

    Answer - Randall Gamby offers advice on the credential validation process for an enterprise password storage system. 20 December 2011

  • How to spot suspicious logins

    Answer - Randall Gamby dissects the delicate but crucial science of detecting and blocking suspicious logins and unusual login activity in the enterprise. 13 December 2011

  • Windows Active Directory security configuration

    Ask the Expert - How secure is your configuration of Active Directory? Learn how to perform a security configuration assessment on such a directory in this expert response . 19 July 2010

  • How DNA cryptography relates to company information

    Ask the Expert - What is DNA cryptography, and would it be an effective method for us in enterprise information security? IAM expert Randall Gamby discusses how DNA cryptography works and how to use it. 08 July 2010