Security Management Strategies for the CIO
Joel Dubin, CISSP, is SearchSecurity.com’s former resident expert on identity and access management (IAM). He is a PCI QSA and a PA-DSS QSA, and works at Trustwave in Chicago (due to his vendor affiliation, Dubin is not an active SearchSecurity.com contributor). His area of expertise is the security of credit card payment applications. As a PA-QSA for Trustwave since 2008, he has conducted PA-DSS assessments in the US, Latin America, the Middle East and Europe. Besides his IT security experience, he speaks seven languages.
Contributions from Joel Dubin, Contributor
- Understanding tokenization amid PCI encryption requirem
- Cloud compliance: How to manage SaaS risk
- User provisioning software: Emerging features reveal ma
- Should a new user have to confirm an email address to gain access?
- Using batch files for temporary user access to the local admin group
- The Little Black Book of Computer Security, 2nd Edition
- Do the Group Policy Object and 'Password Never Expires' flag interact?
- What are the benefits of identity managed as a service?
- Directory services and beyond: The future of LDAP
- What are good features to look for in access control software?
- Enterprise role management: Trends and best practices
- Trends in enterprise identity and access management
- Pre-requisites for implementing enterprise single sign-on (SSO)
- Are there efforts to develop a common logging and audit standard?
- Best practices for application-level firewall selection
- To what exactly would a request for biometric data from an insurance provider pertain?
- What guidelines do you recommend regarding best practices for user provisioning?
- How to prevent users from sharing root passwords
- Worst Practices: Three big identity and access manageme
- Biometrics vs. biostatistics