Essential Guide

Formulating and managing online identity and access control

Identity and access management keeps getting more complex, what with cloud and mobile devices complicating the network security picture. This guide offers concrete advice on how to stay on top of the IAM environment in your enterprise.

Introduction

The surge of disruptive technologies like cloud-based systems, mobile apps and BYOD makes identity and access management (IAM) an increasingly difficult and complex task for infosec pros. This guide covers the fundamentals of IAM and associated issues, including the business concept and technology. It delves into how mobility impacts IAM and also covers issues like password policy and management, Active Directory and LDAP security, and provisioning tools for the enterprise user. It also delves into the now critical issue, privilege creep -- how to recognize it and remedies to stop it. This guide will help you plan, implement and manage an effective IAM program in your enterprise.

1IAM CONCEPTS-

The basics

Identity and access control is nothing new but it certainly is changing, just as the network too is changing. While always intended to keep the network secure by building controls around who can access it, now IAM must also adapt to new developments, like the cloud, the proliferation of employee mobile devices, software as a service (SaaS), not to mention compliance requirements. In this module, you'll gain an understanding of what IAM is and how the concept in general, and IAM products in particular, have adapted to new technological advances.

News

New IAM products employ cloud, other technology

Learn about the latest IAM products and how they're incorporating new methods and technologies. Continue Reading

Feature

Identity management in the hybrid world

As SaaS and mobile devices become more broadly used, you could lose control of access management. Here's how to achieve better operational consistency and scale. Continue Reading

Answer

Taking a broader view of identity governance

IAM has broadened to include the concept of identity governance, the convergence of compliance and identity management, making IAM a much more complex process. Continue Reading

Feature

The best identity and access management products out there

Learn which identity and access management products scored with TechTarget readers in 2013. Continue Reading

2PASSWORDS-

Password management and policy

Passwords are central to securing the network and, therefore, password management is central to IAM. This section examines the password management tools out there, how best to use them and what to avoid.

Answer

Fixing default credentials issues in Cisco TelePresence

Default credentials trigger a serious vulnerability in Cisco's TelePresence system -- here's what to do about that. Continue Reading

Tip

The pros and cons of password management tools

Learn the key differences between consumer and enterprise password-management products, and where enterprise tools need to improve. Continue Reading

Answer

Synchronizing passwords with iCloud Keychain Security

ICloud Keychain may be able to sync passwords across devices without using iCloud, but does that mean it's secure? Continue Reading

Answer

Avoiding Google Chrome plaintext password problems

Do you understand the vulnerabilities of Google Chrome plaintext passwords? Continue Reading

Answer

Encryption vs. hashing in the wake of a breach

When storing passwords, there's a difference between encryption and hashing that you need to be aware of. Continue Reading

Tip

Diligent security stops password-recovery attacks

Password recovery attacks can be stopped: The key is an aware and diligent user. Continue Reading

3PRIVILEGED USERS-

Privileged users, privilege creep and tools that can manage them

The security breach by Edward Snowden, the NSA employee who stole and released thousands of sensitive documents, has succeeded in making enterprises more aware of the threat of "inside" attacks on their system security. But has awareness led to action? In this module learn about the issue of insider attacks, the danger of so-called privilege creep and ways to manage such security hazards.

News

Fearful of insider threats, companies still lack privileged user controls

A new survey finds a lack of strong privileged-user controls despite the very real threat malicious insiders. Continue Reading

News

Even post-Snowden, privilege-management policies unchanged in most firms

Even after the Snowden affair, one of the biggest insider breaches in history, most enterprises haven't changed their privilege management policies. Continue Reading

Answer

All about SCIM provisioning, identity management

The Simple Cloud identity Management standard is becoming more widespread; learn how your company can assess these technology options. Continue Reading

Tip

How access reviews help stop privilege creep

Employee longevity is great, except when it comes to password security. Learn how to stop the access "creep" inherent when an employee over time changes work roles. Continue Reading

News

Least-privilege principle a struggle for some companies

Everyone talks about the principle of least privileges, but a survey shows many enterprises do nothing about implementing it. Continue Reading

Answer

Consider the least-privilege principle to protect privileged users

Hackers infiltrate and then attempt to move laterally; their ability to do this, though, can be contained by granting privileged users the least privileges possible. Continue Reading

4MOBILE-

Mobile IAM

Once BYOD hit the enterprise, IAM got a whole lot more complicated. In this module learn how to secure identity and access even in a large enterprise where employees bring in multiple personal devices each day. Mobility has changed just about everything in the information security world, and IAM is no exception.

Tip

Securing mobile access in the enterprise

What's the best way to keep mobile access under control in the enterprise? Continue Reading

Tip

How to cope with the IAM challenges of today's extended enterprise

Today enterprise IAM is being challenged by both cloud and distributed computing, but Forrester's Zero Trust model can help. Continue Reading

Answer

How to keep Wi-Fi passwords secure accessed from an Android

If a third party accesses Wi-Fi passwords off an Android mobile device, it could mean disaster for your network, unless you take the right precautions. Continue Reading

Feature

Building an IAM architecture

Managing identity access is a major undertaking no matter what your company's size. This feature offers instruction on creating an identity and access management architecture and explores the five key challenges you're likely to face. Continue Reading

5AD AND LDAP-

Active Directory and LDAP

Active Directory (AD) is a key aspect of IAM. A directory holds user account information and AD is Microsoft's trademarked system to, among other things, authenticate and authorize users and computers by checking submitted passwords and determining whether the person signing on is a regular user or an administrator. The Lightweight Directory Access Protocol (LDAP) is a vendor-neutral industry standard for directories. It's commonly used, for instance, to provide users the ability to conduct a single sign-on -- that is, to input just one password but access many services. This section looks in depth at both AD and LDAP, reviewing recent developments and methods of making these vital services, and related ones, more secure.

News

How severe is the Active Directory security flaw really?

Microsoft downplays the new Active Directory "pass the hash" attack, but could it really be more dangerous than that company is letting on? Continue Reading

News

Active Directory app integration visibility in now in Juniper firewalls

Juniper has upgraded its latest firewall to simplify security management, and it promises more visibility and policy control with applications and identity, too. Continue Reading

Feature

Tips for smoother OpenLDAP configuration

Learn from the pros what to do, and what not to do, when configuring the directory server. Continue Reading

Tip

Learn to do your own Active Directory security audit

Active Directory is essential for provisioning users, but do you know how to securely implement AD itself? Continue Reading

Tip

How to secure naming, directory services for app defense in depth

Learn how to secure LDAP, and how application security teams and infrastructure security teams can work together to secure naming and directory services. Continue Reading

Feature

OpenLDAP configuration gives IT pros headaches

Installing and configuring OpenLDAP can be so frustrating that some IT pros now are questioning its merit. Continue Reading

Tip

Configuring OpenLDAP for Linux

This expert says OpenLDAP is a simple, free and fully functional alternative to Active Directory. Follow his directions steps to configure OpenLDAP on Linux platforms. Continue Reading

6VIDEO -

Experts delve into current IAM issues

Watch these videos for expert insights into the issues affecting IAM today.

Video

Scaling privileged account management can be tough

Even after the Snowden affair, many enterprises are failing to manage carefully the extensive access network administrators have. In this video, Philip Lieberman, of Lieberman Software, explains why infosec pros must have a privileged account management process.

Video

Can FIDO Alliance replace weak passwords? PayPal CISO hopes so

Too many Internet users assign the same password to multiple accounts, ones that contain sensitive and financial information. In this video the CISO of Paypal discusses his hope that the new Fast IDentity Online Alliance will help improve password security.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close