Essential Guide

Formulating and managing online identity and access control

Identity and access management keeps getting more complex, what with cloud and mobile devices complicating the network security picture. This guide offers concrete advice on how to stay on top of the IAM environment in your enterprise.


The surge of disruptive technologies like cloud-based systems, mobile apps and BYOD makes identity and access management (IAM) an increasingly difficult and complex task for infosec pros. This guide covers the fundamentals of IAM and associated issues, including the business concept and technology. It delves into how mobility impacts IAM and also covers issues like password policy and management, Active Directory and LDAP security, and provisioning tools for the enterprise user. It also delves into the now critical issue, privilege creep -- how to recognize it and remedies to stop it. This guide will help you plan, implement and manage an effective IAM program in your enterprise.


The basics

Identity and access control is nothing new but it certainly is changing, just as the network too is changing. While always intended to keep the network secure by building controls around who can access it, now IAM must also adapt to new developments, like the cloud, the proliferation of employee mobile devices, software as a service (SaaS), not to mention compliance requirements. In this module, you'll gain an understanding of what IAM is and how the concept in general, and IAM products in particular, have adapted to new technological advances.


New IAM products employ cloud, other technology

Learn about the latest IAM products and how they're incorporating new methods and technologies. Continue Reading


Identity management in the hybrid world

As SaaS and mobile devices become more broadly used, you could lose control of access management. Here's how to achieve better operational consistency and scale. Continue Reading


Taking a broader view of identity governance

IAM has broadened to include the concept of identity governance, the convergence of compliance and identity management, making IAM a much more complex process. Continue Reading


The best identity and access management products out there

Learn which identity and access management products scored with TechTarget readers in 2013. Continue Reading


Password management and policy

Passwords are central to securing the network and, therefore, password management is central to IAM. This section examines the password management tools out there, how best to use them and what to avoid.


Fixing default credentials issues in Cisco TelePresence

Default credentials trigger a serious vulnerability in Cisco's TelePresence system -- here's what to do about that. Continue Reading


The pros and cons of password management tools

Learn the key differences between consumer and enterprise password-management products, and where enterprise tools need to improve. Continue Reading


Synchronizing passwords with iCloud Keychain Security

ICloud Keychain may be able to sync passwords across devices without using iCloud, but does that mean it's secure? Continue Reading


Avoiding Google Chrome plaintext password problems

Do you understand the vulnerabilities of Google Chrome plaintext passwords? Continue Reading


Encryption vs. hashing in the wake of a breach

When storing passwords, there's a difference between encryption and hashing that you need to be aware of. Continue Reading


Diligent security stops password-recovery attacks

Password recovery attacks can be stopped: The key is an aware and diligent user. Continue Reading


Privileged users, privilege creep and tools that can manage them

The security breach by Edward Snowden, the NSA employee who stole and released thousands of sensitive documents, has succeeded in making enterprises more aware of the threat of "inside" attacks on their system security. But has awareness led to action? In this module learn about the issue of insider attacks, the danger of so-called privilege creep and ways to manage such security hazards.


Fearful of insider threats, companies still lack privileged user controls

A new survey finds a lack of strong privileged-user controls despite the very real threat malicious insiders. Continue Reading


Even post-Snowden, privilege-management policies unchanged in most firms

Even after the Snowden affair, one of the biggest insider breaches in history, most enterprises haven't changed their privilege management policies. Continue Reading


All about SCIM provisioning, identity management

The Simple Cloud identity Management standard is becoming more widespread; learn how your company can assess these technology options. Continue Reading


How access reviews help stop privilege creep

Employee longevity is great, except when it comes to password security. Learn how to stop the access "creep" inherent when an employee over time changes work roles. Continue Reading


Least-privilege principle a struggle for some companies

Everyone talks about the principle of least privileges, but a survey shows many enterprises do nothing about implementing it. Continue Reading


Consider the least-privilege principle to protect privileged users

Hackers infiltrate and then attempt to move laterally; their ability to do this, though, can be contained by granting privileged users the least privileges possible. Continue Reading


Mobile IAM

Once BYOD hit the enterprise, IAM got a whole lot more complicated. In this module learn how to secure identity and access even in a large enterprise where employees bring in multiple personal devices each day. Mobility has changed just about everything in the information security world, and IAM is no exception.


Securing mobile access in the enterprise

What's the best way to keep mobile access under control in the enterprise? Continue Reading


How to cope with the IAM challenges of today's extended enterprise

Today enterprise IAM is being challenged by both cloud and distributed computing, but Forrester's Zero Trust model can help. Continue Reading


How to keep Wi-Fi passwords secure accessed from an Android

If a third party accesses Wi-Fi passwords off an Android mobile device, it could mean disaster for your network, unless you take the right precautions. Continue Reading


Building an IAM architecture

Managing identity access is a major undertaking no matter what your company's size. This feature offers instruction on creating an identity and access management architecture and explores the five key challenges you're likely to face. Continue Reading


Active Directory and LDAP

Active Directory (AD) is a key aspect of IAM. A directory holds user account information and AD is Microsoft's trademarked system to, among other things, authenticate and authorize users and computers by checking submitted passwords and determining whether the person signing on is a regular user or an administrator. The Lightweight Directory Access Protocol (LDAP) is a vendor-neutral industry standard for directories. It's commonly used, for instance, to provide users the ability to conduct a single sign-on -- that is, to input just one password but access many services. This section looks in depth at both AD and LDAP, reviewing recent developments and methods of making these vital services, and related ones, more secure.


How severe is the Active Directory security flaw really?

Microsoft downplays the new Active Directory "pass the hash" attack, but could it really be more dangerous than that company is letting on? Continue Reading


Active Directory app integration visibility in now in Juniper firewalls

Juniper has upgraded its latest firewall to simplify security management, and it promises more visibility and policy control with applications and identity, too. Continue Reading


Tips for smoother OpenLDAP configuration

Learn from the pros what to do, and what not to do, when configuring the directory server. Continue Reading


Learn to do your own Active Directory security audit

Active Directory is essential for provisioning users, but do you know how to securely implement AD itself? Continue Reading


How to secure naming, directory services for app defense in depth

Learn how to secure LDAP, and how application security teams and infrastructure security teams can work together to secure naming and directory services. Continue Reading


OpenLDAP configuration gives IT pros headaches

Installing and configuring OpenLDAP can be so frustrating that some IT pros now are questioning its merit. Continue Reading


Configuring OpenLDAP for Linux

This expert says OpenLDAP is a simple, free and fully functional alternative to Active Directory. Follow his directions steps to configure OpenLDAP on Linux platforms. Continue Reading


Experts delve into current IAM issues

Watch these videos for expert insights into the issues affecting IAM today.


Scaling privileged account management can be tough

Even after the Snowden affair, many enterprises are failing to manage carefully the extensive access network administrators have. In this video, Philip Lieberman, of Lieberman Software, explains why infosec pros must have a privileged account management process.


Can FIDO Alliance replace weak passwords? PayPal CISO hopes so

Too many Internet users assign the same password to multiple accounts, ones that contain sensitive and financial information. In this video the CISO of Paypal discusses his hope that the new Fast IDentity Online Alliance will help improve password security.