Randall Gamby is the information security officer for the Medicaid Information Service Center of New York (MISCNY). MISCNY manages and maintains the largest state-run Medicaid claims data warehouse in the United States. Prior to this position he was the enterprise security architect for a Fortune 500 insurance and finance company. His experience also includes many years as an analyst for the Burton Group's Security and Risk Management Services group. His coverage areas included: secure messaging, security infrastructure, identity and access management, security policies and procedures, credential services, and regulatory compliance.
Prior to joining Burton Group, Randall was a senior consultant and infrastructure designer for Fortune 500 companies, global organizations, and federal governments developing integrated systems for enterprise, national and worldwide deployments. With 20 years of experience, Randall is a founding participant in OSI communications development and was a representative for McDonnell Douglas Corporation (now Boeing Aerospace) in the Aerospace Industries Association, which worked for standardized interoperation between aerospace organizations and the U.S. government.
Randall recently rejoined SearchSecurity.com's Ask the Experts panel, and is ready to answer your questions!
Read all of Randall's responses on enterprise identity and access management.
Contributions from Randall Gamby, Enterprise IAM
- Enterprise mobile access: Considerations for two-factor mobile authentication
- Enterprise user de-provisioning best practices: How to efficiently revoke access
- Minimum password length best practices: Are 14-character passwords necessary?
- Exchange Server administration policy: Managing privileged user access
- Privileged account policy: Securely managing privileged accounts
- Credential validation for an enterprise password storage vault
- Detecting and blocking suspicious logins, unusual login activity in the enterprise
- How to use an automated user provisioning system for access control
- The pros and cons of deploying OpenLDAP: Windows and Unix
- Perform a Windows Active Directory security configuration assessment
- Alternatives to password-reset questions tackle social networking cons
- How does DNA cryptography relate to company information security?
- Can DHCP management tools be used to manage user account permissions?
- What to include in a remote access audit
- Will biometric authentication devices integrate with in-house software?
- How to set up Apache Web server access control
- How to perform an Active Directory security audit
- OpenLDAP migration: OpenLDAP from an Active Directory schema
- The pros and cons of automated user provisioning software
- Identity management SSO security: Hardening single sign-on systems