Security Management Strategies for the CIOSecurity Identity and Access Management Security School:
Identity and Access Management Security School
Government regulations and the convenience of federated identities have made identity management and access control a priority for many enterprises. This Security School explores critical topics that can help security practitioners create an effective identity and access management plan. The lesson instructors review which of today's authentication technologies and approaches are the right fit for your organization.
-
Automated provisioning of hardware and Active Directory
Setting up new accounts and provisioning hardware is a tedious task, and even the smallest mistakes have security consequences. In this lesson, find out how to leverage directory services and policies to automate the process. Also, get a glimpse of the current provisioning marketplace.
About the instructor:
Laura E. Hunter is a senior IT specialist with the University of Pennsylvania.Learn more: Automated provisioning of hardware and Active Directory
-
Building an identity and access management architecture
Regardless of your company's size, managing identity can be a huge undertaking that requires the efficient oversight of many moving parts. In this lesson, guest instructor Richard Mackey, principal with consultancy SystemExperts, helps you put together the pieces of an identity and access management architecture. Mackey explores the essentials of identity and access management, from the role of directories to effectively establishing approval workflows. You'll walk away with tips for tackling the five key challenges in managing identities and effective access control strategies.
Learn more: Building an identity and access management architecture
-
Building network security: Evolution and vendor consolidation
Through both vendor consolidation and evolution, security capabilities are increasingly being woven into the network fabric. In this lesson, Mike Rothman, president and principal analyst of Security Incite, will help attendees understand the network/security evolution and how to harness this strategic trend to make better tactical decisions. They'll also learn how the roles and responsibilities of security practitioners must inevitably change and how network access control helps contribute to regulatory compliance efforts.
Learn more: Building network security: Evolution and vendor consolidation
-
Endpoint security protection: Policies for endpoint control
The start- and end-points of today's enterprise networks are radically different than they were 10 years ago. IT staffs no longer have control over every endpoint connecting to the network, leading to a host of problems where access control is weak or nonexistent. In this lesson, guest instructor Ben Rothke, Director of Security Technology Implementation for a large financial services company, provides tactics for endpoint security, policies for controlling endpoints and insight as to where endpoint security technology is headed.
Learn more: Endpoint security protection: Policies for endpoint control
-
Future authentication technologies: How to choose the right product
While strong authentication has been around for years, new regulations such as FFIEC and HSPD-12 are refueling interest in the technology. As a result, many established vendors and young startups are offering a wide range of new authentication products. But how can you determine which technology will best suit your business? Mark Diodati, identity and privacy strategies analyst for Burton Group, outlines the choices and identifies what offerings make sense for an organization's needs.
Learn more: Future authentication technologies: How to choose the right product
-
Identity and Access Management final exam
After you've completed the lessons, take this final exam and assess your knowledge of identity and access management.
-
Secure user authentication: Regulations, implementation and methods
When deploying any authentication option – whether to comply with the FFIEC's two-factor authentication mandate or simply strengthen access controls – businesses need to weigh several factors when deciding the best option. In this lesson, guest instructor Tom Bowers, managing director of Security Constructs LLC, helps you understand the FFIEC's mandate, choose an authentication option for diverse user communities, and solidify an authentication strategy.
Learn more: Secure user authentication: Regulations, implementation and methods
-
The new school of enterprise authentication
CIOs and other corporate executives are pushing IT to pursue more aggressive authentication technologies and tactics to reduce sign-ons, defend against insider abuse and secure enterprise accounts. Luckily, security professionals are now equipped with new types of advanced authentication products and processes that can take on these IAM initiatives. Back by popular demand, Mark Diodati, identity and privacy strategies analyst for Burton Group, in this lesson examines the technologies that cutting-edge organizations use to redefine successful enterprise authentication.
-
Using IAM tools to improve compliance
Provisioning and password management tools can ease complexity, reduce help desk calls and save money. But they can also help with your compliance woes. In this lesson, guest instructor Tom Bowers, managing director of Security Constructs LLC, will show you how. -
VPNs and remote access: Secure deployment, setup and strategies
Virtual private networks can reduce the cost of business communication while extending secure remote access to teleworkers, travelers and mobile professionals. But deploying and managing a secure VPN can be challenging. In this lesson, guest instructor Lisa Phifer, owner of consulting firm Core Competence, teaches you about the latest innovations in VPN technology, IPsec VPN identity and authentication options, and secure VPN deployment strategies.
Learn more: VPNs and remote access: Secure deployment, setup and strategies