Disruptive technologies of the past several years, including cloud, mobile apps and the internet of things, makes it tougher than ever for infosec pros to ensure efficient and effective use of their company's identity and access management system. This guide covers the fundamentals of IAM systems and IAM-associated issues, including the business concept and technology. It delves into how mobility affects an IAM system and also covers issues like password policy and management, Azure AD and provisioning tools for the enterprise user. It also delves into the now critical issue of privilege creep -- how to recognize it and remedies to stop it. This guide will help infosec pros implement and oversee their identity and access management system.
Basic essentials of IAM systems
IAM is nothing new but it certainly is changing, just as the network too is changing. While always intended to keep the network secure by building controls around who can access it, now a company's identity and access management sytem must also adapt to so many new tech advances, from the cloud to employee-owned devices, not to mention ever-changing, always-complex compliance requirements. In this section, you'll gain a better understanding of the general concept of IAM, and how IAM systems are adapting to technological advances.
A cloud IAM policy is crucial to protecting an organization from external and internal threats. Expert Rob Shapland discusses how to bolster cloud IAM. Continue Reading
Aging identity and access management tools, and technical innovations like the internet of things, make it imperative that you update your enterprise IAM policy now. Here's how. Continue Reading
Single sign-on continues to be the main driver for cloud identity and access management systems, but BYOD and shadow IT bring new challenges for these tools to solve. Continue Reading
To increase security and monitor user access to public cloud resources such as compute and APIs, admins can use federated identity and access management. Continue Reading
Revise your enterprise's IAM strategy for better integration with emerging technologies, such as cloud services and software-defined everything. Expert Johna Till Johnson explains. Continue Reading
Password management and policy in IAM systems
Passwords are central to securing the network and, therefore, password management is central to any identity and access management system. This section examines the password management tools available, how best to use them and what to avoid.
With the large number of password breaches happening, enterprises should look into new methods of protecting their resources. Expert Nick Lewis explains how to reduce user risk. Continue Reading
In the modern business environment, what are the most common access control mistakes and how best are these corrected? Continue Reading
An organisation’s IT security can be compromised if staff do not follow a strict policy of using strong passwords to access internal systems Continue Reading
The FIDO authentication standard could eventually bypass passwords, or at least augment them, as government and industry turns to more effective authentication technologies. Continue Reading
NIST is coming up with new password recommendations for the U.S. government. Expert Michael Cobb covers the most important changes that enterprises should note. Continue Reading
Microsoft is banning weak passwords on many of its services with the Smart Password Lockout feature. Expert Michael Cobb explains how it works, and if it will be beneficial. Continue Reading
The inability for most users to grasp the importance of the password is something that Nick Booth thinks needs to be better addressed Continue Reading
Privileged users, privilege creep and tools that can manage them
Edward Snowden, the NSA employee who stole and released thousands of sensitive documents, undertook a security breach that succeeded in making enterprises more aware of the threat of "inside" attacks on their system security. But has awareness led to action? In this section learn about the issue of insider attacks, the danger of so-called privilege creep and ways to manage such security hazards in general and via an IAM system.
Privilege creep can result in the abuse of user access and security incidents. Expert Michael Cobb explains how enterprises can keep user roles and privileges aligned. Continue Reading
Network administrators typically resist policies for separate accounts when performing different tasks. Expert Michael Cobb explains the risk of privileged access. Continue Reading
Privileged user management is important for enterprises operating on the cloud. Expert Dave Shackleford discusses some best practices to help secure cloud access control. Continue Reading
Handling mobile in an identity and access management system
Once employee-owned mobile devices hit the enterprise, and BYOD became the norm, IAM got a whole lot more complicated. In this section, learn how to secure identity and access even in a large enterprise where employees bring in multiple personal devices each day. Mobility has changed just about everything in the information security world, including the challenges a corporate identity and access management system must face.
Software vendors are increasingly offering admin-facing mobile apps, allowing IT to use their mobile devices to remotely manage users. Take ADManager Plus for Active Directory management, for example. Continue Reading
As mobile biometrics technology becomes increasingly common, it is important for IT to know how to support this kind of authentication and the security vulnerabilities it may still bring. Continue Reading
Mobile workers need to access corporate data, but giving them open access is often easier said than done. Businesses must balance users' wants with mobile data security concerns. Continue Reading
Information is king for today's workers, but it isn't always as easy as it should be to access mobile data. Businesses must also consider mobile data security. Continue Reading
5AD, AZURE AD-
Where AD and Azure AD fit into any IAM system
Active Directory (AD) is a key aspect of any identity and access management system today. A directory holds user account information and AD is Microsoft's trademarked system to, among other things, authenticate and authorize users and computers by checking submitted passwords and determining whether the person signing on is a regular user or an administrator. With the huge increase in dependence on cloud, companies have needed a cloud-based AD. Azure Active Directory (Azure AD) is Microsoft's multi-tenant directory based in cloud that manages identity services. This section of our guide looks in depth at both AD and Azure AD, reviewing recent developments and methods of making these vital services, and related ones, more secure.
Organizations that assign privileged access to certain users can lose track of who has access to what. Privileged user monitoring ensures users comply with corporate policies. Continue Reading
We use AWS Identity and Access Management for cloud security, but aren't sure how roles, permissions and policies differ in a cloud security strategy. How do they protect resources? Continue Reading
Watch as experts delve into current IAM issues
Watch these videos for expert insights into the issues affecting identity and access management systems today.
Your IAM infrastructure should cut through the 'access excess' that is plaguing most companies. Learn how to overcome the challenges posed by migration to cloud and mobility.
Maintaining the security principle of least privilege can prevent abuse of privileged user accounts. Learn about the best practices for monitoring privileged access.