Get started
Bring yourself up to speed with our introductory content.
Privileged access management
Advanced cybersecurity fraud and how to fight it
Cybersecurity fraud's roots run deep, with fraudsters forever after the same thing: tricking others out of their valuable assets. Learn how to keep defenses high. Continue Reading
New tech steers identity and access management evolution
IAM is evolving to incorporate new technologies -- like cloud-based services and containerization -- promising more secure, granular management of access to company IT assets. Continue Reading
Words to go: Identity and access management security
IT pros must keep up to date with rapidly changing identity technology and access threats. Help protect IAM security by getting familiar with this list of foundation terms. Continue Reading
-
privilege creep
Privilege creep is the gradual accumulation of access rights beyond what an individual needs to do his job. In IT, a privilege is an identified right that a particular end user has to a particular system resource, such as a file folder. Continue Reading
How to find an MSP to protect you from outsourcing IT risks
Check out what questions to ask MSPs to make sure they have the right security systems in place to protect your organization against outsourcing IT risks. Continue Reading
identity and access management (IAM)
Identity and access management (IAM) is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities.Continue Reading
role-based access control (RBAC)
Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise.Continue Reading
access control
Access control is a security technique that regulates who or what can view or use resources in a computing environment.Continue Reading
Advances in access governance strategy and technology
Recent advances in IAM policy, strategy and technology are raising companies' ability authenticate identities and manage access to their systems and data.Continue Reading
federated identity management
Federated identity management (FIM) is an arrangement that can be made between multiple enterprises to let subscribers use the same identification data to obtain access to the networks of all the enterprises in the group.Continue Reading
-
CISSP Domain 5: Cloud identity management and access control
From cloud identity and access management to physical access control, this study guide will help you review key concepts from Domain 5 of the CISSP exam.Continue Reading
principle of least privilege (POLP)
The principle of least privilege (POLP), an important concept in computer security, is the practice of limiting access rights for users to the bare minimum permissions they need to perform their work.Continue Reading
Biometrics and beyond: Online authentication techniques get personal
Biometrics and behavioral analysis is taking hold as security pros search for authentication tools to thwart increasingly aggressive and innovative hacking attacks.Continue Reading
Managing access to keep privileged users' credentials secure
Privilege creep is a constant threat. It's why privileged user management must be part of any comprehensive security plan and always at the top of an infosec pro's to-do list.Continue Reading
Test your privileged user management knowledge
Test your proficiency in privileged user management. Take this quiz to determine your ability to keep privileged access secure across your organization.Continue Reading
IAM strategy: Update to work with new technologies
Your organization needs to make decisions about its IAM strategy in order to keep up with the new technologies its deploying. Steps to take begin at the policy level.Continue Reading
How IAM can address unstructured content security risks
The amount of enterprise unstructured content is growing every year. Expert Sean Martin explains why IAM is an important component of unstructured data management and security.Continue Reading
bimodal IAM (bimodal identity access management)
Bimodal identity and access management (IAM) uses two forms of credentials, internal and external, as a method of authentication.Continue Reading
Which is safer: an HSM appliance or a virtual appliance?
A self-managed HSM appliance may be the safer external key management system to use with your organization's encryption keys. Here's why.Continue Reading
identity governance
Identity governance is the policy-based centralized orchestration of user identity management and access control.Continue Reading
A broader definition of identity governance
The definition of identity governance has evolved to include a tool that could prove challenging for enterprises to implement.Continue Reading
Exploring logical, physical access control systems integration
Is it smart for infosec teams to push for integration of logical and physical access control systems? Learn how to make the case and where to start.Continue Reading
BYOI (bring your own identity)
BYOI (bring your own identity) is an approach to digital authentication in which an end user's username and password is managed by a third party such as Facebook, Twitter, LinkedIn, Google+ or Amazon.Continue Reading
mandatory access control (MAC)
Mandatory access control (MAC) is a system-controlled policy restricting access to resource objects (such as data files, devices, systems, etc.) based on the level of authorization or clearance of the accessing entity, be it person, process, or ...Continue Reading
authentication, authorization, and accounting (AAA)
Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.Continue Reading
user account provisioning
User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system. To be effective, an account provisioning process should ensure that the creation of accounts and provisioning of...Continue Reading
role mining
Role mining is the process of analyzing user-to-resource mapping data to determine or modify user permissions for role-based access control (RBAC) in an enterprise... (Continued)Continue Reading
user profile
In a Windows environment, a user profile is a record of user-specific data that define the user's working environment.Continue Reading
RADIUS (Remote Authentication Dial-In User Service)
Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or ...Continue Reading
logon (or login)
In general computer usage, logon is the procedure used to get access to an operating system or application, usually in a remote computer.Continue Reading
AAA server (authentication, authorization, and accounting)
An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization, and accounting (AAA) services.Continue Reading
password synchronization
Password synchronization is an authentication process that coordinates user passwords across various computers and computing devices so a user only has to remember a single password instead of multiple passwords for different machines or devices.Continue Reading
An introduction to Active Directory Federation Services
Brien M. Posey discusses key features of Microsofts's Active Directory Federation Services and how it works.Continue Reading
Password pain relief
Passwords have long been the bane of both users' and IT's existence. They have been a nuisance for your employees to remember and your help desk to deal with. However, up-and-coming options are ready to help relieve you of the headache.
In ...Continue Reading