Access Control

Access Control news, information, and how-to advice

facial recognition - biometric security identification

Privacy and metrics of testing and staging environments

Why data privacy should be respected throughout testing as well as production.

4 change password

Password managers grow up, target business users

Enterprise-class password managers fill key security gaps left by single sign-on (SSO) and cloud access solutions.


How enterprise security transformed in 2017 and what comes next in 2018

Digital transformation and microservices made up the most impactful trends for the enterprise security industry in 2017, but what will have the biggest impact in 2018?

05 byod

3 options for securing BYOD data

The devices and security measures used throughout an organization play a significant role in enabling safe, efficient remote work. Unfortunately, it can be quite challenging to determine which devices should be granted access to...

facial recognition - biometric security identification

How the private sector can learn from government cybersecurity guidance

The National Institute of Standards and Technology (NIST) has been the voice of consensus and reference material in identity management cybersecurity best practices by outlining the requirements and providing insightful reference...

Department of Defense contractors must implement IT security controls by December 31

Organizations doing business with the U.S. Department of Defense (DOD) must demonstrate their ability meet higher levels IT security for their corporate network and systems by Dec. 31, 2017 or risk losing business.


Redefining perimeter network security: The future is a hybrid

As information pushes further into the cloud, the role of perimeter security is changing. It will become part of a multifaceted solution for network security.

nsa aerial

Top secret government files stored without password protection on Amazon server

Classified U.S. Army and NSA files about an intelligence platform were left exposed on an Amazon S3 server by a contractor.

access computer through your phone skeleton key unlocking

Big picture security

Context and risk aware access control promises to make our industry more likeable.

google logo

Google Advanced Protection Program protects high-risk users from hacks

Google Advanced Protection Program requires physical keys to access a Google account, protects against phishing, and blocks fraudulent.

door locks

Authenticating your customers: the tripartite of consumer authentication

Things to consider when choosing which authentication options to offer in identity systems for wide demographics. How the mix of security, usability, and customer attitude affects that choice.

gundremmingen nuclear power plant

How China got its hand on U.S. nuclear technology materials

Allen Ho infiltrated the U.S. nuclear power program over a period of 20 years and helped advance the Chinese nuclear program.

fingerprint biometric security privacy

Identity data in the world of GDPR

The GDPR says that “The processing of personal data should be designed to serve mankind.“ How CIAM identity systems can help serve some of the privacy requirements of GDPR.

Tablet with lock showing secure encryption

Enhancing API security: dynamic authorization to protect sensitive data

APIs that handle sensitive data pose security and data access control threats, require advanced security solutions. API Gateways effectively manage the authentication of the user and provide service orchestration capabilities. But if...

06 authentication

How to protect your email account from Equifax hackers in 5 minutes

Use two-step verification to protect your email accounts from the Equifax hackers.

business meeting 146783744

Using identity to protect the mobile perimeter

It’s the biggest threat surface and best enforcement point for enterprise security

abandoned ship

Abandoned mobile apps, domain names raise information security risks

When app creators abandon domains for bigger, better deals, what happens to all the app-specific data?

solar eclipse

When identity data eclipses digital identity

Digital identity needs to be redefined as verified identity data. Identity data, using the right tools, can be used to carry out online jobs on behalf of the real me. But the right technology, aka personal data stores, need to be in...

containers port ship boat

Top 5 container mistakes that cause security problems

As enterprises increase their adoption of containers, they are also increasing the number of security mistakes they make with the technology.

europe data privacy rules primary2

Hacking the GDPR

Using anonymization and pseudonymization to reduce the overhead of GDPR compliance.

Load More