Identity and Access Management

Identity and Access Management | News, how-tos, features, reviews, and videos

Admission tickets in an digital network / access / admittance / authorization / authentication
Todd McKinnon, CEO and founder, Okta

human weak link cybersecurity primary

Supply chain attacks show why you should be wary of third-party providers

The weak link in your enterprise security might lie with partners and suppliers. Here’s how to understand and mitigate that risk.

User ID + password / credentials / authentication

FIDO explained: How this industry initiative aims to make passwords obsolete

The FIDO Alliance is an industry association that promotes the use of public-key cryptography to bring strong authentication to the Web.

infographic of cloudscape reflect to modern multicloud technology picture id1262031859 2

How one multicloud-based business manages security controls

AppsFlyer processes 80 terabytes of data a day across multiple cloud hosting services. It scales its security needs by keeping a close eye on identity governance and access controls.

A large 'X' marks a conceptual image of a password amid encrypted data.

Hashing explained: Why it's your best bet to protect stored passwords

Hashing is a cryptographic process that makes it harder for attackers to decrypt stored passwords, if used correctly.

digital fingerprint / binary code

Privacy, data protection regulations clamp down on biometrics use

The highly sensitive nature of biometric data and new regulations aimed to protect it are cause to rethink how it's used for authentication.

adrian ludwig 1200x800px

Inside Atlassian's zero trust implementation

Adrian Ludwig says Atlassian's zero-trust implementation was nearly complete when the pandemic hit. His advice: Define policies to cover all cases first.

open source box open box out of the box empty

Using open source for identity projects: 8 considerations

Consider these eight points to decide whether you can securely use open-source code in your identity management projects.

access management / access control / user connections / identities

7 best practices when selecting a PAM solution

The right PAM solution will enable security and compliance teams to define and enforce robust privileged account policies. So how do you pick the right PAM solution?

One avatar is uniquely identified among others at the center of a bullseye in a digital environment.

New US digital identity legislation promises more secure verification

COVID-19 has exposed the US’s lack of a comprehensive digital identity strategy. If passed, the Improving Digital Identity Act of 2020 will address this need through engagement among federal, state and local governments.

containers

The five best Kubernetes security practices

Everyone is moving to containers for their programs, and to manage them, almost everyone is using Kubernetes. That leads to one big problem: How do you secure Kubernetes itself?

A large 'X' marks a conceptual image of a password amid hexadecimal code.

Is now the time to deploy passwordless options?

Viable options are now available to supplement or eliminate (almost) the need for password authentication. Here are reasons why passwordless might work for you.

A mobile phone with virtual security framework overlay.

What the use of open banking means for identity networks

By connecting identity data from multiple sources through APIs, the open banking concept can help verify identity more reliably and improve the customer experience.

Triangular alert with exclamation mark amid abstract binary and sketches of scattered books.

What is a dictionary attack? And how you can easily stop them

A dictionary attack is a targeted form of brute force attack that runs through lists of common words, phrases, and leaked passwords to gain access to accounts.

security access / authorization / login credentials / username / password / mobile phone

8 steps to protecting login credentials

Follow this advice to help users and network admins to better protect login credentials to corporate systems.

Access control: A laptop displays an 'access granted' alert.

Protect your Windows network from excessive administrator rights

Every developer or user on your network with administrative privileges adds risk of account compromise. Review privileges and take these steps to better manage Windows network access rights.

An obscured password is displayed on a monitor.

5 best practices to secure single sign-on systems

Don't assume that SSO is inherently secure. Follow these recommendations to prevent unauthorized access due to authentication flaws.

access control / authentication / privileges / security / key

Privilege escalation explained: Why these flaws are so valuable to hackers

Attackers use privilege escalation flaws to gain access to systems and applications. Patching and monitoring are the most important ways to stop them.

Binary code data flows through the cracked seal of a vault.

John the Ripper explained: An essential password cracker for your hacker toolkit

One of the oldest password cracking and testing tools, John the Ripper is still an essential pen testing tool.

Load More
You Might Also Like