The Hub

Granting access to a user is an exercise in trust. This is why information security best practices preach following the principle of “least privilege” to mitigate the risk of trusting a user. But even when we give a user exactly and only the right privileges to do their jobs, we are still trusting them with those privileges and expecting them to use them for the right things. An important part of trusting a user has been to determine whether that trust has been misplaced. Traditionally, this determination has been carried about by logging user behavior and aggregating it for consumption by ...
Read More
I’m on the road again, sitting in a club lounge at O’Hare airport. It’s another typical Tuesday late morning with a decent number of people busy typing (or in some case hunting and pecking) through emails. With that setting here is a recap of a scenario that has just played out just a few feet from me:
I’ve always heard that no two snowflakes are exactly alike. I don’t know if this is true, but I’m willing to accept it as a fact. No two clients are identical; they all have different IAM needs, target systems, processes and procedures. No two IAM implementations will ever be alike, but if we consider this situation with an open mind we will see that in the early stages of an IAM implementation ...
Pokemon Go has taken the world by storm.  There are currently more Pokemon Go users than Twitter users in America. Pokemon Go has been out in the U.S. for 7 days. Let that sink in for a second. It took 7 days for an application to have more users than Twitter in America.  As big an event as it is, the launch has been troubled by numerous issues. Two of the most prominent are:
Since its inception, Identropy has had a love affair with innovation. We’ve always encouraged Identropians to challenge why things are done in a specific way, and to tinker with new tech to find smart ways to tackle hard problems. That has served us well, and has resulted in many successes (and many failures as well!) in the IAM field, including the development of the industry's first Managed IAM ...
It’s been shown that the security baseline of yesteryear is far from sufficient; in fact, even the binary identity and access management (IAM) approach fails to provide the proper level of security to protect important data.
When you think of companies being hacked, which are some of the first that come to mind that are most vulnerable to hacker attacks? We may be quick to point the finger at big corporations, but it’s not just them that are being targeted--small companies are just as viable to hackers, or “the bad guys.” This should come as no surprise. Last year’s Duke University/CFO Magazine Global Business ...
The stuff of nightmares is no longer the boogeyman or Bloody Mary--it’s mutated into hackers, thieves and crooks. An article from theguardian shows how a known hack dated back to 2014 is still very much in motion. All they need is your phone number, and nothing else. Regardless of carrier, with no remedy besides turning your phone off, this hack uses Signaling System No. 7 (SS7), a network ...
Everyone loves a game of Monopoly, right? That is, unless the odds are turned against you, and suddenly your nemesis has acquired Boardwalk and all the Railroads after 5+ hours of gameplay. It’s happened all too often. It’s difficult to turn the game in your favor when this occurs--mainly because having the right strategy and gameplan, and being able to deal with chance, is the linchpin to ...
Because identity and access management (IAM) is what we do, and all we do, we know how important it is for businesses today. In fact, it’s become so pivotal that not having it can be detrimental to an organization. Case in point: bad IAM can ruin lives--quite literally.