Identity Management Blog

Because identity and access management (IAM) is what we do, and all we do, we know how important it is for businesses today. In fact, it’s become so pivotal that not having it can be detrimental to an organization. Case in point: bad IAM can ruin lives--quite literally.
Read More
You have read “Do I Need an Identity API” and decided it makes sense to undertake a small, focused, Proof of Concept (POC) effort with an internal customer or business partner that has the developer resources and desire to work with you. So how do you get started?
There is a lot of talk today about the API Economy. The vision of a vast universe of distributed business services that can be knit together on the fly to fulfill a broader business purpose is slowly but surely moving towards reality. In our world, this translates into APIs that can help facilitate Identity and Access Management (IAM) functions. This is the first of a short series of posts that ...
News of the Heartbleed bug has made more headlines than Miley Cyrus this week, which in itself is a good thing, but that's not the silver lining I'm referring to. If you haven't heard about it, Heartbleed is a security vulnerability that exists in OpenSSL versions 1.0.1 through 1.0. Basically, a coding mistake made back in 2012, led to a vulnerability where an attacker could access unencrypted ...
Biometrics are nothing new to the IAM space, yet it seems that security measures like fingerprint readers and retinal scanners were reserved for highly regulated industries, the government and the movies; but all of that is changing. Advancements in consumer technology are changing the way we approach technology. MP3 players existed before the iPod, smart phones existed before the iPhone, tablets ...
A few days ago, a customer asked us if we had a document with Identity and Access Management (IAM) acronyms. This exercise made us collaborate in compiling an updated list of commonly used acronyms, which I felt would make a good contribution to the identirati.
Following my testimony before NHIN earlier this year, I have met a number of visionaries in the healthcare sector who have been deeply involved in tackling some of the hardest and somewhat quixotesque challenges facing true electronic healthcare.
For some time now, we have been talking about identity activity monitoring. I alluded to it in a previous blog post. I will elaborate on it here.
 I am just returning from a week of travel and conference activity, which start for me in Newark, NJ on Monday March 1, from there to Atlanta, GA for the HIMSS Conference 2010 (north of 25,000 attendees), and then on to San Francisco, CA on Wednesday March 3 for the last 2 days of RSA Conference 2010 (about 16,000 attendees), and then back home in NJ on Friday March 5. In all, last week was very ...
First off, I would like to would like to express my sympathy to those affected by the terrible earthquake that hit Chile this past weekend.