Identity Management Blog

How Can Machine Learning and Identity Management Contribute to your Cyber Security Program?
Read More
As we enter the age of biometric security, previously impossible feats are now child’s play. Security measures began with a passcode, then progressed to a fingerprint scanner, and, most recently, an iris scanner on the Galaxy Note 7. All of these efforts were to thwart both hackers and attackers from accessing sensitive business information and data. A recent roll-out by Mastercard has shown next ...
When working with passwords, many times people in the industry use the terms encryption, passwords, hashing and encoding interchangeably--but in reality, they are quite different. There's a time and a place to use each. 
SailPoint’s 2016 Market Pulse survey, conducted by Vanson Bourne, has shown startling results in terms of weak security practices and poor password hygiene.  Of the 1,000 survey respondents, who spanned across the globe from a variety of industries, 1 in 5 would sell their passwords to a third-party organization and a staggering 44% would do it for less than $1,000.
What could we be talking about with a headline as salacious as that? The answer of course is P@$$w0rds! I think it is always a healthy exercise to go back to the basics. I wanted to review some of the best practices for password management.  Consider queuing up a communication to your user base on best practices for selecting and managing their passwords.
We have all had to answer security questions for online banking, email, social media websites and the like. “What was your first pet’s name?” “What was the name of your best friend in the 1st grade?” “What is your favorite flavor of ice cream?” But what is the true purpose of these questions? When users need to reset their password, we have to rely on other methods to verify they are who they say ...
News of the Heartbleed bug has made more headlines than Miley Cyrus this week, which in itself is a good thing, but that's not the silver lining I'm referring to. If you haven't heard about it, Heartbleed is a security vulnerability that exists in OpenSSL versions 1.0.1 through 1.0. Basically, a coding mistake made back in 2012, led to a vulnerability where an attacker could access unencrypted ...
"It's a mystery. Broken into a jigsaw puzzle. Wrapped in a conundrum. Hidden in a Chinese box. A riddle." - The Riddler, The Long Halloween
Wired has the kind of article that will make all of us leading highly digitized lives (is that the right term?) wake up in a cold sweat. While the title - How Apple and Amazon Security Flaws Led to My Epic Hacking - may strike many as sensationalist, the article does a good job of showing just how the rappel ropes of our digital lives have mushroomed into a beast that we can't manage or hardly ...