Identity Management Blog

Anyone following me on Twitter is well aware of my stance on AddressBookGate. While the tech world's initial outrage was being directed at Path, I felt that a more balanced conversation would also lay some culpability at the feet of Apple and other API platforms that were exposing data to applications like Path without any controls in the first place.
Read More
I was recently asked to comment on the top 5 ways to protect yourself (as an individual) when using the cloud. Obviously I brought a very identity-centric slant to it, but it was an interesting exercise as I tried to put down on paper (!) the steps I take to protect myself daily. I thought it would be worthwhile to share what I put together with the broader community, and get your take on ...
It was an interesting weekend, to say the least. I've never had to prepare for a hurricane before, so going through the exercise was a revelation in so many ways. You discover what you consider really "valuable" (like when I actually packed my external hard drive that has 10 years worth of digital images and home videos alongside our passports and insurance policies, despite it being backed up ...
Last week, I attended ArcSight’s Protect 10 User Conference, and just like last year, it was an exciting and informative event.  Without a doubt, HP’s acquisition of ArcSight brought more excitement to this event this year.
The recent acquisition of ArcSight by HP for $1.5B announced this past Monday inspired me to write this blog article (writer’s block is a thing of the past with all of these announcements).  It is exciting to see all of this activity in the information security industry, particularly after an intense prior week in the strong authentication arena.
After reading very interesting posts by Earl Perkins at Gartner, an article from Deloitte on financial institutions making Identity and Access Management (IAM) their #1 priority, and my friend Nishant Kaushik's recent series on Federated Provisioning and the Cloud, which is brilliant and thought provoking (nicely done Nishant); I felt compelled to chime in.
For some time now, we have been talking about identity activity monitoring. I alluded to it in a previous blog post. I will elaborate on it here.
First off, I would like to would like to express my sympathy to those affected by the terrible earthquake that hit Chile this past weekend.
In part 1 of this 2-part piece I introduced and defined some of the terms relating to identity assurance. In this last piece I intend to illustrate identity assurance's intersection with real-life through some examples.
In this 2-part article, I hope to explain the importance of identity assurance in everyday life. I will first level set on terms and definitions in part 1, and then illustrate with real-life examples in part 2.