Blog posts by guest authors

Women in Identity (WID) is a global organization with a vision to develop identity solutions for everyone by everyone. It was founded in 2018 by a handful of women and has grown to more than 2000 members in 32 countries. We believe that diverse teams create better solutions, and each of us works with the identity industry to achieve this. Thanks to the KuppingerCole team who has supported WID from the beginning, we are able to host a WID Get-Together at EIC 2022 on May 12 from 16:30-17:30 followed by a track. The local WID DACH team has been working hard to put together an interesting...

Among the longstanding challenges that information security leaders have grappled with for years, one stands out: the difficulty of balancing user experience and security. The traditional tug-of-war between ease of access to business-critical applications and resources and robust protection from hackers has never been easy. Until now. The unprecedented demands that the COVID-19 pandemic have placed on IT and security teams have tested their flexibility, inventiveness and resolve. But they’ve also had a silver lining. Across industries — particularly in those that are...

Organizations around the world have been rapidly modernizing their access management infrastructures in response to increased cyber-attacks and data breaches, enactment of security and privacy regulations, and a shift to remote working. Access management modernization is quick shift away from insecure passwords, which time and again facilitate criminals to gain access to corporate networks and data. A recent survey on the Psychology of Passwords found that 59% of the respondents use the same password repeatedly, at home and in the office. The main reason behind this dangerous trend is...

When thinking about the C-suite’s priorities, people tend to focus on growth, security, digital transformation or, more recently, keeping a remote workforce running. All of these aspects are important to keep the business profitable, remain at the forefront of innovation, maintain shareholder satisfaction and ensure that employees are safe, equipped and content. Yet, there is something that underpins every one of these priorities: digital trust. And without it, every area of the business would cease to function. Digital trust is a concept no business leader can ignore today. With...

There is no single right way to do cloud-based identity and access management (IAM) services. Not only is every organization at a different place in their journey, but each will prioritize cloud benefits differently. Therefore, no matter where you are on your cloud journey, modular and integrated solutions can strengthen your identity security, help you achieve governance and a Zero Trust model, and get compliant. The cloud comes with great opportunities as well as significant dangers. When including it in your IGA strategy (of which it should be a critical element), keep identity...

The Ugly Face of Yesterday’s CIAM We all have multiple different personas. But before we put on our hats as identity “experts” -  either as architects, implementers or vendors - let us start by simply being consumers.  Consumers of online services for banking, e-commerce, education, entertainment, and more.  And by thinking as consumers, we can all tell endless stories of poor user experiences with respect to using those services. Those poor user experiences are essentially putting an invisible barrier to entry to the applications and goods we wanted to...

Zero trust and IAM from the cloud as the foundation of hybrid IT must be simple Most companies today rely on a hybrid IT infrastructure: Existing on-premise solutions are extended with flexible best-of-breed SaaS solutions. This improves flexibility and agility, but also increases the scope for cyber attacks due to the growing number of digital identities. For example, the Verizon Data Breach Investigation Report 2020 showed that attack patterns that target end-users - such as phishing and the use of stolen credentials - lead the attack rankings again. With obvious numerical sequences...

For today’s companies, IT service management is more than IT support. ITSM is about working behind the scenes to help employees to do the work that drives your business – providing a one-stop shop for service needs, upgrades, improvements, and asset management. If IGA doesn’t play a critical role in your ITSM strategy, it should. We frequently hear from customers who are looking to better align IGA and ITSM, and our conversations with the analyst firm KuppingerCole often focus on this topic as well. Simply put, it just makes sense to marry IGA and ITSM....

Symantec Enterprise: With more informed decisions comes more automated security. In today’s Zero Trust world, where the principle of least privilege is ubiquitous, enterprises are struggling to balance security while simultaneously enabling a highly agile business environment. There has always been friction with security and making highly specific security decisions quickly and efficiently contributes to this. Moreover, decision-making in enterprises exists on a spectrum from completely manual to completely automated. Regardless of where your organization resides on this scale,...

Even before COVID-19 entered our lexicon, privileged access management (PAM) was widely recognized as a foundational cybersecurity technology . In recent years, almost every cyberattack has involved compromised or misused privileges/privileged credentials. Most malware needs privileges to execute and install payload. Once a threat actor has infiltrated an IT network, privileges are typically needed to access resources or compromise additional identities. With privileged credentials and access obtained, a threat actor or piece of malware essentially becomes a malicious...