Blog posts by guest authors

The Ugly Face of Yesterday’s CIAM We all have multiple different personas. But before we put on our hats as identity “experts” -  either as architects, implementers or vendors - let us start by simply being consumers.  Consumers of online services for banking, e-commerce, education, entertainment, and more.  And by thinking as consumers, we can all tell endless stories of poor user experiences with respect to using those services. Those poor user experiences are essentially putting an invisible barrier to entry to the applications and goods we wanted to...

Zero trust and IAM from the cloud as the foundation of hybrid IT must be simple Most companies today rely on a hybrid IT infrastructure: Existing on-premise solutions are extended with flexible best-of-breed SaaS solutions. This improves flexibility and agility, but also increases the scope for cyber attacks due to the growing number of digital identities. For example, the Verizon Data Breach Investigation Report 2020 showed that attack patterns that target end-users - such as phishing and the use of stolen credentials - lead the attack rankings again. With obvious numerical sequences...

For today’s companies, IT service management is more than IT support. ITSM is about working behind the scenes to help employees to do the work that drives your business – providing a one-stop shop for service needs, upgrades, improvements, and asset management. If IGA doesn’t play a critical role in your ITSM strategy, it should. We frequently hear from customers who are looking to better align IGA and ITSM, and our conversations with the analyst firm KuppingerCole often focus on this topic as well. Simply put, it just makes sense to marry IGA and ITSM....

Symantec Enterprise: With more informed decisions comes more automated security. In today’s Zero Trust world, where the principle of least privilege is ubiquitous, enterprises are struggling to balance security while simultaneously enabling a highly agile business environment. There has always been friction with security and making highly specific security decisions quickly and efficiently contributes to this. Moreover, decision-making in enterprises exists on a spectrum from completely manual to completely automated. Regardless of where your organization resides on this scale,...

Even before COVID-19 entered our lexicon, privileged access management (PAM) was widely recognized as a foundational cybersecurity technology . In recent years, almost every cyberattack has involved compromised or misused privileges/privileged credentials. Most malware needs privileges to execute and install payload. Once a threat actor has infiltrated an IT network, privileges are typically needed to access resources or compromise additional identities. With privileged credentials and access obtained, a threat actor or piece of malware essentially becomes a malicious...

Privileged Access Management (PAM) software comes in many forms. Some are heavy with software components (the thick client model) while others are leaner (the thin client model). Since we at SSH.COM are firm believers in the thin client model, I wanted to present five solid reasons why this is the case. 1. No constant cycle of installing, patching and configuring agents Thick clients require that you have to install agents on the client - and usually on the server as well. Moreover, you need to ensure that those agents are always up-to-date, patched and compatible with the...

Before there were PAM solutions everyone was given access to privileged accounts with little regard or control as to who had access to them, when they had access and what they did with that access. As security breaches started to rise and compliance regulations were written it was obvious that manual processes and home-grown approaches to manage privileged access weren't enough to secure your organization. First PAM solutions solved issues but were too inflexible That's when privileged management solutions popped up in the market. There were solutions for password management and...

When it’s “business as usual”, it seems strange to think about disruptions and disasters. With competing priorities and the pressure of everyday demands, planning for worst-case scenarios can feel alarmist and macabre. But as anyone experienced in disaster preparedness will tell you, the best time to prepare for unexpected disruptions to your business is before they happen. And in today’s digital workplace, the ability to support remote employees and ensure secure access to work resources is an essential component of a business continuity plan. Why a business...

To maintain competitive advantage, digital transformation is no longer a choice – it’s an imperative. The rapid shift to the cloud and as-a-service models has enabled organizations to offer more digital services and applications across a wider range of devices for their workforce and customers. In this increasingly connected world, managing digital identities and access in a secure and adaptable way is critical and needs to play an important role in your business strategy. Implementing identity services piecemeal every time you roll out a new digital service is expensive,...

Data, a massive amount of data, seems to be the holy grail in building more sophisticated AI’s, creating human-like chatbots and selling more products. But is more data actually better? With GDPR significantly limiting the way we generate intelligence through collecting personally identifiable data, what is next? How can we create a specific understanding of our customers to exceed their expectations and needs with less data? Many of us collect anything we can get our hands on from personal information, behavioral data, to “soft” data that one might run through a...