Access your Pro+ Content below.
Is your identity management up to the task?
This article is part of the Information Security issue of August 2019, Vol. 20, No. 3
Hackers seeking a way into enterprise IT networks continue to target what is typically the weakest link in the cybersecurity chain: end users. This has made identity management capabilities a pillar of modern companies' cybersecurity strategy, as the ability to restrict access to legitimate users based on digital identities has become essential to protecting systems and data. An identity management frameworks help enterprises control user access to critical information. Administrators can regulate individual access to systems, networks and data based on the users' role in the enterprise. The goal is to keep vulnerable information, applications and resources safe by only allowing those with appropriate administrative duties access to them. It is vital that company leaders remember the management part, however. The mobile workforce, cloud computing and IoT continue to disrupt businesses' IT processes. More devices and services require the development of increasingly complex frameworks outlining specific access privileges ...
Features in this issue
IAM is evolving to incorporate new technologies -- like cloud-based services and containerization -- promising more secure, granular management of access to company IT assets.
IoT's vast vendor landscape drives innovation, but working with so many third parties also comes with baggage in the form of third-party cybersecurity issues.
Whatever an organization's culture, effective use of a security framework requires understanding business goals and program metrics, and demands leadership communication.
News in this issue
IAM is an organization's best defense for its weakest link, end users. Make sure you're following the right framework and keeping your tools honed and ready for battle.
Columns in this issue
For boards of directors to meet their business goals, CISOs need a seat at the table. Through her initiative BoardSuited, Joyce Brocaglia aims to pave the way.
The most critical skills that cybersecurity lacks -- like leadership buy-in, people skills and the ability to communicate -- are not the ones you hear about. That needs to change.