Identity and access management

Identity is often considered the perimeter in infosec, especially as traditional enterprise perimeters dissolve. Identity and access management is critical to maintain data security. From passwords to multifactor authentication, SSO to biometrics, get the latest advice on IAM here.

June 23, 2022 23 Jun'22
Access management issues may create security holes

Employees who aren't credentialed to access corporate systems to do their jobs find ways around the red tape that could lead to security breaches.
June 15, 2022 15 Jun'22
Microsoft takes months to fix critical Azure Synapse bug

Orca Security discovered that inadequate tenant separation in Microsoft's Azure Synapse service could allow a threat actor to steal credentials from thousands of customers.
June 08, 2022 08 Jun'22
SANS lists bad backups, cloud abuse as top cyberthreats

A panel of experts from the SANS Institute took the stage at RSA Conference 2022 to weigh in on some of the biggest threats and risks facing security teams.
June 07, 2022 07 Jun'22
Microsoft details zero-trust transition, challenges

Over the past three years, Microsoft has moved to a zero-trust framework. Security engineers outlined the transition and its challenges during a session at RSA Conference 2022.

Bring yourself up to speed with our introductory content

X.509 certificate

An X.509 certificate is a digital certificate that uses the widely accepted international X.509 public key infrastructure (PKI) standard to verify that a public key belongs to the user, computer or service identity contained within the certificate. Continue Reading
acceptable use policy (AUP)

An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to a corporate network, the internet or other resources. Continue Reading
3 types of PKI certificates and their use cases

Public key infrastructure helps authenticate senders via cryptography and digital certificates. Learn about three types of PKI certificates and their use cases. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Apple, Microsoft, Google expand FIDO2 passwordless support

Achieving true passwordless experiences begins with companies working together to adopt standards that enable customers to use multiple devices seamlessly, regardless of OS. Continue Reading
How secure are one-time passwords from attacks?

Adding an additional authentication layer makes it harder for attackers to get into accounts, but not all authentication factors are equal -- especially when it comes to OTPs. Continue Reading
Top 3 Web3 security and business risks

The third iteration of the internet is quickly coming to fruition. With Web3 comes an evolution in business risks, however, as well as susceptibility to traditional risks. Continue Reading

Learn to apply best practices and optimize your operations.

How to fit customer experience security into your strategy

Most organizations overlook security in their CX strategies. However, with collaboration, personalization, CIAM controls and more, organizations can offer a secure and positive CX. Continue Reading
Are 14-character minimum-length passwords secure enough?

When it comes to minimum password length, 14-character passwords are generally considered secure, but they may not be enough to keep your enterprise safe. Continue Reading
Improve Azure storage security with access control tutorial

These step-by-step guidelines detail how to grant limited access in Microsoft Azure storage. This best practice helps keep storage secure from internal and external threats. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Use a decentralized identity framework to reduce enterprise risk

To reduce the risk of identity theft for customers, partners and employees, companies should look at integrating a decentralized identity framework into existing infrastructure. Continue Reading
6 persistent enterprise authentication security issues

Some authentication factors are considered more secure than others but still come with potential drawbacks. Learn about the most common enterprise authentication security issues. Continue Reading
In biometrics, security concerns span technical, legal and ethical

Biometrics are increasingly being used for enterprise security, but they are not without technical, legal and ethical concerns, which teams must address before deployment. Continue Reading