Identity and access management

Identity is often considered the perimeter in infosec, especially as traditional enterprise perimeters dissolve. Identity and access management is critical to maintain data security. From passwords to multifactor authentication, SSO to biometrics, get the latest advice on IAM here.

August 10, 2022 10 Aug'22
Ermetic addresses IAM weaknesses in multi-cloud environments

Researchers at the cloud security vendor discussed the importance of understanding the different identity and access management features among the major cloud providers.
August 03, 2022 03 Aug'22
Amazon CSO Steve Schmidt preaches fungible resources, MFA

In a Q&A with SearchSecurity, Amazon CSO Steve Schmidt discusses his time as head of AWS security and shifts the cloud provider made to improve its posture, as well as customers'.
August 03, 2022 03 Aug'22
Thoma Bravo to acquire Ping Identity for $2.8B

Thoma Bravo's bid is expected to close in the fourth quarter of 2022. Ping Identity's purchase price represents a 63% premium over the vendor's closing price Tuesday.
July 26, 2022 26 Jul'22
AWS issues MFA call to action at re:Inforce 2022

To reduce growing attack surfaces in the cloud, AWS executives emphasized the importance of implementing MFA to protect accounts and blocking public access to cloud resources.

Bring yourself up to speed with our introductory content

segregation of duties (SoD)

Segregation of duties (SoD) is an internal control designed to prevent error and fraud by ensuring that at least two individuals are responsible for the separate parts of any task. Continue Reading
random numbers

As the term suggests, a random number is a number chosen by chance -- i.e., randomly, from a set of numbers. Continue Reading
SSH2 vs. SSH1 and why SSH versions still matter

The Secure Shell protocol, SSH, was redesigned and released as SSH2 in 2006. While SSH1 lingers for legacy uses, find out how the protocols differ and why it's important. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Why 2023 is the year of passwordless authentication

Passwords may soon be relegated to the past thanks to IAM vendors' efforts to create passwordless login options. Here's why 2023 should be the year of passwordless authentication. Continue Reading
What is data security? The ultimate guide

Dig into the essentials of data security, from must-have tools, technologies and processes to best practices for keeping data safe. Continue Reading
Passkey vs. password: What is the difference?

Companies are turning to passkeys as a secure login for consumers. Passkeys make it more difficult for thieves to steal information, and they are also more convenient for users. Continue Reading

Learn to apply best practices and optimize your operations.

Top 10 enterprise data security best practices

To protect your organization's data and prevent its misuse, incorporate these 10 data security best practices into your enterprise data security strategy. Continue Reading
How to fit customer experience security into your strategy

Most organizations overlook security in their CX strategies. However, with collaboration, personalization, CIAM controls and more, organizations can offer a secure and positive CX. Continue Reading
Are 14-character minimum-length passwords secure enough?

When it comes to minimum password length, 14-character passwords are generally considered secure, but they may not be enough to keep your enterprise safe. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Use a decentralized identity framework to reduce enterprise risk

To reduce the risk of identity theft for customers, partners and employees, companies should look at integrating a decentralized identity framework into existing infrastructure. Continue Reading
6 persistent enterprise authentication security issues

Some authentication factors are considered more secure than others but still come with potential drawbacks. Learn about the most common enterprise authentication security issues. Continue Reading
In biometrics, security concerns span technical, legal and ethical

Biometrics are increasingly being used for enterprise security, but they are not without technical, legal and ethical concerns, which teams must address before deployment. Continue Reading