What we Can Learn from the SolarWinds Supply Chain Breach
How could elite security vendor and incident responder FireEye so easily succumb to Solorigate, a state-sponsored supply chain breach of unparalleled magnitude? You should be asking yourselves this question as well as: Is your organization also vulnerable to the SolarWinds… Continue reading
Directory Migration Services
The Challenges With Legacy Directory Services
Organizations around the world pursuing Zero Trust, Cloud Security, and Digital Business initiatives are now constrained by IAM and customer IAM (CIAM) solutions built on decades-old LDAP directory services. These older directories aren’t designed… Continue reading
Audit Active Directory to Reduce Risks from Privileged Users (webcast)
Do you think that Active Directory privileged management practices may pose risks to your organization? If so, please register for my webcast on September 12!
Mastering Hybrid Active Directory Auditing Webinar: June 11
Hybrid Active Directory Auditing seems like a topic no one is covering – until now! Please sign up with BeyondTrust for my June 11, 2019 | 1:00 PM – 2:00 PM ET webinar to learn more.
All too often… Continue reading
Active Directory Audit: Why and How
Why is 1:00 PM EST March 26 important? That’s when I’ll be presenting an Active Directory Audit webinar. The figure below features some of the issues I’ll be covering that motivate audit. A brief description of the webinar follows.… Continue reading
Active Directory Security Risk Factors and What to Do About Them (Part 2)
Active Directory security threats are increasing per part 1 of this post, and organizations must deploy an array of preventative, procedural, and detection controls to avoid becoming one of the next victims.
The AD protection matrix above depicts a… Continue reading
Active Directory Security Risk Factors and What to Do About Them (Part 1)
Active Directory security is a critical infrastructure issue for almost all large global organizations, including those using identity-as-a-service (IDaaS) solutions. IDaaS deployments frequently synchronize cloud-based directory accounts or passwords from the premise-based AD installation. Or, even if the IDaaS (e.g.,… Continue reading
Announcing New Partner, Webinar, and Going to IdentiVerse
In June doings for Security Architects Partners – it’s a busy month! We’re excited for Identiverse where I’ll be attending in my role of free lance KuppingerCole analyst. The figure below says it all; contact us if you’d like… Continue reading
The Second Golden Age of Identity
We are now in the second golden age of identity and access management (IAM). Mobile devices, cloud computing, social networks, Big Data, and the Internet of Things (IoT) require radically improved capabilities. They are driving rapid innovation in IAM standards,… Continue reading
Sony Hack: Just Another Privilege Escalation?
Concerning Sony, Sanjay Tandon writes that, “in all likelihood, what happened here is that malicious perpetrators gained administrative access within Sony’s network, and used it to obtain access to whatever they wished to obtain access.” In his Cyber… Continue reading