Identity and Access Management | News, how-tos, features, reviews, and videos
Getting the basics right to ensure a successful zero trust strategy
There’s usually a strict protocol for granting access to systems or data to a new employee or contractor. But there are perils in not keeping tabs on that access as that person moves around or leaves.
Assumed Breach is the third but often overlooked principle of zero trust. When we talk about adopting a “not if, but when” attitude to security, are we merely paying lip service or do we really believe and internalise it?
A recent report on the leak of classified military documents by a young US Air Force cyber specialist reveals how easily trust can be broken.
Application providers charge fees to implement single sign-on but don't deliver a full SSO experience. Threat actors are taking advantage of the situation.
Consider this advice to successfully replace a perimeter approach to security with a zero trust framework.
Zero trust is not enough. CISOs should abandon trust and focus on verifying everything from third-party tools to their teams' abilities.
Zero trust is not a product, but a security methodology based on defense-in-depth and least-privileged access concepts.
While the debate about Web3’s long-term relevance rages, the technology itself goes merrily on its way, finding ever more avenues of use. One area that is seeing interesting potential and actual developments is IAM.
As remote work blurs the line between enterprise and consumer IT, can FIDO finally fix the security usability conundrum of consumer authentication?