The massive "Panama Papers" data leak apparently was enabled by a law firm failing to have the right information security defenses in place. The breach calls attention to the need for all organizations to encrypt sensitive data, use access controls as well as monitor access patterns for signs of data exfiltration.
At a time when workers use more apps than ever to do their jobs - and from more locations and devices than ever - traditional IAM is simply not sufficient, says David Meyer of OneLogin. Cloud-Based IAM is what organizations truly need.
Healthcare is in the middle of a major evolution toward digital, personalized medicine and the empowered patient. Ongoing regulatory and monetary incentive programs are driving healthcare providers to increase their EHR and E-Prescribing adoption. Additionally, the U.S. Office of the National Coordinator for Health...
A watchdog agency's audit of the Department of Veterans Affairs makes nearly three dozen recommendations for how the VA should address "material weakness" in its information security program. The VA's CIO tells Congress all the issues raised will be addressed by the end of next year.
Best practice for the use and management of privileged accounts
is a topic that even experienced IT professionals find
complicated.
IT professionals need to ensure that important maintenance
and management tasks can be completed in a timely
manner, so they often share the passwords
for very powerful accounts...
Effectively managing privileged accounts (sometimes called
superuser accounts) is becoming more and more critical as
security and compliance emerge as the driving forces behind
most IT initiatives. Unfortunately, native tools and manual
practices for privileged account management are proving to be
inadequate for...
The world of identity and access management (IAM) is one
of constant change, shrinking deadlines, minuscule budgets,
overtaxed staff and unmerciful regulations. Unfortunately,
this historical approach to IAM involves piecing together "half
solutions" in hope that tomorrow's solutions will address real
world...
For many organizations, compliance with data security
standards doesn't seem to be getting easier. Although HIPAA represents
only a portion of the data security compliance obligations
faced by most organizations handling healthcare data, it
is one of the most significant.
Achieving and proving your
compliance...
One of the most important aspects of an identity and
access management (IAM) program is the securing,
management and governance of the accounts belonging
to superusers - privileged accounts.
These superuser
accounts require access management - ensuring that
admins have the access they need to do their job -...
For many organizations, compliance with data security standards doesn't seem to be getting easier. Although Sarbanes-Oxley Act (SOX) represents only a portion of the total scope
of compliance obligations faced by most organizations, it
is a critical piece of the compliance challenge.
Achieving
and proving your...
Privileged accounts are a necessity in any enterprise IT
environment, since they enable administrators to manage
the environment. But as news reports constantly remind
us, granting privileged access increases the risk of a security
breach, no matter what industry your organization represents.
However, your...
A new layer of security in organizations, focused specifically on the protection and management
of identities, is a critical new requirement in efforts to stem the tide of breaches. Of these identities, none are so
critical as those belonging to privileged users.
Malicious users predictably follow a logical...
The Internal Revenue Service has temporarily deactivated an online PIN-retrieval tool meant to prevent stolen Social Security numbers from being used to file fraudulent returns after finding that hackers had successfully subverted the system.
Blockchain technology used by bitcoin and other cryptocurrencies offers opportunities for enhanced authentication and ID management, as well as cross-border money remittances, says Ben Knieff of the consultancy Aite. But he contends it's not clear that the technology could play a role in faster payments.
More cybercriminals are adapting their attack techniques, using compromised credentials linked to privileged accounts to invade networks and systems, according to researchers at Dell SecureWorks, who describe an open source solution that can help mitigate the threat.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.