Identity and access management

Identity is often considered the perimeter in infosec, especially as traditional enterprise perimeters dissolve. Identity and access management is critical to maintain data security. From passwords to multifactor authentication, SSO to biometrics, get the latest advice on IAM here.

August 10, 2022 10 Aug'22
Ermetic addresses IAM weaknesses in multi-cloud environments

Researchers at the cloud security vendor discussed the importance of understanding the different identity and access management features among the major cloud providers.
August 03, 2022 03 Aug'22
Amazon CSO Steve Schmidt preaches fungible resources, MFA

In a Q&A with SearchSecurity, Amazon CSO Steve Schmidt discusses his time as head of AWS security and shifts the cloud provider made to improve its posture, as well as customers'.
August 03, 2022 03 Aug'22
Thoma Bravo to acquire Ping Identity for $2.8B

Thoma Bravo's bid is expected to close in the fourth quarter of 2022. Ping Identity's purchase price represents a 63% premium over the vendor's closing price Tuesday.
July 26, 2022 26 Jul'22
AWS issues MFA call to action at re:Inforce 2022

To reduce growing attack surfaces in the cloud, AWS executives emphasized the importance of implementing MFA to protect accounts and blocking public access to cloud resources.

Bring yourself up to speed with our introductory content

What is identity sprawl and how can it be managed?

With identity-based attacks on the rise, organizations need to prioritize identity management. Learn about identity sprawl, why it's a risk and how it can be managed. Continue Reading
tailgating (piggybacking)

Tailgating, sometimes referred to as piggybacking, is a type of physical security breach in which an unauthorized person follows an authorized individual to enter secured premises. Continue Reading
segregation of duties (SoD)

Segregation of duties (SoD) is an internal control designed to prevent error and fraud by ensuring that at least two individuals are responsible for the separate parts of any task. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Why 2023 is the year of passwordless authentication

Passwords may soon be relegated to the past thanks to IAM vendors' efforts to create passwordless login options. Here's why 2023 should be the year of passwordless authentication. Continue Reading
What is data security? The ultimate guide

Dig into the essentials of data security, from must-have tools, technologies and processes to best practices for keeping data safe. Continue Reading
Passkey vs. password: What is the difference?

Companies are turning to passkeys as a secure login for consumers. Passkeys make it more difficult for thieves to steal information, and they are also more convenient for users. Continue Reading

Learn to apply best practices and optimize your operations.

Cybersecurity skills gap: Why it exists and how to address it

The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
Top 10 enterprise data security best practices

To protect your organization's data and prevent its misuse, incorporate these 10 data security best practices into your enterprise data security strategy. Continue Reading
How to fit customer experience security into your strategy

Most organizations overlook security in their CX strategies. However, with collaboration, personalization, CIAM controls and more, organizations can offer a secure and positive CX. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Are 14-character minimum-length passwords secure enough?

When it comes to minimum password length, 14-character passwords are generally considered secure, but they may not be enough to keep your enterprise safe. Continue Reading
Use a decentralized identity framework to reduce enterprise risk

To reduce the risk of identity theft for customers, partners and employees, companies should look at integrating a decentralized identity framework into existing infrastructure. Continue Reading
6 persistent enterprise authentication security issues

Some authentication factors are considered more secure than others but still come with potential drawbacks. Learn about the most common enterprise authentication security issues. Continue Reading