Quantcast
Channel: Security Catalyst
Browsing all 117 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

Into the Breach – Audio Series – Chapter 12 (Final Thoughts: Courage to Act)

Welcome to the continuation of the Into the Breach: Protect Your Business by Managing People, Information and Risk audio series. (Click this link) to learn more about this how this book solves...

View Article



Memo from users: educate, but don’t embarrass us

The moment we judge someone, we forfeit the ability to help. Seems like a lot of what is being promulgated in so-called “security awareness” today is nothing short of berating people with a list of...

View Article

Why people are not the problem in security and where to look (hint: grab a...

Do not put your faith in what statistics say until you have carefully considered what they do not say.  ~William W. Watt Over the last few years, we have been presented a series of reports, complete...

View Article

Image may be NSFW.
Clik here to view.

Why the definition of security awareness matters

Your paradigm is so intrinsic to your mental process that you are hardly aware of its existence, until you try to communicate with someone with a different paradigm. ~ Donella Meadows Considering the...

View Article

Image may be NSFW.
Clik here to view.

Identity Management Series – Vacancy Management and Hierarchies Part 1:...

So far in this series on identity management, the focus has been on activities and cleanups for data that is ultimately handled by identity manager. Now we shift the lens to focus on an element of role...

View Article


Vacancy Management and Hierarchies Part 2: Line Management Hierarchy

In this month’s Introduction, three hierarchies were introduced. We continue the series discussing the first of those: line management. The line management hierarchy is the most common of the...

View Article

Image may be NSFW.
Clik here to view.

Vacancy Management and Hierarchies Part 3: Data/Access Ownership

How often has a customer sat waiting on an access request, only to discover that it was delayed because the approver left the company and there was no replacement? This is an all-too-common scenario,...

View Article

Vacancy Management and Hierarchies Part 4: Cost Center Ownership

I once talked to a finance manager and asked her why her group couldn’t produce an accurate list of cost center owners. Her response was simple, “I would love to have an updated list, but no one ever...

View Article


Vacancy Management and Hierarchies Part 5: Wrapping Up

This month we focused on vacancy management, shifting from the functions of identity manager to role manager. Vacancy management is difficult to control manually – in many cases an approval or...

View Article


Image may be NSFW.
Clik here to view.

What a shopping carts reveals about security awareness

Tokens, Shopping Carts and Security Awareness What can grocery-shopping carts teach us about building security awareness that works to influence behavior change? Turns out perhaps more than imagined....

View Article

Identity Management Series – Workflows Part 1: Introduction

We started developing workflows in last month’s activity to manage vacancies. Relatively speaking, vacancy management workflows are comparatively simple and provide business-relevant quick-wins,...

View Article

Identity Management Series – Workflows Part 2: Provisioning and Deprovisioning

In this month’s Introduction, three workflow sets were introduced: Provisioning and deprovisioning (which I abbreviate as de/provisioning) Non-employee management User or access recertification This...

View Article

Identity Management Series – Workflows Part 3: Non-Employee Management

In the previous segment, we worked through the de/provisioning workflows. These are foundational to the non-employee management workflows in that a key objective of the non-employee management...

View Article


Identity Management Series – Workflows Part 4: User/access recertification

In the previous segment, we worked through the non-employee management workflows. These are a special-case of user recertification and relatively less complex, making them a good place to start. Having...

View Article

Identity Management Series – Workflows Part 5: Wrapping Up

This month, we focused on one of the key functionalities of identity management – workflows. Specifically, Provisioning and deprovisioning (which I abbreviate as de/provisioning) Non-employee...

View Article


Identity Management Series – Termination and Transfer Gotchas Part 1:...

In the previous series, we started prepping for the key workflows that make an IAM implementation worth the cost and effort. Implementing workflows effectively is critical to achieving the desired...

View Article

Identity Management Series – Termination and Transfer Gotchas Part 2:...

In the first segment, we looked at one extreme of transfers – a job change entailing a move between HR systems. In this segment, we’ll look at the other extreme of transfers – a job change that...

View Article


Identity Management Series – Termination and Transfer Gotchas Part 3:...

In the previous segments, we focused on special-case transfers that may be hard to recognize. At the macro level, when a user transfers between HR systems, a legitimate transfer can be mistaken for a...

View Article

Image may be NSFW.
Clik here to view.

7 Sources of Data Breaches You’ll Never Hear About: Your Phone

Smart phones are now portable computers which just happen to make calls. Licensed from Stock Exchange. This post is the first in a series about preventable data breaches. Most Americans have received a...

View Article

Image may be NSFW.
Clik here to view.

7 Sources of Data Breaches You’ll Never Hear About: Your Browser

Your Stored Passwords: Not exactly secured. Licensed from Stock Exchange. This post is the second in a series about data breaches you can prevent. We’ve already covered Phones and Personal Computing...

View Article
Browsing all 117 articles
Browse latest View live


Latest Images