Loading ...
BlogInfoSec.com Sponsors
BlogInfoSec.com Partners
-
Recent Comments
- Navin on Why Information Security Professionals Should Learn Texas Hold ‘em Poker
- john doe on An Analysis of the Privacy Rights Clearinghouse “Chronology of Data Breaches” and Implications for Information Security Professionls (pt. 1)
- Adam Shostack on PCI DSS Position on Patching May Be Unjustified
- Jens Laundrup on PCI DSS Position on Patching May Be Unjustified
- Kris on Medical Identity Theft: Your Money or Your Life
Tags
agility algorithms application security assessment awareness Awareness / Education awareness instruction awareness training bloginfosec Annoucements Books on InfoSec breach incidents Budgeting for Security business continunity CIA triad CISO CISO savvy CISO skills COBIT Coding Securely / SDLC Conferences / Events / Meetups contingency plans counterfeit counterfeit equipment data breaches data breach notification laws data classification digital signature disaster recovery education Encryption end-point security equipment Exploit Code / Malware facebook fake FBI featured FFIEC Forensics / Incidents FUD Theater GLBA governance government Gramm-Leach-Bliley hackers hash HIPAA honeynet honeypot identity management identity theft IDM incident Industry Commentary Information security Interviews ISACA Jobs in Information Security Johnny Long KPMG leadership Legal & Regulatory Issues malicious insider malware metrics nation states network News Commentary No Tech Hacking OWASP Patching PCI Penetration Testing perimeter Phishing Policies and Procedures Privacy Privacy Rights Clearinghouse Reverse Engineering risk risk management ROI ROSI SB 1386 Security security awareness Security Breaches self-awareness Social Engineering soft skills Solutions / Workarounds SPAM spotlight successful behaviors Tools training Uncategorized Virtual Trust Viruses / Worms vulnerability assessment Vulnerability Commentary Vulnerability Disclosure Wireless Wireless Client Wireless Discussion Wireless Security Wireless Vulnerability Discussion
Tag Archives: identity management
The Final Step in a Homegrown IDM Solution (pt. 3) - So, let’s start hammering
May 29, 2008 – 6:00 am
–
To recap briefly, we have identified and analyzed all our primary sources of user data and the system and service providers who consume those data. We have funding, developers, and a project plan to follow. We understand our provisioning process, have identified or built a directory of user…
In the Workshop (pt. 2) - Building an Identity Management Solution
May 7, 2008 – 6:00 am
–
When last in the workshop to build our own identity management system we laid the groundwork for a solution by identifying and analyzing our organization’s sourcing, staffing and human resources systems. Now that we know where our subjects originate and what attributes are available for them,…
Visit to the Workshop: A Do It Yourself Identity Management Solution (IdM)
April 24, 2008 – 6:00 am
–
One constraint to implementing third-party identity management solutions is cost. Once the moneychangers see the quote, particularly alongside the deployment timeline, the project is likely exiled to some corporate gulag of no return. Since you will need to conduct significant analysis,…
Building an Access Control Framework (pt. 1)
April 16, 2008 – 6:00 am
–
From what I have seen of Identity Management tools, they are more about management than identity, which is fine, once you have solved the the challenge of effectively identifying all the users of your sensitive data. But, slick as they can be, an IdM tool may only automate your existing…
Building an Access Review Compliance Framework
April 9, 2008 – 6:00 am
–
One of the major selling points for IDM vendors is that their tools will simplify your access review process. In my experience and from what I have seen offered by several of the major IDM vendors, the significant investment you would make in IDM technology, you might likely do nothing more than…
