Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Complete Guide to Identity and Access Management (IAM)

With the rising trend of digitization, major companies like Airbnb, Microsoft and Twitter are staying out of the office, moving processes online and allowing employees the option to work from home. Organizations are adopting remote and hybrid working models. As a result, many people are spending more than double the amount of time online as they did pre-pandemic.

The Role of IAM in Maintaining Cloud Security

Cloud computing is an effective solution for large and small companies across every industry. There has been rapid adoption due in large part to its accessibility, flexibility, and reliability. The cloud environment brings a significant amount of benefits, but at the same time, it can expose businesses to various alarming cybersecurity risks. A study conducted by Thales and 451 Research revealed that 40% of respondents have experienced a data breach within their cloud environments.

What is MFA (Multi-Factor Authentication)? Learn How it Works

Multi-factor authentication (MFA) is an authentication method that requires at least two forms of verification of the user’s identity to gain access to an account, application, or data set. Instead of needing just a username and password to log in, MFA adds additional layers of security by requiring users to verify their identity. Each additional verification method can prevent unauthorized access from cybercriminals or hackers from executing a successful cyber attack.

Is Credential Sharing the Weakest Link in Your Security Strategy?

You might think that the majority of cybersecurity breaches result from carefully planned and executed attacks. You may imagine hackers expertly crafting phishing emails to con employees into giving away access to critical systems, for example, or planting state-of-the-art malware on victims' servers. The reality – as Zenity co-founder and CTO Michael Bargury explains in his most recent Dark Reading column – is less interesting, and perhaps more worrying.

[PAM Masterclass] Episode 3: Mastering remote password management

In this latest episode of the PAM masterclass, we'll explore the remote password management capabilities of ManageEngine's PAM suite. We will also learn to generate strong and unique passwords that comply with built-in and custom policies, and automatically reset passwords of your remote resources. Key takeaways.

How to create a continuous lifecycle for your IT Policy Management

If your organization is having trouble creating policies, I hope that this blog post will help you set a clear path. We’ll discuss setting up your organization up for success by ensuring that you do not treat your policies as a “do once and forget” project. Many organizations I have worked with have done that, but later realized good policy lifecycle is required, and a pillar of good governance.

Using Rego as a generic policy language

Policies have a vital role in every organization, but can mean a lot of different things depending on the context. For our purposes, a policy refers to the principles or ideas that an organization uses to make decisions. In this post, we’ll discuss Open Policy Agent (OPA) and its rule language, Rego, highlighting how we can use them to write a simple policy for a payroll microservice.

Centralized Log Management for Access Monitoring

You’re reading the handwriting on the wall. Your company expanded its cloud infrastructure over the last few years, adding more and more Software-as-a-Service (SaaS) applications to its stack in response to remote work. Like 86% of other companies, you expect that this will continue at the same or an accelerated pace. In response to these IT changes, new laws and industry standards expect you to move toward a zero trust architecture.

What is Privileged Access Management (PAM)?

Privileged account management is the process of identifying, controlling and monitoring privileged accounts and their associated activity. Privileged accounts are typically high-level administrator accounts that have broad access rights across an organisation’s IT systems. Because of their elevated level of access, these accounts pose a significant risk if they were to fall into the wrong hands.