The Identropy Blog

IAM Solutions: Mind the Gap and CYA

Posted by Luis Almeida on Oct 12, 2016 10:00:00 AM

The other day I went to visit a prospect who was evaluating vendors for a digital transformation project. The person heading up the project was a Senior Program Manager.

She was clearly very capable – one of those people who are change agents within an organization.

As soon as I walked in I could tell that she had rolled up her sleeves and was on a mission to accomplish great things.

I was impressed by her on every call we had been on, and meeting her in person just reinforced to me how capable she really was. I immediately began to worry.

Read More

Topics: IAM Program

What You Can do About Unstructured Data in Healthcare

Posted by Identropy on Sep 29, 2016 9:00:00 AM

“Gartner defines unstructured data as content that does not conform to a specific, pre-defined data model. It tends to be the human-generated and people-oriented content that does not fit neatly into database tables.”

-Darin Stewart, Gartner

When discussing the healthcare landscape, you can scarcely get past the handshake before the looming elephant of unstructured data enters the room. This uninvited guest sits in your periphery; a constant reminder about what many healthcare and IT professionals have yet to tame.

Suffice to say unstructured data – text-heavy sections of patient information and history in the realm of healthcare – still poses an issue that is untenable in most doctor offices and hospitals.

Read More

Topics: identity management advice

Neglect Leads to Risk in an IAM Program

Posted by Jeff Steadman on Sep 13, 2016 9:00:00 AM

More bad news this week coming out of the SWIFT messaging system hacks. New banks are being targeted and an unspecified number have experienced incidents. In the case of the $81 million dollar Bangladesh Bank breach, the intrusion started with a vulnerable network switch.

The bank used “second-hand networking gear” which led to the compromise. Second-hand anything in your security and networking infrastructure is probably not a great idea and not keeping infrastructure patched is a recipe for trouble.

Read More

Topics: IAM Program

Security Technology and Usable Security are 2 Different Things

Posted by Jeff Steadman on Aug 26, 2016 9:00:00 AM

Last week, I wrote a blog post about how biometric authentication on a mobile device had "leveled up" by way of the iris scanner on the new Samsung Galaxy Note 7 smartphone.

I spent this last weekend trying it out first hand and here is what I experienced.

Does it work? Yes, BUT...

  • To activate it, you have to press the power button, then you have to swipe the screen to turn on the scanner.
  • You have to hold the phone 10-12 inches from your eyes for it to recognize you.
  • You want to position yourself to avoid bright lights in the background since that can confuse the infrared scanner.
Read More

Topics: multi-step authentication

What the Olympics and an IAM Program Have in Common

Posted by Jaime Lewis-Gross on Aug 19, 2016 9:00:00 AM

What comes to mind when I picture an Olympic athlete?

  • Commitment
  • Conditioning
  • Repetition

An Olympian is committed to their specialty, continually conditioning their mind and body to optimize performance, and repeating their actions again and again to achieve as close to perfection as possible.

I liken this with preparing for an IAM implementation.

Read More

Topics: IAM Program

Simplifying IAM Planning

Posted by Luis Almeida on Aug 12, 2016 10:46:39 AM

During the early days of the Age of Exploration, it took European navigators 10 years to get past Cape Bojador in Africa.

Once they got past it, they must have all wondered why they struggled with it in the first place.

Historians blame the delay on winds, currents and legends of sea monsters.

Although conditions posed some challenge there really was no excuse for how long it took explorers to round this small cape in Northern Africa. 

When they did get past it they quickly made it to the next major geographical and psychological obstacle on the path to riches: the Cape of Good Hope.

It seems to us at Identropy that the current state of IAM is analogous to when Gil Eanes finally got around Bojador in 1434. In our view, we have rounded Bojador and there is absolutely no reason why IAM implementations should be something to fear.

Read More

Topics: IAM Program Management

[Webinar] Securing Access in a Digital Healthcare World

Posted by Identropy on Aug 10, 2016 12:23:40 PM

SailPoint and Identropy are teaming up to deliver a webinar about securing access in a digital healthcare world. 

One of our clients, Dartmouth-Hitchcock, will be presenting on challenges they faced with securing access within the organization.

Join us for this co-sponsored webinar on Thursday, August 18th at 10:00AM CT / 11:00AM ET. 

Read More

Topics: electronic healthcare

Strong Authentication: Why Iris Scanning Isn't Just for Bond Films Anymore

Posted by Jeff Steadman on Aug 5, 2016 10:05:46 AM

Anyone that knows me well is aware of my fondness for mobile technology. Basically, if it has a battery and a screen of any size, I am in.

I am also a fan of security that improves upon user experiences and IAM is one of those enablers when done right.

Read More

Topics: strong authentication

The Benefits of an Unstructured Data Governance Assessment

Posted by Luis Almeida on Jul 27, 2016 10:00:00 AM

Every time I look at my calendar and I see that a dentist appointment is coming up I tend to worry that she might find something that is going to lead me towards some type of painful procedure.

I worry and fret and then go to the doctor, and, on the rare occasions that she has told me that she’s going to have to bust out the jackhammer, I’m somewhat relieved.


Read More

Topics: access governance

Is a Cloud-Based IAM Solution Right For Me?

Posted by Luis Almeida on Jul 19, 2016 11:30:00 AM

The convergence of the IDaaS and IAM spaces is creating a lot of confusion for many of our clients.

This has a lot to do with the marketing efforts of software vendors, but it also has to do with internal confusion around the definition of identity management, business objectives around identities and strategic goals like taking one’s IT infrastructure to the cloud.

I’m going to take a stab at trying to help us think this through–and I think the best approach to determining whether the cloud is a right fit is to first understand our objectives and use cases.

Read More

Topics: Cloud Identity

Subscribe by Email