If a company works with very few applications, user repositories would have to be mapped individually for each application. Every new user needs to be validated with each individual user directories to be able to access the respective protected application. This means that the same user has to log in separately every time he/she wants to use each application on the network. The inefficiency of this model was reduced greatly with the advent of Active Directory and LDAP.
A significant number of identity and access management solutions have the need to work with Active Directory as the repository of user information against which access is verified. Active Directory generally controls user identity and access permissions to everything from files, networks, and servers, to on-premise and cloud applications. However, integrating an Active Directory or LDAP with on-premise and cloud applications require third-party agents to be installed on your network.
Continue reading Can you Trust the Agent on your Active Directory?
Identity management encompasses several operational mechanisms for managing users across a large system or network of applications. Two of the most prominent of those are Single Sign-on (SSO) and Federated Identity Management. Due to its evolving nature, identity and access management has several terms thrown around ambiguously. Even among developers, major differences are often missed while talking about federated identity and SSO. In this article, we aim to break down the difference between the two.
Continue reading IAM using SSO and Federated Identity Management
An Identity and Access Management (IAM) solution allows organizations to manage user access to critical data. It is an intermediate layer between your users and your applications/data.
Deploying an IAM solution a proven way to improve network security in an organization. A good IAM solution should also reduce the time spent by your IT team to grant access for individual applications, thereby improving architectural simplicity and reducing the load on your servers. This also means that your users have to remember only one set of credentials to access several applications in your on-premise or cloud network.
Continue reading Cloud Security 101: Identity and Access Management
Google Cloud Platform (GCP) IAM comes as a free service that is available by default to all users of the Google Cloud Platform. GCP IAM is Google’s identity management console, enabling administrators of organizations to manage access and permissions provided to employees across the range of applications and resources that come as part of the Google Cloud Platform. The main function of the IAM is to grant specific users/roles with access to specific GCP resources and prevent unwanted access to other resources.
The fundamental building block of GCP IAM is an IAM Policy which answers the question of who (identity) has what access (role) to which data or applications (resource). This IAM Policy is made up of permissions, bundled into roles and matched by identities.
Let’s take a closer look at the concepts of identity, role, and resource as defined by GCP IAM, which make it a useful IAM solution.
Continue reading Meet GCP IAM: The Identity and Access Management Solution from Google
Security and privacy of user data are crucial for any organization and is also a major area of risk. So a Secure and Efficient Authentication (SEA) is very important.
How do you make authentication secure and efficient? Let me share some insights on how this can be achieved through certificate-based authentication…
Continue reading Secure and Efficient Certificate-Based Authentication
Most IAM tools utilize browser extensions or applications installed on the end-user’s machine, or on an Active Directory, for access to identity. But why?! A user can be identified even without an agent – so having an so-called ‘lightweight agent’ sitting in your Active Directory itself is not the most secure way to manage user identity.
Whenever you create a dependency to achieve a particular solution, it is important to ensure the solution is 100% secure and that applies for the dependencies (Agents) too. This could make the architecture slightly complicated, depending on how it works.
Continue reading Does your IAM solution really need an Agent?
As per a survey by Forrester Research (Forrester Consulting Thought Leadership Paper, February 2017), in the last 4 years, out of every three organizations, two have had an average of at least 5 breaches. There are nearly 6 billion data records that were stolen and lost in the past 10 years. According to www.breachlevelindex.com, an average of 165,000 records are compromised every hour. According to this article published on www.csoonline.com, global cybercrime related damage is expected to exceed US$ 6 trillion annually by the year 2021.
Continue reading Is Your Data Secure? No…
At most enterprises, data centers are a repository of information contained within a network of servers from where data is transmitted to other touch points for processing. While these data centers could be cloud-based or on-premise, the security of such business-critical data is of paramount importance.
There could be several vulnerabilities in your network in the form of entry points that seem like they can be ignored. While there are several measures you can implement to physically secure your data center, it takes a lot more to secure remote or even on-premise servers from virtual attacks. An effective data center security solution will allow you to intuitively monitor all the entry points for possible attacks and ensure that you are protected against any breach.
Continue reading Protecting Your Vault: Safeguard your Data Center with an IAM Solution
What is SCIM?
The System for Cross-domain Identity Management (SCIM) is an open standard specification, designed to make user management easy. It essentially allows admins of cloud and on-premise networks to move users in and out of their systems quickly and easily. The system builds on inputs from existing user management schemas and allows the integration of powerful authentication models. It uses a common user schema in coordination with an extension model which allows for seamless migration of user data between different nodes of the system.
Continue reading Secure and Easy User Management: SCIM through the Fundamentals
Cloud technology has broken several operational barriers to make remote data access easy. It allows you to scale your business with minimal cost while securely holding business-critical data and applications. But with all these advantages comes a catch – managing personnel access for all the applications and files in your network has become increasingly cumbersome. Continue reading How an Identity and Access Management Solution Can Help Your Data Driven Business