An Identity and Access Management (IAM) solution allows organizations to manage user access to critical data. It is an intermediate layer between your users and your applications/data.
Deploying an IAM solution a proven way to improve network security in an organization. A good IAM solution should also reduce the time spent by your IT team to grant access for individual applications, thereby improving architectural simplicity and reducing the load on your servers. This also means that your users have to remember only one set of credentials to access several applications in your on-premise or cloud network.
Continue reading Cloud Security 101: Identity and Access Management
Apart from data security, data privacy represents a major area of concern in IT security today. When it comes to data privacy, all organizations are very particular about where and how their company data is being saved, and who has access to it.
This is also related to one of the major reasons why organizations still hesitate to move their data to the cloud – “who else has access to my data if I move to cloud?” Even though almost every IaaS and PaaS provider tries to build confidence in their clients through certifications by authorized agencies, many enterprises are still not convinced. The reason is that there are still areas that lack transparency, where details on their data privacy are not clearly explained and conveyed to them.
Continue reading Dedicated servers for unmatched transparency in data privacy
Google Cloud Platform (GCP) IAM comes as a free service that is available by default to all users of the Google Cloud Platform. GCP IAM is Google’s identity management console, enabling administrators of organizations to manage access and permissions provided to employees across the range of applications and resources that come as part of the Google Cloud Platform. The main function of the IAM is to grant specific users/roles with access to specific GCP resources and prevent unwanted access to other resources.
The fundamental building block of GCP IAM is an IAM Policy which answers the question of who (identity) has what access (role) to which data or applications (resource). This IAM Policy is made up of permissions, bundled into roles and matched by identities.
Let’s take a closer look at the concepts of identity, role, and resource as defined by GCP IAM, which make it a useful IAM solution.
Continue reading Meet GCP IAM: The Identity and Access Management Solution from Google
Security and privacy of user data are crucial for any organization and is also a major area of risk. So a Secure and Efficient Authentication (SEA) is very important.
How do you make authentication secure and efficient? Let me share some insights on how this can be achieved through certificate-based authentication…
Continue reading Secure and Efficient Certificate-Based Authentication
Migration to the cloud is no longer an emerging trend. It is now a well-established method of running the operations of a business. With the cloud, you can manage data and applications in a secure environment and ensure that your users face virtually no latency while using your applications. But although the cloud comes with a basic framework for security, it still has its inherent security risks which need highly specific cloud security solutions
to reliably protect your data.
To understand the need for implementing an effective cloud security solution, a deeper understanding of what causes and constitutes a cloud security threat is important.
Continue reading Cloud Security Solutions – Why do you need them?
Most IAM tools utilize browser extensions or applications installed on the end-user’s machine, or on an Active Directory, for access to identity. But why?! A user can be identified even without an agent – so having an so-called ‘lightweight agent’ sitting in your Active Directory itself is not the most secure way to manage user identity.
Whenever you create a dependency to achieve a particular solution, it is important to ensure the solution is 100% secure and that applies for the dependencies (Agents) too. This could make the architecture slightly complicated, depending on how it works.
Continue reading Does your IAM solution really need an Agent?
Whether or not you know what it is called, you have likely used 2FA at least once in your life online.
Remember the time you tried logging into your email account from a new device and your email service provider sent you an SMS with a PIN (OTP), to re-validate that it was actually you attempting to login? You would have been allowed access to your inbox only after you entered the correct OTP.
Or the time you tried to transfer money to someone through internet banking. Even though you already entered your customer ID and password, your bank’s application would want to make sure that someone else hadn’t stolen your credentials. They do this by sending you an email with a PIN or a link to click on, for additional validation.
Continue reading The What, Why and How of Two-factor Authentication (2FA): Decoded
Akku is a great way to control and authenticate communication channels for any enterprise.
One of the biggest threats to any organization is the possibility of a data breach, which can result in loss of data, loss of trust, and ultimately, loss of growth of the business. This makes data security a critical aspect to consider in any enterprise.
Continue reading Akku – Secure your Enterprise Communication
As per a survey by Forrester Research (Forrester Consulting Thought Leadership Paper, February 2017), in the last 4 years, out of every three organizations, two have had an average of at least 5 breaches. There are nearly 6 billion data records that were stolen and lost in the past 10 years. According to www.breachlevelindex.com, an average of 165,000 records are compromised every hour. According to this article published on www.csoonline.com, global cybercrime related damage is expected to exceed US$ 6 trillion annually by the year 2021.
Continue reading Is Your Data Secure? No…
The internet represents a revolutionary step forward in the way data is stored and accessed, and in the way business is done. Most enterprises make use of user-friendly websites or web applications which allow their users to interact and transact.
But allowing users to seamlessly interact with your server and database presents some problems too. Primary among them is that it is difficult to differentiate between genuine users and hackers.
Continue reading Safer Interactions with the Internet through a Web Application Firewall