by Rebeca | Oct 8, 2014 | open source
Open-source components are available for core identity and access management functions. IAM leaders can avoid proprietary software purchase costs; however, software maintenance and support contracts will likely be needed.
In the last research of Gartner the theme was Open-source options for Identity and Access Management. Our solution is present and their analysts Gregg Kreizman and Felix Gaehtgens value us as:
· Functionality — Medium to High.
Soffid has one the most comprehensive list of IAM features of products reviewed.
It is also the only product that includes ESSO and PAM functionality.
· OSS Maturity — Low.
Soffid IAM has a «freemium» model that is licensed under GPL v3 and is being used by a small community. There is a free community license and an officially supported version. It is under active development by the company Soffid.
Research: «Open-source options for Identity and Access Management»
by Rebeca | Oct 8, 2014 | News
As business leaders become more ‘cyber aware’ concerns over data security shift from awareness to action. Organisations around the globe are increasing security spending, but have they prioritised budgets correctly or are they just throwing money at the problem?
There are many opportunities and benefits provided by doing business in a hyper-connected word but they come with risks. I read a report by the World Economic Forum recently that draws some interesting conclusions about information security practices and risk budgets.
Increasing threats
High profile security breaches, data loss and hackings hit headlines on a regular basis. We are doing business in world where a large organisation can be targeted by 10,000 attacks a day and the resulting costs are growing. Cyber Risk is a global priority and both large and small organisations are encouraged to act now.
Complete article by Information Security Buzz.
by Rebeca | Apr 10, 2014 | News, Resources
In an era of Edward Snowden and other high-profile data exfiltration incidents, such as last year’s Saudi Aramco breach, perhaps it’s unsurprising that only 9% of businesses in a recent survey from Ovum said that they feel safe from insider threats.
Insider threats are no longer only made up of traditional insiders with legitimate access rights who abuse their positions to steal data for personal gain. Privileged users who maintain systems and networks are now an additional concern, as their roles typically require access to all data accessible from systems to perform their work.
In the study from industry analyst Ovum, nearly half of UK-based respondents (42%) acknowledged it is these privileged users (system administrators, database administrators, network administrators, and so on) who pose the biggest risk to their organizations.
Complete Article by InfoSecurity
by Rebeca | Apr 7, 2014 | News, Resources
These days, there’s no shortage of new business technologies and new threat vectors to the enterprise. But what many companies forget is that old technologies pose risks as well, and those risks aren’t going away. In fact, as your legacy systems continue to get more out-of-date while the world around them continues to evolve, the risks may be increasing.These days, there’s no shortage of new business technologies and new threat vectors to the enterprise. But what many companies forget is that old technologies pose risks as well, and those risks aren’t going away. In fact, as your legacy systems continue to get more out-of-date while the world around them continues to evolve, the risks may be increasing.
A few of the things that make legacy systems risky include unpatched software, hard-coded passwords, and a failure to draw any budget money for repairs.
Patch me, please!
There are many reasons that a company might not apply all the patches and other recommended fixes for a legacy system. Some software is too business-critical to mess with, and if a patch has the potential to break things, it might get postponed until it’s tested first…and that testing never happens.
Complete Article by CSO
by Rebeca | Mar 7, 2014 | News, Resources
I am not sure what Nostradamus had predicted about IT Security and IAM but from Facebook to Adobe, 2013 was a tough year for companies looking to defend against cyber-crimes. There were hundreds of known data breaches in different organizations where billions of records related to personal and financial data were stolen or spilled due to security failures.
2014 would be even tougher as cyber security threats are increasing as quickly as organizations can implement measures against them. At the same time, they have to embrace virtualization and cloud, user mobility and heterogeneous platforms and devices. Protection of exploding volumes of sensitive data at cloud and smart devices would be a serious challenge for organizations of all type.
Complete article by Umer Aziz
