November 2007 Archives

If you haven't already listened to Mike Rothman's ebizQ podcast front and center on ebizQ this Friday morning, I implore you to check it out, where he talks database security with Rich Mogull of Securosis. It's an enlightening discussion, and... Read More..

In yesterday's blog, many of the folks I met with at the Gartner IAM show in LA answered what they thought was the biggest challenge for Identity and Access Management in 2008. The next question I asked was what they... Read More..

It was two weeks ago today that I set sail for Gartner's Identity and Access Management summit in L.A. For the two days I was there, I was able to meet with many exciting and excited people, all who kept... Read More..

An interesting discussion has broken out on Christopher Hoff's Rational Survivability blog about how hard it is to effectively determine the true ROI of all the various tools needed to maintain an organization's security. This inquiry kicked off with Hoff... Read More..

Today's security news is rife with seemingly continuous bad news about one massive data breach after another occurring because of a lost or stolen mobile device. And as mobile devices continue to get smaller and smaller, they only become bigger... Read More..

Listen to or download the 9:15 minute podcast below: Download file What follows is my podcast with Barak Engel, the Tripwire PCI expert. Barak has over fifteen years of experience in IT and information security and is a member of... Read More..

An interesting discussion has popped up on Jackson Shaw's blog about superuser accounts, which are essentially the admin accounts that much have universal access. And while a companies access and identity management might be top notch, and the entire system... Read More..

What follows is my live podcast with Michael T. Donaldson, VP of Marketing of Ping Identity, from Gartner's Identity and Access Management Summit, where Michael and I discuss the objectives of Federated Identity, how it relates to OpenID, and what's... Read More..

This is my second (successful) podcast from Gartner's Identity and Access Managment Summit where it seems everywhere I turned news was breaking and breaking fast. In this podcast Brandon Whichard, Product Line Manager Identity Management, explains Sun's announcement last Tuesday... Read More..

Had an exciting meet-and-greet with Jackson Shaw, the Sr. Product Manager from Quest, and I have to say, there is a big difference sitting in my home office writing about this stuff than going out to the shows and meeting... Read More..

Got a chance to sit down with Omar Hussain of Imprivata, whose company is taking the next logical step in identity and access management and is tying together both the logical and physical worlds of access and identity. In this... Read More..

I have to make it quick, as the information is coming fast and furious...I have absorbed so much information at this point, it feels like my brain is about to deny me access. My first sit-down was with Howard Ting... Read More..

Tomorrow bright and early I am off to L.A. for the Gartner Identity and Access Management summit. I'm really looking forward to relaying the latest and greatest technology that keeps identity and the data behind each identity safe and secure... Read More..

A big question coming to the fore of access management is exactly how much control should a user have over their identity, but within the company network on sharing data and such online? With User-Centric Identity Management, the answer is,... Read More..

The Digital Identity Forum has an interesting blog on companies pricing out Identity Management. Seems to me, with all the electronic ink spilled over various breeches and data thefts lately, I simply cannot imagine a company not taking Identity and... Read More..

Found an interesting article at Dark Reading covering the next generation of firewall which essentially is a smart firewall. The company with the firewall, Mercy Medical Center, has to control access to 6,000 different users with a number of different... Read More..

Listen to or download the 7:02 minute podcast below: Download file What follows is a transcript of my podcast with Eric McNeil, Manager of IBM's Corporate Security Strategy, where we discuss IBM's announcement of having achieved an end-to-end security solution... Read More..

As more and more companies scramble to comply with PCI, I think a good question to ask right now is, exactly how compliant was TJX before their massive data breach? Or, to put it another way, What's the point of... Read More..

Yesterday, IBM issued a press release announcing they have transformed security. If you haven't read the press release, you can do so right here. Quite simply, IBM announced that they have achieved the Holy Grail of computer security, which is... Read More..