Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Active Directory (AD) is the most prolific identity platform in the world. Like many companies already using AD on-premises, you may now be considering extending your identity environment to the cloud to create a hybrid landscape. There are many reasons behind this: resource constraints, strategy evolution, merger, acquisition or otherwise.

We all know identity management and security are critical to hardening cybersecurity ecosystems. We also know that we can make it happen using the many features and functions across Active Directory (AD), Entra ID and Microsoft 365. The challenge is making sure these are deployed in a way that allows them to work seamlessly together, staying aligned even in environments where there’s fluidity and decentralization.

Passwords are bad, and our whole industry is trying to move away from these simple strings granting access to our systems. But change is slow, and adopting newer standards is difficult, even if passwords are deeply problematic. Now, the National Institute of Standards and Technology (NIST) is updating the core standard for authentication – and it adopts the “new school” of password policies.

Employees come and go, and so do their identities within their organizations. On the surface, it seems a linear lifecycle, starting with onboarding and ending with offboarding, with a whole lot of access to resources in between. But it’s the “in between” where things are more complex – whether related to migration from one business unit to the next or integrating an acquisition.

You may already be using Active Roles to manage privileged access, identity and Active Directory (AD) from a single pane of glass. But now, you can get more. Active Roles release 8.2 is poised to offer multiple new features that support customers who are migrating to the cloud and applying web-based resources during the continuing market evolution. It also introduces enhancements to management within Entra ID.

If you run an online image search for “cyber hacker,” you’ll likely find countless pictures of shadowy, hooded figures hunched over a laptop. There’s just one problem with those search But here’s the catch: The image of a human hacker is in the minority these days.

When we think about privilege access management (PAM), we typically think about it first as preventive control. PAM solutions manage who has privileged access to systems, enforce least-privilege principles and monitor and record privileged user activity. This is crucial for preventing misuse of high-level permissions and ensuring accountability.

Context is important. And there is no exception when traversing the realm of cybersecurity, especially when dealing with Roles within SAP ABAP systems. In Identity Manager, Context-based requests come up frequently enough to require well-organized, air-tight configuration. But what exactly are you configuring? And is it going to be hard to follow this road? What is Context in SAP roles? Organizations, especially large organizations utilizing SAP, will have lots of SAP roles to sort through.

Over the past few years, the identity security industry has been buzzing with terms like “convergence.” These days, it feels like everyone offers a “unified” cybersecurity platform. It’s as if we all woke up one day in 2021 and realized that solving our identity security problems with a siloed array of “best-in-breed” point solutions could leave gaps in coverage or create confusion with overlapping functionalities.

A couple of weeks ago, we started talking about cybersecurity spending and how we, as security professionals, need to rethink prioritizing those budgets to match the cyber threat landscape. One key takeaway: identity and access management (IAM) is chronically underfunded compared to other, more glamorous security initiatives.