Using IAM to protect you from Advanced Persistent Threats and Auditors

15.05.2013 15:00-16:00 Moderator:

Using IAM to protect you from Advanced Persistent Threats and Auditors

Identity & Access Management has become a lot more than just single sign-on. There are real threats which effective IAM can solve. For example access certification can bring you in line with regulations while removing attack vectors. Controlling privileged account access can reduce insider threats and take the sting out of APTs that rely on sloppy admin access. And simply giving the business visibility into who has access to what at the right time can empower the business to control the security of its own data and systems.

Plugging "Cloud Identity Leaks" - Should your Business become an Identity Provider?

Third party identity providers such as Facebook and Twitter make it easy to perform "Social Login", enabling users to log into third-party services using a Facebook ID or a Twitter ID. This is convenient for consumers, but it is a potential problem for businesses whose employees may now log into business services using third-party IDs, rather than using a corporate ID. This results in an "identity leak for the organization, where Cloud services begin to manage your employees identity. A possible solution to this problem could be that your company itself becomes an Identity Provider, allowing employees to use their enterprise login as a springboard to log into third-party business services. In this way, the business keeps control of identity, and allows for a more holistic identity management solution for Cloud services.