In one of my previous roles as a test analyst, I was primarily responsible for constructing test cases for password management. At the time, I had devised a whole array of possible test cases for password management which included specifications on the length of the password, complexity of the password, frequency for changing password and so on. However a thought struck me. This tedious manual procedure of password management by the administrator or super-user was done to ensure security but where is the security after all? How many permutations and combinations can a human come up with to ensure these passwords are managed and maintained to comply with regulatory standards? But today working in this cyber security space, I can confidently say that you just have to go knocking on the right door to eliminate this monotonous process and get automated password management solutions that is regulatory compliant and at the same time safe, effective and productive.
Just as I went to collect my iPad this morning from the study room, something that was an integral part of my childhood grabbed my attention. This precious treasure was lying in one corner dusted and covered by a cloth which had torn. The treasure that I speak about was my best friend and is nothing else but the desktop computer that I used in the 90’s and early 2000’s. There was a time when for any important work or internet use, only one device could be used – the computer. Today if I want information on the internet, the last thing I use will probably be that desktop computer. And this is the same for most of us today.
Summary: In 2014, the world learned the hard way about data breaches due to insider threats. Learn why insider threats have become an increasing security risk and how to protect one’s self from it.
In a world where data breaches are quickly becoming commonplace, even the best security technology in the world can’t help your organization to protect itself from security breaches unless your employees understand their roles and responsibilities in safeguarding sensitive data and protecting company resources.
is data like water?
Data like water is an interesting analogy, It was only during one of my vacations that along a beach, i realized how the two are really similar and especially in the world of technology how data flow is akin to water flow. This paper tries to establish similarities, one’s ability to capture and track source. Further how identities are critical and how data can be tagged to various users. Also it is critical to examine the storage and linkages to the identities under which data is stored.
how important is data
Summary: The evolution of cloud computing over the past few years is potentially one of the major advances in the history of computing. Learn more about the various risks associated with cloud computing and how to choose the best cloud computing solution for your organization.
The Business Perspective
The evolution of cloud computing over the past few years is potentially one of the major advances in the history of computing. However, if cloud computing is to achieve its potential, there needs to be a clear understanding of the various issues involved, both from the perspectives of the providers and the consumers of the technology. While a lot of research is currently taking place in the technology itself, there is an equally urgent need for understanding the business-related issues surrounding cloud computing.
Cloud Computing and Risk
Summary : Security breaches in healthcare are a major issue, but not enough attention is being paid to threats from the inside. A vast majority—92%—of healthcare IT decision-makers reported that their organizations are either somewhat or more vulnerable to insider threats, and 49% felt very or extremely vulnerable.
Healthcare Debacle : – The insider security threat in Healthcare industry
Summary : Millions have been invested in securing the periphery, however little or no investment is made in securing the access to the core of any system i.e. Privileged Identities
A BIG hole in Identity Management
The last decade has seen several debates on Identity Management and the best possible ways to address the growing disconnect in the much interconnected world. While there has been substantial efforts in managing the identities of an organization either with manual processes or recently by implementing IDM technologies, there has been a glaring hole in the approach as most of the identity management solutions are not able to address the challenges posed by privileged accounts.
Summary: How the Carbanak hacker’s group stole a billion dollars without getting caught and what we
learn from it.
The financial world and the security industry have been rocked by the recent report from Kaspersky about the cyber-criminals that have stolen more than $1 Billion from global banks through cyber-attacks. The initial reports link the attacks to a multinational criminal group, and highlight the use of sophisticated malware, dubbed Carbanak.