Business line managers are in better positions to control and monitor network and system access privileges than IT departments, since they know their employees and the privileges they should be provided, says Bill Evans of Dell Software.
Because managing identities is a global problem, it requires a global solution, says Paul Simmonds of the Jericho Forum. A new organization has been established to address global identity. Simmonds offers insight.
Banking institutions have spent the last two years enhancing authentication to conform to regulatory mandates. Organizations in other sectors can learn important authentication lessons from the banking industry.
The answer seems obvious, especially in the context of IT security and information risk. Yet, is it, especially when developing codes and standards, as well as funding research and development initiatives that involve taxpayer money?
Absent a uniform method, the NIST interagency report investigates credential revocation, focusing on identifying missing requirements, and suggests a model for credential reliability and revocation services that addresses those missing requirements.
Five pilot projects unveiled by the federal government, if successful, should build trust in online commerce, helping to boost the economy, says Jeremy Grant, head of the National Strategy for Trusted Identities in Cyberspace National Program office.
The new report aims to help access-control experts improve their evaluation of the highest security access-control systems by discussing the administration, enforcement, performance and support properties of mechanisms that are embedded in each system.