The dotnext Blog

Category: ,
Identity projects and products are very mature and therefore it is very easy to be lulled into the assumption that a product will meet all the requirements for an organisation. Only during installation and configuration it is realised that a product or solution will not solve all the issues. At this stage it is complicated and expensive to correct the issues.
Category: ,
Whilst the exact cause of the hacks has not been released officially, there are a number of clues from press releases that hint at the causes. Unfortunately, it is the same old, same old. Hackers took advantage of long known about weaknesses and ones that can be easily addressed. They were poor leavers process, too high a privilege for internal users and finally poor shared security model.
Category:
Business password management, or workforce password management as it’s also known, is simply a way of allowing our business users to store credentials in a secure manner. A quick search of the internet reveals the average business around has over 70 passwords that they need to remember within the workplace.
Category:
I personally believe our approach to PAM is wrong, I think we’re now misusing technology which was designed for a different purpose and in a different time to which we work in now. If this blog resonates with you too, maybe it’s time for something to change in how we think about PAM and tackle the many challenges that exist.
Category:
It is surprising to many people that these terms mean the same thing especially when you consider the day to day meaning of the two terms. An orphan conjures up an image of a poor child and invokes an emotional outpouring of love and sympathy. Zombies on the other hand, these un-dead creatures invoking emotions of fear and terror.
Category:
Failure can be a strong word and one that can often send people to see to a psychiatrist in a flood of tears. In a professional context, we like to refer to it as a “something we learn from”. If that is the case why do most IAM Projects fail to meet their original goals, despite vendors, consultants, implementation providers and organisations all having lots of “learning experiences” over the decades that IAM has been around.
Category:
For me personally, I think the market in PAM has gone a little stagnant and needs resetting. The best way to do this is retiring the reports that define the market and then look at it again with a fresh pair of eyes. It sounds so simple, but I assure you it’s not.
Category:
Something feels broken with Privileged Access Management, I don’t mean a product we need to fix or create but I think our fundamental approach to PAM is wrong. It certainly feels to me that we’re now trying to fit a square peg in a round hole and I’d like us to openly discuss this more so that we can create safer environments.
Category:
Privileged Access Management (PAM) simply means controlling who or what is allowed to access infrastructure, applications and workloads (in fact, anything), for how long and what level of access they or it has in order to reduce risk. There are 50 others ways of saying the same thing, but that’s really what it boils down to.