Blog

Read more about the latest developments on Identity Governance & Administration

Part 3: Mitigating the risk of internal breach

In parts 1 and 2 of this blog series, we outlined how access governance, single sign-on and automated provisioning ensure that users have accurate permissions and access within an organizations hybrid IT environment, both on premise and in the cloud. Today, I want to focus on cleaning up file shares to ensure the aforementioned solutions have a clean slate from which to operate. If you think about it akin to cleaning a room, you would pick clothes off the floor before vacuuming it, right? Similarly, you should clean up your file system before allocating resources in to securing it.

Read more

Part 2: Mitigating the risk of internal breach

In part one of this blog series, we showed how access governance, in conjunction with automated provisioning and de-provisioning of user accounts are essential in preventing internal data breach on an organization’s network. Today we are going to discuss how to take it a step further, and protect against these internal threats in a hybrid IT environment. There are many solutions on the market focused solely on cloud data protection or network data protection. We have found the reality of most IT environments to be a combination of both. To best offer guidance in protecting against internal threats, let’s look to a hybrid solution for a hybrid problem; namely, HelloID.

Read more

Category

Single Sign On

Self-Service , Workflow Management , IDaaS , Two-factor Authentication

Part 1: Mitigating the risk of internal breach

Companies spend considerable resources protecting against the threat of data breach – and rightly so. A data breach can result in large fines and, more importantly, a damaged reputation. While companies focus most of their efforts on mitigating the risk of external threats such as hackers or viruses, they often overlook internal breaches, which are more common. Internal breaches can sprout from a wide array of motivations. Former employees may be unhappy about being let go; current employees may feel overlooked for an opportunity or simply want to impress a new employer by copying intellectual property or contact lists. The added danger to these threats is that they easily go undetected, as no one is looking for them and ex-employees are likely to know their way around the network. A recent internal breach in 2017 saw the City of Calgary’s payout fines of 92.9 million Canadian dollars. The source of this scandal was allegedly an email sent by a city staffer to an employee of another Alberta municipality, sharing the personal and confidential information of 3,716 municipal employees. Leaving your network unprotected can leave you vulnerable to these threats.

Read more