Read more about the latest developments on Identity Governance & Administration

Part 2: Mitigating the risk of internal breach

In part one of this blog series, we showed how access governance, in conjunction with automated provisioning and de-provisioning of user accounts are essential in preventing internal data breach on an organization’s network. Today we are going to discuss how to take it a step further, and protect against these internal threats in a hybrid IT environment. There are many solutions on the market focused solely on cloud data protection or network data protection. We have found the reality of most IT environments to be a combination of both. To best offer guidance in protecting against internal threats, let’s look to a hybrid solution for a hybrid problem; namely, HelloID.

Read more

Part 1: Mitigating the risk of internal breach

Companies spend considerable resources protecting against the threat of data breach – and rightly so. A data breach can result in large fines and, more importantly, a damaged reputation. While companies focus most of their efforts on mitigating the risk of external threats such as hackers or viruses, they often overlook internal breaches, which are more common. Internal breaches can sprout from a wide array of motivations. Former employees may be unhappy about being let go; current employees may feel overlooked for an opportunity or simply want to impress a new employer by copying intellectual property or contact lists. The added danger to these threats is that they easily go undetected, as no one is looking for them and ex-employees are likely to know their way around the network. A recent internal breach in 2017 saw the City of Calgary’s payout fines of 92.9 million Canadian dollars. The source of this scandal was allegedly an email sent by a city staffer to an employee of another Alberta municipality, sharing the personal and confidential information of 3,716 municipal employees. Leaving your network unprotected can leave you vulnerable to these threats.

Read more

Why Educational Organizations Need Automated Reporting

In all colleges and schools, data is kept on file servers throughout the network. Access to this data can often be messy and unstructured after years of granting and revoking access to different users. This unstructured data brings with it a level of risk in terms of adhering to compliance such as FERPA and NCES 97-859.

Read more



ERAM , automation , reporting , audit , access