Peer-Driven Insights

Identity & Access Management (IAM)

Featured One-Minute Insights

Sept 2024

How are U.S. CISOs Addressing Liability Risk?

New regulations taking effect in the U.S. mean that cybersecurity leaders could face legal liability in the event of an incident. What strategies are they using to protect themselves?
How are U.S. CISOs Addressing Liability Risk?

Active Ambassadors in This Topic

Rathik Pathak

Rathik Pathak

JM Financial Services Ltd

Travel and Hospitality, 1k - 5k

India
View All Community Ambassadors

Community Posts

What is the difference between SSO and SAML?

Read More Comments

If these companies were affected then the foundation of computing could be at risk. If you could manipulate at the hardware layer via the firmware, BIOS, ect then a threat actor could weaponize well below the operating system which brings in to question the integrity of the entire computing stack and everything above it.  The firmware and bios are like the rebar and concrete for a building. If that foundation is weak then the entire structure and anything dependent on it is at risk. We cannot underestimate the potential or the severity of these companies being potentially affected by the SolarWinds hack and what that means for the foundational computing hardware they provide to the world.  What do others think ?  How could this impact your organization ?  

Big tech companies including Intel, Nvidia, and Cisco were all infected during the SolarWinds hack - The Verge

Anyone using hard tokens/hardware-based MFA? What's your experience?

Read More Comments

What would you improve about your user access review process?

Read More Comments

Has anyone tweaked their PACS (physical access control system) to optimize for a hybrid office? Any best practices to share for assessment (e.g., forms) and implementation?

Read More Comments

dentist: so, are you flossing? me: are you using a unique password for every account? Jokes apart, how big of a problem is password management and support in your environment?

What is the difference between EDR and XDR?

Read More Comments

Question about SSO and WordPress: Does anybody have experience with miniorange? They seem to have a bunch of interesting solutions. The first workflow I'm looking at is to use the user DB from one WP site on to a second one with a simple plugin, but they also have more advanced options like managing the full LDAP or syncing 3rd party apps. This could be interesting to link a download center with a LMS system swell as the internal Office365 users and clients using a Jira or confluence system. Other options would be Okta and Onelogin it seems. https://plugins.miniorange.com/single-sign-on-sso-between-two-wordpress-sites 

How do you see the identity industry evolving, given that many people still use active directory?

Read More Comments

What password-alternative technology will eventually dominate?

Has your organization managed to implement zero trust access?

Read More Comments

What headline-trend or buzzword makes you cringe the most?

Big Data16%

Remote Work19%

Microservices / Containerization13%

CI / CD7%

Zero-Trust15%

Automation2%

Digital Transformation17%

Cloud / Cloud Native2%

DevOps or DevSecOps3%

Other (comment)1%

View Results

What Microsoft security tools can displace third-party vendors? Which ones do you think can in the future?

Read More Comments

Do you still experience pushback on implementing robust password policies at your organization?

Read More Comments

If you were paying for an Identity Theft protection service, would you upgrade to add phishing monitoring capabilities that would immediately notify you if your credentials were stolen or being exposed in a phishing attack?

Yes90%

No9%

Which is the best VPN for business?

Perimeter 818%

ExpressVPN40%

NordVPN Teams21%

Twingate9%

Windscribe5%

CyberGhost4%

IPVanish

Other (comment below!)11%

View Results