Latest Blogs

The IDaaS market has evolved over the past few years and is still growing, both in size and in the number of vendors. However, under the umbrella term of IDaaS, we find a variety of offerings. IDaaS, in general, provides Identity & Access Management capabilities as a service, ranging from Single Sign-On to full Identity Provisioning for both on-premise and cloud solutions. These solutions also vary in their support for different groups of users – such as employees, business partners, and customers – their support for mobile users, and their integration capabilities back to on-premise environments. ...

Social sign-ons are not meant to and should not be used to protect sensitive assets. Of greater concern is that data sharing is a two-way street. When a company uses single sign-on, it gets information such as email addresses and geographical locations from the social network; however, it also may be giving information about its users’ behaviors back to the social network. Businesses should understand which user information they are sharing when they agree to the terms of the social network.

A useful and growing field in the area of identity authentication is biometrics. The three major accepted factors for identification are knowing something, having something and being something. A person can identify themselves through demonstrating a secret piece of knowledge such as a password or PIN, producing an access card, fob or key or presenting something that is a part of them, like their fingerprint. The last category is what we mean when we talk about biometrics. ...

One of the most exciting advances in identity protection today is context-based authentication and authorization. You may also hear it called “adaptive” authentication and authorization. Context-based access uses analytic data that an identity platform compiles as part of the authorization and authentication process to improve authentication methods. These analytic-enhanced authentication methods should be even more effective at enhancing consumer safety and reducing online fraud. ...

Essentially, a virtual directory server is a way to visualize the data between applications that are fundamentally incompatible, as well as directory servers and data stores that are incompatible. A virtual directory server is a type of software application known as a middleware application, and it abstracts back-end data from client software applications, which makes it possible to change the presentation of the data dynamically. You can simply integrate new applications into your current identity infrastructure without needing to alter directory data – your data stays in its original format and place.  ...

...

According to Gartner, “Niche Players provide access management technology that is a good match for specific use cases. They may focus on specific industries or have a geographically limited footprint; however, they can actually outperform many competitors.” ...

...

A Zero Trust model begins with strong identity and access management (IAM) solutions. The challenge is how to balance between absolute assurance (thereby  promoting maximum security) and end-user productivity and usability. The user identity can be challenged in many ways – for example, by requiring a hardware token or asking the person to answer a series of security questions – but overtly challenging the user can cause frustration and lead to lost productivity. ...