Access Management


Five Ways Identity and Access Management (IAM) Cuts the Cost of Unemployment Insurance Fraud

Recent web searches show the massive volume of unemployment insurance fraud occurring across the United States. The increase in unemployment claims due to job losses stemming from the COVID-19 pandemic, coupled with aging IT systems, have led to an increase in identity theft, fraud, and loss of federal tax dollars. The State of Rhode Island estimates 43% of its unemployment claims in the past year may be fraudulent. California lost over $11 billion dollars to fraud in the past year.


AWS IAM Privilege Escalation - Threat Research Release March 2021

The Splunk Threat Research Team recently developed an analytic story to help security operations center (SOC) analysts detect adversaries attempting to escalate their privileges and gain elevated access to Amazon Web Services (AWS) resources. In this blog, we’ll walk you through an AWS privilege escalation analytic story, demonstrate how we simulated these attacks using Atomic Red Team, collect and analyze the AWS cloudtrail logs, and highlight a few detections from the March 2021 releases.


IAM Policy Basics and Best Practices

One of the most powerful aspects of AWS is their Identity and Access Management (IAM) service. The obvious aspect of its power is that it controls who can do what with all the resources inside your AWS account. But the non-obvious side is how configurable it is. You can encode permissions that are so finely grained that a Lambda Function could, for example, be given just enough permissions to be able to read one attribute from one record for the current user of a DynamoDB Table.


Identity and Access Management vs Password Managers: What's the Difference?

Identity and access management best practices dictate that an organization provide one digital identity per individual. That identity can be maintained, monitored, and modified as needed while the user works on different projects and in different roles. However, strong IAM requires the use of tools and platforms, in addition to the principle of least privilege, to keep valuable information secure. [Read: 5 Identity and Access Management Best Practices]


Five Key Identity Governance Features That Your Identity and Access Management Solution Does NOT Support

Since the start of the COVID-19 pandemic, identity management has taken center stage as the key enterprise security practice for enabling remote workforces while protecting company data and IT services.


IAM 101 Series: What Is Hybrid IAM?

Cloud identity and access management (IAM) is a fast-growing trend that is predicted to extend well into the future. For example, Verified Market Research alone projects that, by 2027, the market for cloud IAM will be more than $14 billion. Yet, while the cloud-based IAM market is exploding, the reality is not all roses. In our last IAM 101 post, What are Hybrid IT and Hybrid Cloud?, we discussed the differences, benefits, and disadvantages of hybrid IT and hybrid cloud.


IAM 101 Series: What are Hybrid IT and Hybrid Cloud?

Organizations are rapidly adopting hybrid IT and hybrid cloud architectures. In fact, Gartner predicts that spending on public cloud services in 2021 will total more than $304 billion. And, as it pertains to identity and access management (IAM), Verified Market Research projects that, by 2027, the market for cloud-based IAM will be more than $14 billion.


How to prevent supply chain attacks by securing PAM

The SolarWinds supply chain attack against the US Government was the largest and most sophisticated breach in history. A post mortem operation is still underway and with every stage of its progression, cybersecurity experts become increasingly flabbergasted at the INNOVATIVE complexity of the techniques used. But despite nation-state's efforts to conceal their tactics, they left some highly-valuable clues about their methods that could be leveraged to sharpen supply chain attack defenses.


5 Identity and Access Management Best Practices

Stolen credentials are among the biggest threats to data security across industries, accounting for around 90% of data breaches. The identity and access management market — consisting of expertise, identity access management tools, and software, and training — is predicted to grow from about $10 billion in 2019 to over $22 billion by 2024. Here’s what you need to know about this increasingly important aspect of data security.


What is Access Control? Key data security component

Access control is unarguably one of the essential aspects of information security. It is the means or method by which your business or any entity or organisation of interest can deny access to an object to subjects or entities not permitted specific access rights. Access control provides an organisational means to limit and control access permission to and by end-users and other interested entities to grant only approved and adequate access.