Identity Governance and Compliance

identity management featured

Identity, authorization, and authentication are some of the hottest topics in cybersecurity right now, with 80% of attacks involving some form of compromised identity. The proliferation of cloud-based and managed infrastructure and primarily data-driven organizations has made identity and security a top priority for organizations and regulatory bodies. 

Here, we’ll talk about identity governance–what it is, why it’s essential, and how it fits into major regulations and security frameworks. 

 

Read More

Timeline for PCI DSS 4.0: The Eighth Requirement and Strong Authentication

pci dss 4.0 featured

Moving through the requirements of PCI DSS 4.0, we’re well over halfway through. During this journey, we’ve touched on cryptography, security and perimeter management, network security, authorization, and other critical security considerations. Now, we come up against the authentication and identity management problem with the eighth requirement. 

Authentication isn’t simply about passwords and CAPTCHAs, however. Regarding payment processing and protecting cardholder data, retailers and processors are expected to implement strong and effective authentication at the point of purchase and in any system that holds PAN information. 

 

Read More