Yesterday I had the opportunity to present at the Air Force Information Technology Conference 2011 on HSPD-12 and its impact on logical access control. While preparing for this session I realized I needed to re-visit Microsoft’s PKI (Public Key Infrastructure); especially changes in Windows 2008, Vista and Windows 7 strong authentication support. The first thing [...]
Interesting partnership. This will certainly help Symantec gain traction in this space. http://insurancenewsnet.com/article.aspx?id=262663&type=newswires
What is ActiveRoles Quick Connect Express? With the latest release of ActiveRoles Quick Connect we bundled the Synchronization engine, the AD connector and the ADLDS (formerly ADAM) connector together. The big news here is that we labeled this core piece “Quick Connect Express” and you can download and used it to sync objects between those [...]
Managing access to applications and data resources can be a time-consuming and error-prone process. IT administrators are often asked to grant access to sensitive data without knowing the business justification why a user should have it. The result may be inappropriate authorization, access delays, or groups that are bloated, outdated and inaccurate. This lack of [...]
One of the conversations I had during my week in Berlin was with Dimitry Kaganski a Sr. Architect here at Quest. He had been asked by a customer, why we were not using Microsoft Outlook Client built-in work-flow to allow Outlook users to click a button to approve or reject work-flow requests in ActiveRoles Server. [...]
Martin Kuppinger of the analyst firm KUPPINGERCOLE wrote an interesting article on how the Siemens DirX Identity provisioning product added Privilege Account Management as a core component. See Is PAM (or PIM or PUM) moving into Provisioning? To me this makes sense from both an infrastructure and resource perspective. It is pretty clear to most [...]
Have you heard of Role mining? Some of my southern relatives worked in coal mines and I’ll tell you Role mining doesn’t seem to be much less work. Role mining is the process by which user accounts in your organziation are mapped to application accounts, permissions, entitlments or resources. Myth: Role mining tells me what [...]
Most legal or regulatory requirements simply state that both Access Controls and Attestation are required for an audit, but they don’t specify if those controls are to be paper based or part of an electronic workflow. Many organizations spend thousands of hours building a paper based set of controls and attestation process only to be [...]
First there is no built-in mechanism to enforce an attestation policy or help perform the access reviews. Microsoft Windows Server and Microsoft Active Directory use groups as the basic mechanism to control access to resources, and most non-Microsoft operating systems and directories use them as well. Because groups are universally accepted as the method by [...]
Shortly after my receiving the notification about Quick Connect for Lotus Notes, I received a note that Quick Connect for Online Services went gold also. The vision for Quick Connect for Online Services is that it will provision cloud based application like Google Premier which provides Internet based applications and collaboration. Like ActiveRoles Quick Connect [...]
