It is important to frequently check the XP / Vista and Server Event Viewer to review log files for possible security concerns. It is optimal to log a minimum of seven days of activity in the application, system, and security logs. In order to maintain the information for seven days, users need to increase the… Continue reading Event Viewer Log Review
Tag: Authentication – RBAC – SOD – IRM (342)
Legacy – PC Various Hardware speeds
Service Value Units ECP/EPP PC to PC Connection (Parallel Port) 2 Mbps ATA Hard Drive PIO Mode 0 3.33 Mbps ATA Hard Drive PIO Mode 1 5.22 Mbps Asymmetric Digital Subscriber Line (ADSL) Downstream 6 Mbps ATA Hard Drive PIO Mode 2 8.33 Mbps ATA Hard Drive PIO Mode 3 11.11 Mbps Universal Serial… Continue reading Legacy – PC Various Hardware speeds
What is Single Sign-On
With Single Sign-On a user needs only one user ID and password this eliminates the security headaches and vulnerabilities associated with multiple IDs / passwords. This solution simplifies and frees security administrators from the mundane task of assigning passwords, enabling them to perform much more important tasks that directly impact the success of your. Single… Continue reading What is Single Sign-On
IAM Useful Glossary
Access Control An access control limits the use of a resource. Only those people, programs or devices that are specifically permitted to use the resource will have access. In addition, an access control will usually limit use to specific types of access; someone can read a file but not change it, for example. Access Management… Continue reading IAM Useful Glossary
Sample SSO Deployment
Process / Functional Requirements Functionality: Users should login only once to their PC. Then be able to access all applications without logging in again. If integration of Single Sign On solution is not possible with NT domain/AD, users should be able to log into one application and be automatically authenticated for others. Log Out: User… Continue reading Sample SSO Deployment
Sample Visio – IAM Deployment Process
The first step in implementing an identity management solution is identifying business objectives, policies and strategies both current and future. next, a complete evaluation of the identity repositories, current identity management implementations (i.e., synchronizing messaging and desktop Ids), political boundaries and current vendor capital investments and loyalty. This is needed to determine the type, value… Continue reading Sample Visio – IAM Deployment Process
Knowledge Management Key Points
Regulators have updated Contingency Planning guidance since 9-11. Financial institutions should ensure that Disaster Recovery and contingency include any new requirements. Financial institutions should compare federal and state regulatory requirements to ensure more stringent requirements are adequately addressed. Review existing plans to ensure natural area, building complex and terrorist events are considered. Make sure plans… Continue reading Knowledge Management Key Points
Identity (IdM) Warehouse described
Support for hierarchical organizational units-organizational structure, reporting structure or functional units Application Metadata Definition Simplified user and entitlements import process – Import from csv, xml, txt and other format files – Import directly from some ldap & odbc sources – Import from Identity Management Systems – Import using RBAC ETL processing • Flexible User Entitlements Correlation Engine • Import… Continue reading Identity (IdM) Warehouse described
Role Based Access Market Needs
Determine – ‘Who has access to what’ – ‘If people have the right access for their job’ • Demonstrate compliance to auditors – RBAC Model – Recertification of Entitlements • Efficient User Access Process – Assign access based on ‘business roles’ – Simplified process for creating and managing roles • Clean up orphaned accounts, legacy system accounts and access outside… Continue reading Role Based Access Market Needs
Identity Compliance Described
Supports enterprise level monitoring of access for segregation of duty (SoD) and security policy conflicts Ability to define rules across any platform / database / application or user’s attributes Support for inter and intra application security policy enforcement Monitoring of SoD, role vs actual exceptions, and terminated users with active accounts exceptions Comprehensive list of… Continue reading Identity Compliance Described
Digital Rights Management Key Subjects
Management of the DRM Function Data Resource Management Sample Charter / Mission Statement Goals, Objectives and Critical Success Factors Benefits of Data Resource Management Enterprise-wide Data Management Process Maturity Data Resource Management Job Descriptions Data Resource Activities The Framework for Enterprise Architecture Information Stewardship Accountability for Information Quality Repository Management Building the Meta Data Repository… Continue reading Digital Rights Management Key Subjects