Published:
May 14 2013, 04:01 PM
|
no comments
by
Henk van der Heijden
Social media is fast becoming the identity mechanism of choice to log into popular sites and company information. Looking to find the right music on Spotify? Want to connect with the world’s professionals on LinkedIn? You can now simply log in via your Facebook account. The UK Government may even soon allow citizens to use their social media identity to access public services safely and securely as part of the Identity Assurance (IDA) program. It’s called ‘Bring Your Own Identity’—and it is set to go mainstream. Don’t just take my word for it. A recent study commissioned by CA Technologies and produced by the research firm Quocirca, for example, found that more than a quarter of commercial organizations use social media as a source of identity...
Read more...
By: Henk van der Heijden
Henk is responsible for Security Sales in Europe. He is an information security professional with over 24 years’ experience in IT sales and services.
Henk has an illustrious history of producing results through new sales and business development both in the Netherlands and across Europe. In his previous...
Read More..
Published:
May 14 2013, 02:07 PM
|
no comments
by
Chris Wraight
On May 7, Andras Cser of Forrester Research, Inc. posted a thought-provoking blog entry entitled “ XACML is Dead ” which postulated that there wasn’t any future for XACML. At CA Technologies we have long supported a broad range of industry standards such as LDAP, X.509, WS-Federation, SAML, WS-Security, REST, SPML as well as more recent standards like OpenID, OpenID Connect and OAuth, thereby successfully shielding our customers from having to develop support for complex security protocols such as these. This has the benefit of helping our customers to quickly incorporate them into their application infrastructure as needed and at a lower overall cost. From our perspective, XACML 3.0 was recently ratified and we endorse the additional activity...
Read more...
By: Chris Wraight
Chris Wraight has spent 25+ years in the technology world in various positions of product management, marketing and sales. He is currently working on CA Inc.'s Access Control security product in its Security Management business. Chris has a B.S. in Management with Computer Applications from WPI.
Read More..
Published:
May 13 2013, 10:20 AM
|
no comments
by
Sumner Blount
The “good old days” are gone forever. Those were the days when IT environments were more predictable and easier to control. The user population and their access patterns were more easily defined. Stick a firewall in front of key systems, create some controls around who can access what, and you’re done. The world is far different now. The headlong march towards the cloud has made the prototypical datacenter a thing of the past, or at least has caused a significant evolution in its essential characteristics. Applications and data are now distributed around multiple datacenters, possibly even globally, and possibly in locations that you might not even be aware of. But this is a good thing, because cloud services have enabled a level of business...
Read more...
By: Sumner Blount
Sumner Blount has spent his 25-year career focused on the development and marketing of software products for a range of top-tier enterprise IT firms. Currently, he’s a Director in the Security business unit at CA. Previously he managed the large computer operating system development group at Digital...
Read More..
Published:
May 10 2013, 01:51 PM
|
no comments
by
Russell Miller
It is tempting to think about cyber-attacks as an ever-present, but unchanging threat. To the contrary, attacker profiles have shifted, and new goals and sources of motivation have fundamentally altered the nature of the threat landscape. The trends driving this shift include: The militarization of cyber-attacks. Network penetrations to cause damage and steal intellectual property are now commonly state-sponsored, with highly-trained, disciplined and patient attackers. Military attackers can have access to resources such as training, computing power, and cutting-edge R&D not available to previous generations of attackers. Targets include critical infrastructure to the capture of foreign intellectual property. Recent reports have gone so...
Read more...
By: Russell Miller
Russell Miller has spent over five years in network security in various roles from ethical hacking to solutions marketing. He currently manages marketing activities for the CA ControlMinder products. Russell has a B.A. in Computer Science from Middlebury College and an M.B.A. from the MIT Sloan School...
Read More..
Published:
May 06 2013, 10:18 AM
|
no comments
by
Jim Reno
Like Google and others, Apple recently rolled out new two-factor authentication technology, under the name “two-step verification,” which users can add to their Apple IDs. It’s an optional security measure that applies when the user tries to perform account management operations. Again like Google, it isn’t used for every login, although the specific cases when it is used are different: Google uses the additional factor sometimes during normal login, but Apple uses it only when doing things like changing or resetting a password. I explored the information on Apple’s web site, particularly the FAQs, relating to two-step verification. I also tried adding it to an Apple ID myself to get a feel for the user experience. It’s interesting to me because...
Read more...
By: Jim Reno
Jim Reno is Chief Security architect at CA Technologies. He joined the company with the Arcot acquisition which was completed in October 2010. Jim is one of the inventors of the 3-D Secure protocol used in the Verified by Visa and MasterCard SecureCode programs and he holds multiple patents in the area...
Read More..