Insider threats – how to fight the vulnerabilities coming from within the company

Insider threats – how to fight the vulnerabilities coming from within the company

Insider Threats

Insider Threats

Recent studies have shown that 50-70% of all attacks on information security are coming from within the organization, and often the length of time that the breach existed is unknown. There are many issues involved in closing the gaps that cause such insider incidents and strenghten the protection of data.

Using the need “need to know” principal, organizations can limit who has access to data. Controls that adjust given access rights to actual needs exist and should be utilized. This webcast session will focus on how to adjust data access rights, implementing the “least privilege principal”, and the use of detective and proactive risk-oriented controls.

Join our 45 min webcast on insider threats on July 28, 2015 at and register here:
Webcast Insider Threats 

IAM for Insurance Provider

Insurer gain secure access to all applications – IAM for insurance provider

IAM for insurance provider

IAM for insurance provider

Insurance providers are often businesses with complex, distributed structures are faced with the challenge of managing complex and heterogeneous IT landscapes centrally and effectively, all the while being under extreme pressure to save time and costs. Mergers and acquisitions have further added to this challenge  in recent years. All the thousands of employees require access to a broad range of different software systems depending on their tasks.

Observations on the Role Life-Cycle

Dynamic organisations need to consider role life-cycle models

Role-Life-Cycle

Role-Life-Cycle

The main goals that companies want to achieve in security administration are enhanced security at a low cost, while coping with the challenges of an increasingly complex IT environment. A high level of security is important to prevent possible losses through fraud and unauthorised disclosure of confidential information. Internal audits often encounter severe security weaknesses which oblige the IT security department to take appropriate countermeasures.

An increasingly dynamic economy is an additional challenge within this context. The most important issues here are the rapid growth of companies, large-scale mergers, the ubiquity of the internet and continuous organisational change.

As most companies intensify their business of the internet, they are dealing with very large numbers of users.

IT Governance as Business Enabler

Access Governance is a must have

Access Governance

Access Governance

Organizations have an ongoing-need to support the companies to reach their strategic objetives. They must enable every employee or involved partner or contractor to perform better. At the same time organizations must manage the involved security risk when using the data and applications . Companies there

fore need to perform role and user management based on audit-compliant processes in order to meet compliance requirements. They require the highest possible level of transparency in order to implement and enforce consistent identity access governance processes.