Showing posts with label B2B. Show all posts
Showing posts with label B2B. Show all posts

Wednesday, December 23, 2020

You need a Cyber strategy

 https://devops.com/the-best-iam-practices-for-devops/

Most orgs fail to have an internal IAM policy, a partner IAM strategy (B2B), as well as a customer (B2C) strategy.  Due to that, the orgs is all over the place.

Furthermore, the article discusses unstructured data (cloud storage) that is often an issue for orgs as the lack of a strategy leads to a lack of data governance (classification, access controls, etc).  

Posted by at No comments:
Labels: , , , , ,

Tuesday, December 6, 2016

Are passwords going away?

With the introduction of additional associations and research organizations (e.g., FIDO: https://fidoalliance.org/) focused on negating the need for passwords, one might ask if they are going away.

The answer is no, not really.  Password-based credentials will still be around, especially within enterprises, for years to come.  Especially for legacy systems, and administrative access.

With that said, business-to-consumer (B2C) authentication for enterprises will morph considerably, as it already has.  And for that matter, so has business-to-business (B2B) authentication with PKI / x.509 certificate-based authentication for point-to-point VPN / RESTful API.

So, compensating controls in the way of conditional access (CA), multi-factor authentication (MFA: biometrics, OTP, voice, security challenge / questions), etc. will take the lead in identity verification, but passwords will be around for a long time.
Posted by at No comments:
Labels: , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)