Tag: RSA Conference

How Not To Enhance Your Customers Security

RSA Conference is a little too big to be manageable any more. But a quick glance at the companies showing up at the 2016 edition and at the session topics is always a good indicator of current trends. And so it is with a mix of interest and disappointment that I take in the (long)

Microsoft releases U-Prove under OSP

Back in 2008, Microsoft acquired some innovative technology called U-Prove that promised to solve an age old privacy question: How can I disclose the minimal information that I need to for the purpose of an online transaction, without having to also disclose additional (sensitive) information to establish trust in that first set of data. U-Prove

RSA Conf. Notes: Looking For Practical Approaches to IAM

I attended a very informative session entitled “Enterprise IAM Challenges – A Practical Approach to RBAC” given by Jeff Bardin, the CISO at Investors Bank and Trust. It was a frank, open account of his experience leading a team on an IAM project that took his previous employer from a failed audit to a successful

RSA Conf. Notes: Talking about Account Reconciliation

I attended a session titled “Delivering Security Integration with Compliance” by IBM’s Stuart McIrvine. During the session, he laid out the various governance frameworks for IdM (SOX, COSO and COBIT among others) and detailed how IBM’s Tivoli family of IdM products could be used to implement them as part of an IdM practice. As he

RSA Conf. Notes: Unfortunate Coincidence or…?

I’m here at the annual RSA Conference, and it is just as busy as every year. Everyone who is anyone in security is here, which is why certain vendors are conspicuous by their absence (talk about reverse marketing), but that’s a different issue. Every year, it seems like one topic is at the top of

My thoughts heading into 2007

It has been a long time since my last post. The fact that it coincided with the holiday season shouldn’t lead you to think that I was enjoying some well deserved time off. It has, in fact, been quite the opposite. Things have been really busy in the identity management group recently, and I have