Access Control: Features

Despite some shortcomings, software-based network access control technology that enforces policies on network endpoints is often the first choice of customers who adopt the technology.

Whether they're in branch offices or home offices, workers are increasingly telecommuting instead of working in a traditional centralized office environment.

The annual report from Georgia Tech Information Security Center identifies five evolving cyber security threats, and the news is not good.

If there is truly a gray zone in the struggle between online good and evil, anonymous proxy servers live there.

Role mining and discovery: The ability to collect user access and authorization information from a variety of resources, associate this data with candidate roles and responsibilities, propose alternative roles and leverage decisions made about the data on an ongoing basis.

Role management software enables the creation and lifecycle management of enterprise job roles, according to Forrester Research. It does this by discovering and logically grouping application-level, fine-grained authorizations and entitlements into enterprise job roles, which can then be assigned to people by rule-based provisioning or request-approval workflows.

The role management software vendor community is relatively young, and as such, Burton Group says there is no clear market leader. Vendors can be categorized into two segments: general purpose solutions and embedded solutions.

The generation gap. It's a term that has been used for decades to describe the differences between people in various age groups. Corporations are constantly considering what makes different generations tick when it comes to recruiting and retaining employees. But security experts say companies also need to examine age-based perspectives and habits when it comes to risk assessment and policies.

If there is a Holy Grail in the information security industry, it surely is the answer to the question, "How secure is secure enough?"

Think your security staffers are trustworthy? Competent? Knowledgeable? Ask a security professional for horror stories and you might think again.

Remember the old M&M analogy - security is like an M&M candy, hard shell on the outside, soft on the inside. In other words, put up firewalls, built a strong perimeter and you're good to go. Of course, nobody believes that M&M-type security is sufficient in today's world of insider threats, data leakage, mobile workers, thumb drives and sophisticated malware. So, what's the new metaphor? We asked around and came up with a number of interesting and useful ways to think about enterprise security.