Security > Authentication & Access ControlEssentials

Most IT staff would steal sensitive company information, including CEO's passwords and customer details, if they were laid off, according to a new survey from Cyber-Ark.

Sun Tuesday released a commercial version of OpenSSO offering full support and indemnity as it works towards its promise to open source all its software.

What is the solution to the growing number and risks of the identities that are now connected with us all? Will a simple identity trust framework be part of such a solution? How will users be able to reduce the number of passwords they have to handle? This article will attempt to explore these questions.

Nortel hopes to tackle the security of remote work with an "office on a stick," a USB drive that can link an employee's PC with a corporate VPN and keep all the information from a session encrypted.

While external data breaches involving household brand names such as TJX tend to grab more headlines, insider data thefts are emerging as compliance and reputational risks for organizations. Recent studies suggest that over 60 per cent of data breaches originate from an internal source or event. One reason for this is that in today's data-rich environment organizations continue to struggle with the 'human element' at the heart of data security. It can be extremely difficult to balance the protection of sensitive data with granting access to employees who need it to complete their daily job requirements. To that end, organizations have implemented several new security measures including employee education programs, data access monitoring, and strict policies regarding USB ports and portable devices. Although these are steps in a positive direction, little has been done to study and understand how the data is exploited once it leaves an organization.

Two well-known Web sites have completed implementations of MySpace's data portability program, which has also been modified to allow a degree of user data caching and storage by external Web sites and to support the OpenID single sign-on method, MySpace announced Monday.

Trusted Computing Group has expanded its interest in NAC to include the way devices behave once they have been admitted to networks, and the group is demonstrating this capability at Interop Las Vegas.

A quick highlight of products from CyberArk, eDMZ Security, Quest and Symark.

Looking to expand its line of identity management products, Hitachi has bought a majority ownership interest in M-Tech Information Technology, a vendor of password management software.

Microsoft's network access control client in Vista and now in Windows XP has a lot of IT executives excited, according to an informal poll of about 250 attendees of an Interop Las Vegas NAC seminar who are actively considering deploying the access technology.