1(630)802-8605 Ravi.das@bn-inc.net

In today’s blog, we start up our theme on the Identity Access Manager.  In a way, it is like the Password Manager, but it is used at a much higher level that just for passwords.  Rather, it is used by the entire business or corporation to protect its IT assets and related Intellectual Property.  Here we go:

Introduction

In today’s environment, both on a professional and personal level, we are constantly accessing resources through our wireless devices, Smartphones, laptops, notebooks, etc. We access information in order to fulfill two types of needs:

  • Curiosity;
  • We need an answer to a specific question, or a response to a specific scenario.

Keep in mind that all of this information we are accessing comes from online resources.  Most of this can be simply gleaned by going to a web page, and filtering for what we need.  But then, there are also those resources which possess a much more granular level of detail, and thus they can only be accessed by having the necessary clearance privileges, namely the password.

But, with the level of the sophistication of Cyber based attacks we are seeing these days, simply using the traditional username/password combination is now proving to be the weakest link in the security chain.  For example:

  • It is very easy for a Cyber hacker to launch a dictionary style attack against a server in order to hijack the passwords of each individual;
  • The most commonly used password is “Password”;
  • Most passwords are created with the weakest levels of security entropy in mind. For example, passwords are often formulated using the name of a favorite color, name of a best friend, name of a pet, a birthdate, name of company that one works for, etc.
  • Businesses and corporations these days are now mandating the use of extremely long and complex passwords. For instance, the password must be at least 10 characters long, and has to consist of punctuation marks, numbers, and both uppercase and lowercase letters.  Because it is so difficult to remember these passwords, employees are now writing them down on Post It Notes, and attaching it to their workstation monitor in plain sight.  This has become known as the “Post It Syndrome”.  This has gave security consequences, as anybody can see these passwords in plain sight and steal them.

In tomorrow’s post, we start to look into the nitty gritty of the Identity Access Manager.  So stay tuned!!!