Action Identity Blog

The primary push for acquiring strong, two-factor authentication is to satisfy the CJIS Mandate.  Many state and local police departments require access to the NCIC (National Crime Information Center).  In order to retain access to this information, all law enforcement agencies must comply with the CJIS Mandate’s demand for strong, two-factor authentication.  The cut-off for this date is at the end 2012, meaning that all law enforcement departments who have not satisfied the requirements of the CJIS Mandate, but wish to retain access to the NCIC, shall be fined.

Read more...

With Identity Management becoming a more prevalent and a bigger part of your business, you’re going to want an application that can keep an eye on anything that might go wrong in your system. For that purpose, NetIQ Sentinel 7 Log Manager is the perfect tool. With its near plug-and-play installation, and one-click reporting, Sentinel 7 Log Manager can make the lives of your IT personnel easier, and make the cost of deployment, management, and storage shrink.

Read more...

Single sign-on, or SSO, is a type of access control for software systems to use to authenticate users’ credentials when accessing secure systems. SSO helps reduce password phishing and password fatigue by allowing the users to only enter their password once. This extra form of authentication also supports conventional authentication like Windows Credentials, and allows a company using SSO to reduce the costs of IT help desk calls regarding forgotten passwords. There are many vendors out in the marketplace for Single Sign-on software, but one that is exceptional and easy to integrate into most Windows based systems is Novell SecureLogin 7.

Read more...

Health care systems have a lot of responsibility protecting and maintaining the information patients provide them. Throughout the years, many rules and policies have been set into place protecting patients’ information. Starting in 2003, the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule came into effect requiring the confidentiality of patient records on paper and set retention periods for some kinds of medical information regardless of media. On April 21, 2005, the HIPAA Security Rule went into effect for larger organizations mandating the protection and control of electronic medical records, or EMRs.

Read more...

2011 has probably been one of the worst years for security breaches in the history of networking.  As I write this post, I am looking at reports of private information left available in a publicly readable location or sold by employees looking for a quick buck -and this all within the last month!  Organizations clearly have more threats than ever, both from within and without.

Read more...