In Depth

In Depth

Identity and access management products

• Five ways to ensure remote working security and compliance

  A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security  Continue Reading

• The rise and rise of supply chain attacks

  Supply chain attacks in Asia-Pacific and elsewhere have intensified as cyber threat actors look to exploit the weakest links in business and digital supply chains  Continue Reading

• Buying a VPN? Here’s what you need to know

  VPNs are an effective cyber security tool for businesses and remote workers, but there are many things to consider before purchasing and implementing one. We explore some of these  Continue Reading

• How do I get my users to pay attention to security training?

  As cyber security risks grow daily, businesses must educate staff about these through cyber awareness training. But how can they ensure this is taken seriously by employees?  Continue Reading

• Deploying productivity monitoring software ethically

  While software that tracks the activities of staff can be helpful to companies with a remote workforce, managers must consider employees’ concerns and privacy  Continue Reading

• How can healthcare organisations fight increased cyber crime in 2021?

  As the Covid-19 pandemic enters what may be its most dangerous phase, we explore how healthcare organisations can ward off cyber threats while preserving their ability to deliver critical care  Continue Reading

• Picking the right IAM tools is based on more than today’s needs

  With remote working now normal, it is important to take proactive steps in managing credentials across platforms that can be subject to multiple data protection regulations. IAM services can streamline this process, but care must be taken to ensure ...  Continue Reading

• Security Long Reads: Cyber insiders reveal what’s to come in 2021

  In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021  Continue Reading

• Post-pandemic approaches to IAM for cloud security

  Cloud technology may have saved businesses from catastrophe during the pandemic, but it has also introduced additional challenges around identity and access management. Here’s why IAM policies are crucial in the new normal  Continue Reading

• Credential stuffing: When DDoS isn’t DDoS

  Ten years ago, credential stuffing attacks posed a comparatively minor threat, but with an escalating number of data breaches, the threat posed has now increased. What are the solutions to this very human problem?  Continue Reading

• APT groups’ mobile momentum finally faces resistance

  State-backed APT groups are increasingly targeting mobile devices as Covid-19 puts the spotlight on remote working infrastructure security. We explore how the industry is fighting back  Continue Reading

• How to apply zero-trust models to container security

  Containers have become a common fixture in software development, but they have resulted in new concerns for security teams. Is zero-trust the answer to tackling them?  Continue Reading

• What are the security priorities for the post-coronavirus world?

  The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising?  Continue Reading

• How APAC firms are coping with the Covid-19 outbreak

  The air of change looms large in companies operating in the Asia-Pacific region, with some doing better than others in keeping the lights on amid the coronavirus pandemic  Continue Reading

• Why security validation matters

  FireEye’s top executives in Asia-Pacific discuss the benefits of security validation and offer their take on the region’s cyber threat landscape  Continue Reading

• Coronavirus: How to implement safe and secure remote working

  Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves  Continue Reading

• Inside the SOC: the nerve centre of security operations

  Security operations centres are the bedrock of any cyber defence strategy, but operating one is increasingly challenging, with mounting workloads and a shortage of skilled personnel  Continue Reading

• Startup uses machine learning to support GDPR’s right to be forgotten

  Non-intrusive algorithms enable users to track which companies hold their data, so they can take it back  Continue Reading

• McAfee’s push for secure cloud adoption

  Organisations must do more to secure their cloud environments as malicious actors increasingly focus their attention on exploiting cloud vulnerabilities, says McAfee  Continue Reading

• Putting blockchain technology to good use

  Experts share their views on the best and most effective ways information security professionals can use blockchain technology  Continue Reading

• Inside blockchain and its various applications

  We explore the technology around blockchain shaping how businesses use data  Continue Reading

• Mitigating social engineering attacks with MFA

  The growing frequency of social engineering attacks highlights the increasing need for organisations to take steps to mitigate the effects of phishing  Continue Reading

• How to bolster IAM strategies using automation

  Identity and access management processes and technologies play an important role in security strategies, but organisations and IT professionals need to ensure these strategies are robust enough to deal with new threats  Continue Reading

• How IT pros are building resilience against email security threats

  For most people, emails are an easy and harmless way to communicate in the workplace, but they could also be a security disaster waiting to happen  Continue Reading

• Facebook’s privacy game – how Zuckerberg backtracked on promises to protect personal data

  Facebook promised its users privacy then quietly abandoned its promises in pursuit of profits. Now it faces antitrust regulation  Continue Reading

• Data governance: The importance of getting it right

  With ever-increasing storage capacity, organisations are needing to take more control of their file management systems with thorough data governance policies. Otherwise, they run the risk of project data being exposed  Continue Reading

• A guide to choosing cloud-based security services

  Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security  Continue Reading

• It’s complicated: How enterprises are approaching IAM challenges

  Identity and access management challenges are evolving with digital transformation. Computer Weekly explores some of the ways organisations are ensuring the right people gain the right access to the right resources  Continue Reading

• An insider’s look into the dark web

  A principal research scientist at Sophos offers a glimpse into the abysses of the dark web in a bid to uncover what cyber crooks are up to  Continue Reading

• How Australia is keeping pace with ICS threats

  Besides bridging the security gap between IT and operational technology teams, Australia is driving efforts to bolster the security of IoT devices  Continue Reading

• Cyber resilience key to securing industrial control systems

  Operators of industrial control systems can build greater cyber resilience by getting IT and operational technology teams to work more closely together and improving the visibility of their infrastructure, among other security measures  Continue Reading

• Digital identity: Is the puzzle about to be solved?

  Solving the digital identity problem is key to the future of the digital economy as a whole – but how close are we? Computer Weekly looks at what is happening with Gov.uk Verify, private sector involvement, and lessons the UK could learn from other ...  Continue Reading

• Getting a handle on mobile security in your enterprise

  Everyone now has a mobile device at work, so how can enterprises ensure they are secure?  Continue Reading

• Where the device hits the network – a mobile device management update

  As business becomes increasingly mobile, we look at the latest trends in mobile device management to give businesses the edge  Continue Reading

• Dealing with data under GDPR

  With the General Data Protection Regulation due to be enforced next year, Computer Weekly looks at how to address the requirements to suit your business  Continue Reading

• What it takes for Singapore’s digital ID system to succeed

  Strong data protection measures and private sector collaboration will be instrumental to the success of Singapore’s upcoming national digital identification system  Continue Reading

• Enterprise wireless: trends and developments in 2017

  What will be the main developments in wireless this year and what challenges will this bring to enterprises?  Continue Reading

• The cyber threats lurking within every company

  Insider threats have been around for a long time, but it is only recently that people have begun to acknowledge the true danger they pose  Continue Reading

• The problem of passwords and how to deal with it

  Security experts have long recognised passwords as inadequate, but finally technology is offering some viable alternative authentication methods that businesses can explore to keep their data safe  Continue Reading

• How to manage IT access for external users

  Identity and access management has extended from being solely an internal IT management process to focus on external business engagement too  Continue Reading

• IAM is the future for managing data security

  Why identity and access management is taking centre stage in companies’ access policies  Continue Reading

• The true cost of a cyber security breach in Australia

  The costs of cyber security breaches can quickly add up with fines, reputational damage and overhauls to network security all hitting the coffers. The case of one Australian firm shows why paying a ransom to a hacker might be tempting.  Continue Reading

• How technology is helping deliver aid to Syrian refugees in the Middle East

  The Syrian refugee crisis has engulfed the Middle East, but technology is proving to be an essential tool to help aid organisations support displaced people  Continue Reading

• Mobile strategies increase need for data loss prevention technology in Europe

  Data loss prevention technology that covers all popular mobile platforms and is easy to use and implement is called for as mobile strategies evolve  Continue Reading

• Mobile security -- what works and what doesn't?

  Experts told the CW500 Security Club how mobility brings new challenges to security departments and an opportunity to go beyond building walls around the enterprise  Continue Reading

• Asean organizations braced for cyber attack

  As an emerging economic power bloc, Asean is bracing itself for an influx of cyber crimes as hackers look for lucrative targets  Continue Reading

• Australian businesses under cyber attack

  What are the cyber security risks facing businesses in Australia and New Zealand and how are organisations addressing them?  Continue Reading

• Belgium gets the market to solve authentication for free

  The Belgian federal public service Fedict is responsible for defining and implementing the federal e-government strategy in Belgium  Continue Reading

• Bill Binney, the ‘original’ NSA whistleblower, on Snowden, 9/11 and illegal surveillance

  Always a patriot: Computer Weekly talks to Bill Binney, the senior NSA official who blew the whistle before Edward Snowden  Continue Reading

• Companies must act quickly to tackle cyber crime

  With cyber attacks becoming more sophisticated and widespread, companies must take stronger measures to prevent and tackle them  Continue Reading

• Companies must act quickly to combat cyber crime

  With cyber attacks becoming more sophisticated and widespread, companies must take stronger measures to prevent and tackle them  Continue Reading

• Interview: Fujitsu CTO Joseph Reger on human-centric innovation

  Joseph Reger, Fujitsu's EMEIA CTO, discusses human-centric innovation and the need for responsible attitudes to technology  Continue Reading

• Companies driving growth of cloud

  Companies and organisations are increasingly adopting cloud services for more secure and efficient device management  Continue Reading

• The business challenges and benefits of identity and access management

  IT leaders gathered at a CW500 Club meeting to hear from peers about the challenges of identity and access management  Continue Reading

• What ingredients go into the successful app store?

  An enterprise app store should provide the controlled availability of apps for employees.We look at what is available for organisations to use  Continue Reading

• CW 500 Security Club: Securing the end point: a key challenge for business

  With multitudes of devices connecting businesses and their customers to interlinking systems, securing the end point has never been more vital  Continue Reading

• Businesses are beginning to adopt context-based security

  It is more than 10 years since context-aware security was proposed. We look at how the technology has evolved.  Continue Reading

• Hacktivism: good or evil?

  IT lawyer Dai Davis looks at the rise of hacktivism and its impact on business and international politics  Continue Reading

• Collaboration is key in enterprise security puzzle

  Collaboration is key to security, cyber security professionals told attendees of Trend Micro’s customer event in London  Continue Reading

• Security experts struggle to solve access conundrum

  Finding the balance between the needs of the business and its regulatory requirements is an ongoing challenge.  Continue Reading

• Digital identities could help to improve enterprise BYOD

  Allowing employees to use their own digital identity may reduce issues such as remembering multiple passwords and security reporting.  Continue Reading

• Manage identity and access to improve business processes

  Streamlining identity and access management is essential to exploiting your organisation’s assets and employees’ productivity.  Continue Reading

• CW500: Managing the mobile workforce (part 1)

  Mobile working has transformed Colt Telecommunications beyond recognition over the past three years  Continue Reading

• Interview: Angela Tucci, chief strategy officer, Symantec

  Angela Tucci, chief strategy officer at Symantec, talks to Computer Weekly about the company's strategic plans  Continue Reading

• Royal Holloway 2012: Designing a secure contactless payment system

  In his Royal Holloway thesis, Albert Attard proposes a contactless payment system to make card-not-present credit card transactions more secure.  Continue Reading

• Bank of India’s 2FA with mutual authentication goes beyond OTPs

  Indian BFSI major Bank of India chose mutual authentication when it required a two factor authentication (2FA) solution. There’s been no looking back.  Continue Reading

• How to formulate an effective smartphone security policy

  The mobile revolution offers new ways of working, but what are the challenges and how can they be overcome?  Continue Reading

• Computer Weekly / TechTarget IT priorities survey 2012

  Learn which IT priorities are at the top of UK IT managers lists for 2012. Coverage from across our network includes cloud, budget cuts, networking, security, disaster recovery and more.  Continue Reading

• When X.509 security certificates fail, servers break

  Why are X.509 certificates causing computers to stop dead?  Continue Reading

• Security Think Tank: What is the most important nut for infosec to crack in 2012?

  What is the most important nut for infosec to crack in 2012?  Continue Reading

• Opinion: Firms can’t or won’t address social networking security risks

  It's a common refrain: Even companies that are aware of social networking security risks don't do anything about them.  Continue Reading

• Alternatives to passwords: Replacing the ubiquitous authenticator

  As the relative security of passwords falters, are they destined for obscurity?  Continue Reading

• The security threats of technology ubiquity

  The ubiquity of mobile technology and internet-connected devices present new threats and increase the challenges for IT security managers.  Continue Reading

• CW500: Public sector IT in an age of austerity

  The role of CIOs in local government is changing as the sector faces a period of unprecedented austerity and cut-backs  Continue Reading

• Creating a secure platform for smart card programmers

  Royal Holloway authors discuss a new architecture for trusted computing in which an existing fixed-function Trusted Platform Module (TPM) is coupled with user application code running on a programmable smartcard.  Continue Reading

• 2009 Royal Holloway University of London MSc thesis series

  Read a group of information security articles -- from the highly technical to the basic -- authored by recent MSc graduates of Royal Holloway University of London (RHUL).  Continue Reading

• Identity management: an employee-centric approach

  Use (ISC)2 logo online & print

  Identity management: an employee-centric approach

  By Matt Came, CISSP

  Organisations have had five years...

   Continue Reading

• Royal Holloway University of London MSc thesis Series

  This is a series of 12 thesis articles from MSc students at the Royal Holloway University of London, discussing security issues of the future.  Continue Reading

• Experts: IDS is here to stay

  IDS technology has survived predictions that it would be replaced by IPS. One expert says it will remain a separate product while IPS is folded into firewalls.  Continue Reading

• Identity management: the expert view

  Identity management has become a key issue in information security. Governments and businesses are using identity management systems to provide and control access to places and services such as bank accounts, buildings and computer applications.  Continue Reading

• RFID privacy, security should start with design

  Companies planning to deploy radio frequency identification technology (RFID) must demand that privacy and security issues are addressed early.  Continue Reading

• Quiz: Using IAM tools to improve compliance

  A five-question multiple-choice quiz to test your understanding of the content presented by expert Tom Bowers in this lesson of SearchSecurity.com's Identity and Access Management Security School.  Continue Reading

• U-turn cuts risks of ID card scheme

  Plans for population database and iris scans dropped, deadline pushed back, but security and confidentiality demands will be met, says Passport Service chief  Continue Reading

• Review: Lancope StealthWatch 5.5 offers more than IDS

  Hot Pick: StealthWatch goes far beyond traditional intrusion detection, with powerful network-monitoring features. The optional IDentity-1000 is an essential addition.  Continue Reading

• Scope out your ID risks and goals

  To be successful, an identity management initiative needs clear planning to prioritise for quick wins while ensuring that longer-term business objectives are met  Continue Reading

• Identity management for SOA era

  In the first article in this series I highlighted a broad range of business and technology trends which demand identity management.  Continue Reading

• Putting the identity pieces together

  Identity management is key in controlling corporate risk and meeting regulatory requirements. The trick is to find a solution that works any time, any place  Continue Reading

• Identity and Access Management Security School

  This Security School explores critical topics related to helping security practitioners establish and maintain an effective identity and access management plan.  Continue Reading

• Police get Streetwyse to mobile ID checks

  West Yorkshire Police able to access records on the beat via Blackberries  Continue Reading

• Your shout: Online ID card use warning, MiFID is an opportunity

  Computer Weekly readers' give their views  Continue Reading

• Viruses: the challenge to developers

  The recent Zotob attacks remind me of an IDC report, which suggested that most organisations in Western Europe have a lacklustre approach to IT security, hoping that if they ignore the problem it will pass them by. As a result, the majority still ...  Continue Reading

• How to survive a data breach

  When Colin Crook offers advice on how companies should deal a security breach, he speaks from experience. He was CTO of Citicorp [now Citigroup, parent company of Citibank] 10 years ago when a hacker penetrated the company's network.

  Crook...  Continue Reading

• Many medicines but no cure for online ID theft

  Banks and online retailers are struggling to protect their customers from criminals who covet their personal financial...  Continue Reading

• MPs slam lack of clarity in ID card scheme

  Home Affairs Select Committee criticises the government's plans to introduce national ID cards as poorly thought out and lacking...  Continue Reading

• Experts voice concern over national identity cards

  Experts voice concern that thte government's ID card scheme goes beyond its brief and could raise data protection issues and...  Continue Reading

• Council IT manager calls for Whitehall guidance on plans for user authentication

  New system means Medway Council is set to meet the e-gov deadline, but there is no point rolling out smartcards if ID cards will...  Continue Reading

• Thought for the day: Who do you think you are?

  Simon Moores asks, will your ID card paint a true picture?  Continue Reading

• RFID bag-tag test proves a soaraway success

  Delta Airline's RFID luggage tagging test notched up a staggeringly accurate tracking rate. However, the airline has admitted...  Continue Reading

• Thought for the day: The eyes don't have it for ID

  The UK government is going for overkill with its scheme for ID cards carrying biometric technology, says Bart Vansevenant.  Continue Reading

• Automatic ID management pays dividends

  With many security breaches originating inside the firewall, it makes sense to use an automated identity management system - and...  Continue Reading