Welcome to the Security and Risk Management Blog, where you can read the perspectives from security and risk management experts. This Blog provides insights into the security and risk management solution, as well as technical details about specific IBM pr
Are you a member of the TUC?
IN THIS ISSUE
Global Group Updates
User Group Meetings
TUC Member Interview
Todd Loveday , Maximo Project Manager, URS Corporation
Click here to view other TUC Member Interviews... [More]
IBM wants to increase the value of your existing products by bringing you more content through the Integrated Service Management Library . Please take a moment to help us understand what kind of content would be most useful to you by answering this very brief survey.
the next Tivoli User Community webcast: IBM’s Next Generation of IAM solutions
– What You Need to Know Now on
December 12, 2012 at 11:00 am ET, USA.
Reserve Your Webcast Seat Now
In Q4 2012, IBM Security completely
revamped the Identity and Access Management portfolio to address today’s
advanced security threats. Familiar products such as Tivoli Identity Manager
and Tivoli Access Manager for e-business have new IBM Security names and
exciting new capabilities. Plus we’ve announced brand new... [More]
There was a time,
when logging in to your bank account was a simple matter of entering a user ID,
entering a password, and accessing your account.
cash from an ATM, just entailed inserting your card, entering your PIN code,
and grabbing the cash.
Not any more.
When you access your
bank’s web page, something horrible, called ‘malware’, sits on your PC,
remembering every character you type, and sending them all to its sociopathic
owner, so that he can later rob you. When you visit your ATM, a hidden... [More]
News about the IBM Security zSecure suite is regularly posted to SMC - System Z . Recent news of particular interest from a compliance perspective: IBM Security zSecure Audit integration with QRadar SIEM
IBM Tivoli Access
Manager for e-business is a single sign-on (SSO) solution that authorizes and
authenticates user access to Web and other hosted applications.
Tivoli Access Manager’s software is a highly scalable user
authentication, authorization and Web SSO solution for enforcing security
policies over a wide range of Web and application resources. It centralizes
user access management for online portal and business initiatives.
See the support and services Tivoli Access Manager V6.0 has for you and your business needs... [More]
About an hour ago we launched the new developerWorks security site .
I'm excited to have this corner of developerWorks to pull together all
of the existing security articles on dW in one place. But more
importantly we're looking forward to producing a steady stream of how-to
articles and videos on producing secure code and securing your IT
operations at the new developerWorks security site. The
developerWorks security site has two key parts to its "Practices" area.
The first section is devoted to secure software... [More]
The Internet is changing the face of product support. It is an
undeniable fact that the manner in which we attempt to resolve problems,
be they complex software applications or finding the closest Italian
restaurant, is entirely different than 10, 5, or even 2 years ago. In
all facets of our daily lives, how we search for answers to even the
simplest of problems have been forever changed through online technology
and capabilities. The Internet permeates all aspects of our lives; how
many readers of this blog post do not understand... [More]
The European Commission’s Article 29 Data Protection Working Party has issued a lengthy paper codifying the principle of “buyer beware” in its approach to cloud service providers in member states. [Read this post.]
Gain Visibility, Control and Automation across your organization and infrastructure boundaries. Are you looking to increase your personal skills in the Service Management arena? Are a responsible for a team of Tivoli professionals who need to delve deeper into the products? Would you or your team benefit from learning deep technical skills from real experts in their fields? Then the EMEA Tivoli & Security Technical Conference 2012 is just what you need!
Click here to learn more! One of the many business benefits... [More]
The FDA’s Office of Science and Engineering Laboratories referenced work in its FY 2011 report to collect requirements for medical data flight recorders in medical devices. Isn’t there a large mature in dustry in event management that can be applied to this? [Read this post.]
In the aftermath of the LinkedIn password hack, much of the discussion has focused on secondary security issues like password hash algorithms and salting. But the root cause security issue and how to mitigate its risk are being overlooked. http://goo.gl/fi57K
The CloudFlare hack is interesting not because of the damage that was done, but because of the multiple authentication system failures that were exploited to make it happen. It also sheds some light on the Achilles’ Heel of web-based services, the password reset procedure. http://www.itsecurityzone.com/cloudflare-hack/
Gawker is reporting the Mitt Romney Email Hack story. Once again a public email service is embarrassed by a gaping hole in its security which is widely known and easily fixed. What you can do to protect yourself and simple low cost alternative’s to the so-called “security questions.”
The Facebook IPO stumble has rekindled the usual hand-wringing about Facebook’s long term viability in light of the many failed social networking services in the past. But Facebook’s role as an identity service provider using the OAuth standard give it hope of overcoming the Facebook IPO stumble and staying in business when the Next Big Thing comes along and steals away the end users’ attention from their Facebook news feed. [Read this post.]
I'm thrilled to find the all the documentation and support resources for the Tivoli Access Manager for Single Sign-On product on their Tivoli Doc Central page: http://www.ibm.com/developerworks/wikis/display/tivolidoccentral/Tivoli+Access+Manager+for+Enterprise+Single+Sign-On Kudos to the Tivoli Access Manager for Single Sign-On team for providing this all-in-one resource.
These days “role
management” or “identity and access governance” has taken the limelight for
anything related to Identity and Access Management projects. IT organizations are eager to understand
what these technologies provide, and want to ensure that these functions are covered
in any of their identity management project bids. Role management is really only a portion of
Identity and Access Governance, but its underlying benefits are clear and
compelling: better handling over access assignment growing demands,
Welcome to the Security and Risk Management blog. This
blog is one of several within the Service Management Connect community,
and its purpose is to provide readers with ideas and perspectives about
the security and risk management solution directly from the
technical experts. Follow this blog, and you can get tips, tricks, and
perspectives on several security and risk management topics, including: Installation Integration Performance Customization Technical tips and tricks More... If you have specific topics for which you would like... [More]