Home/IDM360

The Dangers of SAML Replay Attacks

By |2019-09-17T14:59:33-05:00July 31st, 2019|IDM360, SAML PEN Testing|

The Dangers of SAML Replay Attacks Click 'Learn More' button to explore AssureBridge IDM 360™ SAML PEN Testing suite. Introduction Single Sign-on represents a significant attack vector for hackers.  It is particularly vulnerable for two reasons.  If SSO is hacked, then by definition an illicit party has gained access to your [...]

Top IDM Challenges in Mergers and Acquisitions

By |2019-07-31T11:36:21-05:00July 12th, 2019|IDM360|

Top IDM Challenges in Mergers and Acquisitions When companies merge, they face a distinct set of identity management challenges.  This is due to each former company having its own identity management system complete with a distinct set of users, applications and directories.  After the merger, they want to combine into a single [...]

Top IDM Challenges when Exposing Internal Applications to Customers

By |2019-07-12T14:02:22-05:00July 12th, 2019|IDM360|

Top IDM Challenges when Exposing Internal Applications to Customers Companies are increasingly providing direct systems access to their customers.  This streamlines service, improves satisfaction and fosters a sense of community. Systems such as inventory, billing, ticketing and custom business applications are made available via the web directly to customers, partners, suppliers and [...]

Top Challenges Consolidating to a Central Identity Management System

By |2019-07-12T13:31:14-05:00July 11th, 2019|IDM360|

Top Challenges Consolidating to a Central Identity Management System Organizations manage a wide variety of identities.  These include employees, contractors, customers, partners, vendors and prospects.  Most organizations have grown organically or through mergers.  They find their identity management (IDM) infrastructure spread out across the enterprise. Figure 1: Distributed User Identity Distributed Identity [...]

Top 5 Challenges Implementing SAML Single Sign-On for Liferay Portal

By |2019-07-11T15:09:59-05:00January 24th, 2018|IDM360, Liferay SSO|

Top 5 Challenges Implementing SAML Single Sign-On for Liferay Portal Single Sign-On (SSO) using SAML can easily become a serious undertaking for any project or application. There are numerous unexpected challenges that arise along the way. This becomes even more challenging when dealing with a complex platform such as Liferay Portal and [...]

Implementing CAC smart card authentication for Web Sites

By |2016-10-13T14:30:45-05:00November 5th, 2015|IDM360, Multi-Factor Authentication|

Implementing CAC smart card authentication for Web Sites This blog discusses how to enable web sites to support access via the Department of Defense Common Access Card (CAC). What is a CAC? The Common Access Card  is a secure identification card issued to Department of Defense (DOD) personnel and civilian contractors.  It is a [...]

Active Directory for Customer Records

By |2016-10-13T14:30:51-05:00October 28th, 2015|IDM360|

Active Directory for Customer Records Microsoft Active Directory is one of the most popular Identity management systems for storing employee records.  It is a required component for any organization that uses Microsoft Windows domains and thus is ubiquitous in Microsoft shops. Typical information stored about employees include name, department number, user id, password, group [...]

Multifactor Authentication FAQ

By |2016-10-13T14:30:53-05:00October 23rd, 2015|IDM360, Multi-Factor Authentication|

Multifactor Authentication FAQ What is multi-factor authentication? Multi-factor authentication requires users logging in to prove who they are in multiple (typically two) ways. Examples of proof include: You know something that no one else knows (like a password) You have something that no one else has (like your cell phone*) A unique physical [...]

Implementing Corporate Single Sign-on

By |2016-10-13T14:30:59-05:00October 23rd, 2015|Corporate Single Sign-On, IDM360|

Implementing Corporate Single Sign-on From my previous blog we saw that implementing Corporate SSO is one of the most cost effective ways to enable cloud-based employee services and tools. Integration to each cloud services has a small to medium start up effort but then immediately starts paying benefits in terms of reduced cost of [...]

The case for Corporate Single Sign-on

By |2019-09-26T14:40:20-05:00October 19th, 2015|Corporate Single Sign-On, IDM360|

The Case for Corporate Single Sign-On Corporate single sign-on (SSO), allowing employees connect to all internal and external system with a single user id and passwords has long been a goal of IT managers. They traditionally, site the effort of maintaining multiple userids/passwords, the time spent performing password change and reset and the resultant [...]