Posts by Cathy Lemeshewsky

Cathy is our senior product marketing manager for Centrify Identity Service. Before Centrify, Cathy wrote about WAN, SDN and data center networking at Silver Peak, IBM, Blade Network Technologies, Nortel, and Alteon WebSystems.

It's All About Identity

Dear Taxpayer: We Still Can’t Guarantee Your Security

By , March 21, 2016

2015 was the year of the U.S. Internal Revenue Service (IRS) Get Transcript identity theft. Since the spouse and I were affected by this breach last year, I figured I’d better have a look into any recent developments. The IRS has implemented new safeguards for 2016 to help taxpayers verify their identity and the validity of their tax returns, before it will accept the returns for processing. Here’s a summary: Stronger password with a minimum of eight characters, including alphanumeric and special characters Three security questions to verify identity upon login Account lockout features for session length, and number of login attempts Email address verification, via email or text…

From the Cloud

5 Nuggets of Wisdom from the Gartner IAM Conference

By , December 30, 2015

The Gartner IAM conference was such a whirlwind earlier in December. I was fortunate to attend a number of sessions from Gartner analysts and guest speakers. Let me break down some of the key takeaways that I learned:  1. Combining two authentication factors of the same kind does not increase security. Are you implementing two-factor (multi-factor) authentication the right way? Authentication factors require a mixture of three main types of authentication: knowledge, possession, and inherence. If we ask someone to authenticate with two knowledge factors, is this really secure? It’s easy to hack two authentication factors if they are available…

It's All About Identity

Time to Reset Your Password? Get Out the Dice

By , November 9, 2015

In the past week, I have been prompted several times a day to change my network password. And I’ve been putting it off each time I see that annoying pop-up window. Why? Because I’m sick and tired of coming up with a unique password! And who isn’t? But I’m getting close to my 90-day password use limit, and yes, I’ll have to do something about it soon. There has to be a better way to select a good password. One that’s easy to remember but hard to crack. You see, the rules for generating complex passwords are well known. Any programmer worth his or her salt can figure…

It's All About Identity

Dear Taxpayer: You’ve Been Breached

By , October 15, 2015

A few weeks ago the spouse and I learned of an identity theft — our own. We received a notice from the Internal Revenue Service. It said that someone had filed a false return in our names, in an attempt to steal our tax refund. I’m glad IRS flagged the return and sent us a letter. But everyone’s favorite government agency has had to learn its vigilance the hard way. In 2013, it paid out $5.2 billion in fraudulent identity theft tax refunds. The IRS breach is a product of a much bigger problem: large-scale data breaches involving identity and…

From the Cloud

Does Migrating to Office 365 Have to Be So Difficult?

By , August 27, 2015

Does migrating to Office 365 have to be so difficult? IT certainly seems to think so. At the Gartner Catalyst conference in San Diego earlier this month, analyst Mary Ruddy outlined ten mistakes organizations tend to make when deploying identity and access management (IAM) for Office 365. One snag is how to connect to Azure Active Directory. Azure Active Directory is Microsoft’s cloud-based directory, which is the recommended for connecting into Office 365.   Active Directory is the near-ubiquitous on-premises directory that’s been widely used since Windows Server 2000. She outlined two common use cases for managing identity for Office 365,…