http://community.ca.com/blogs/iam/default.aspxInsight and opinion on the world of security management. This is the place for commentary on industry issues, articles and reports on topics such as managing identities and their lifecycles; securing access to data and resources; securing Web business applications and services; and managing security logs and information.enCommunityServer 2007 SP1 (Build: 20510.895)http://www.ca.comhttp://www.ca.com/images/global/logo_172900.gifCS_CAIAMBloghttp://feedburner.google.comSubscribe with My Yahoo!Subscribe with NewsGatorSubscribe with My AOLSubscribe with BloglinesSubscribe with NetvibesSubscribe with GoogleSubscribe with Pageflakeshttp://feeds.ca.com/~r/CS_CAIAMBlog/~3/R5S76wQwmVs/cloud-iam-services-everyone-s-new-punching-bag.aspxMon, 30 Jan 2012 15:36:00 GMT8d07cc69-a460-48f1-844d-25b05ba87317:8501Merritt Maxim0http://community.ca.com/blogs/iam/archive/2012/01/30/cloud-iam-services-everyone-s-new-punching-bag.aspx#commentscloud computingFederationIAM TrendsIdentity and Access ManagementIdentity ServicesSaaS SecurityAny new product or technology is invariably accompanied by certain levels of skepticism and cynicism.&nbsp; Whether it is the latest smart phone lacking a certain mega-pixel camera or a new version of enterprise software not supporting a given operating system or standard, critics will always appear to question these new products&#39; viability. As we enter 2012, cloud computing, or more...<br/> <br/> &nbsp;<img src="http://feeds.feedburner.com/~r/CS_CAIAMBlog/~4/R5S76wQwmVs" height="1" width="1"/>http://community.ca.com/blogs/iam/archive/2012/01/30/cloud-iam-services-everyone-s-new-punching-bag.aspxhttp://feeds.ca.com/~r/CS_CAIAMBlog/~3/X3MpyQUyfB0/dlp-as-a-process.aspxWed, 18 Jan 2012 12:38:00 GMT8d07cc69-a460-48f1-844d-25b05ba87317:8431Henk van der Heijden0http://community.ca.com/blogs/iam/archive/2012/01/18/dlp-as-a-process.aspx#comments&nbsp; I read with interest recently a paper from Forrester called ‘Rethinking DLP&#39; by John Kindervag. John made two observations about DLP strategies today: 1) strategies treat DLP as a product rather than an embedded function or process 2) most strategies focus on financial data such as cardholder information or personal identifiable information such as social security numbers in the...<br/> <br/> &nbsp;<img src="http://feeds.feedburner.com/~r/CS_CAIAMBlog/~4/X3MpyQUyfB0" height="1" width="1"/>http://community.ca.com/blogs/iam/archive/2012/01/18/dlp-as-a-process.aspxhttp://feeds.ca.com/~r/CS_CAIAMBlog/~3/o35DIQp5-_c/what-i-learned-at-the-12th-international-common-criteria-conference-part-2.aspxTue, 20 Dec 2011 13:35:00 GMT8d07cc69-a460-48f1-844d-25b05ba87317:8274Joshua Brickman0http://community.ca.com/blogs/iam/archive/2011/12/20/what-i-learned-at-the-12th-international-common-criteria-conference-part-2.aspx#commentsCommon CriteriaICCCOpen Trusted Technology Forumo-TTFSecuritysecurity managementSupply ChainIn October, I wrote about the issue that the &quot;Common&quot; in Common Criteria is at risk of disintegrating, which was the first of two main themes from the International Common Criteria Conference (ICCC), in Kuala Lumpur, Malaysia. As promised, in this post, I cover the second main theme: supply chain integrity.&nbsp; This year I introduced the rather small Common Criteria (CC) community...<br/> <br/> &nbsp;<img src="http://feeds.feedburner.com/~r/CS_CAIAMBlog/~4/o35DIQp5-_c" height="1" width="1"/>http://community.ca.com/blogs/iam/archive/2011/12/20/what-i-learned-at-the-12th-international-common-criteria-conference-part-2.aspxhttp://feeds.ca.com/~r/CS_CAIAMBlog/~3/1erv0ix6gks/coit-part-2-security-of-mobile-users-does-it-differ-from-security-for-non-mobile.aspxTue, 13 Dec 2011 20:35:00 GMT8d07cc69-a460-48f1-844d-25b05ba87317:8226Sumner Blount0http://community.ca.com/blogs/iam/archive/2011/12/13/coit-part-2-security-of-mobile-users-does-it-differ-from-security-for-non-mobile.aspx#commentsAccess ControlauthenticationBYODCoITconsumer driven ITconsumerizationconsumerization of ITencryptionSecurityA few months ago, I posted a blog on Consumerization of IT (here) where I explored some of the causes and impacts of this important trend (wow....has it really been that long since I last blogged?&nbsp; What have you been doing all this time, Sumner?).&nbsp; I mentioned in that blog that there would be a follow-up blog on some of the security implications relating to CoIT.&nbsp; Well, here is...<br/> <br/> &nbsp;<img src="http://feeds.feedburner.com/~r/CS_CAIAMBlog/~4/1erv0ix6gks" height="1" width="1"/>http://community.ca.com/blogs/iam/archive/2011/12/13/coit-part-2-security-of-mobile-users-does-it-differ-from-security-for-non-mobile.aspxhttp://feeds.ca.com/~r/CS_CAIAMBlog/~3/30otrunuJrA/need-to-manage-the-identities-for-an-entire-country-or-small-city-there-s-an-app-for-that.aspxTue, 06 Dec 2011 13:55:00 GMT8d07cc69-a460-48f1-844d-25b05ba87317:8190Merritt Maxim0http://community.ca.com/blogs/iam/archive/2011/12/06/need-to-manage-the-identities-for-an-entire-country-or-small-city-there-s-an-app-for-that.aspx#commentsCA WorldIdentity Managementscalabilitysecurity managementTraditionally, identity management solutions were deployed internally to support employees and other third party users like partners.&nbsp; These identity management solutions (from multiple vendors) are currently in use in organizations or all sizes across all vertical markets around the world, generally dealing with user populations in the thousands.&nbsp; But in today&#39;s increasingly...<br/> <br/> &nbsp;<img src="http://feeds.feedburner.com/~r/CS_CAIAMBlog/~4/30otrunuJrA" height="1" width="1"/>http://community.ca.com/blogs/iam/archive/2011/12/06/need-to-manage-the-identities-for-an-entire-country-or-small-city-there-s-an-app-for-that.aspx