Chase Away Cloud Challenges: User Access Governance & Compliance

Alan Norquist, CEO & Founder, Veriphyr, Inc.
Whether you are taking advantage of cloud-based commercial applications or moving your own custom application to a cloud infrastructure, your organization is facing new challenges with user access governance and compliance.

This presentation will cover the steps you'll need to take both contractually and operationally to ensure that user access of your cloud-based applications is as secure and compliant as your data-center applications.

The content will focus on:
- Key contract terms you need to be able govern user access
- What architectural components are critical to your user access governance
- What about cloud-based Identity & Access Management services?
- Operational talks required to support user access governance
- How user access governance is evolving to meet cloud compliance
May 23 2012
45 mins
Chase Away Cloud Challenges: User Access Governance & Compliance
More from this community:

IT Governance, Risk and Compliance

  • Live and recorded (3295)
  • Upcoming (64)
  • Date
  • Rating
  • Views
  • Portfolio planning activities have struggled to gain respect in most businesses. Lack of enterprise-wide orchestration arises from a lack of effective involvement and intimate business knowledge – not simply of operations and processes, but of business imperatives, obstacles and desired outcomes. And the information systems aspects continue to be planned in splendid isolation from the business, causing IT people to mistakenly celebrate victory when a new IT system goes live. However a project only really starts when the IT goes live, and so the planning needs to be fully integrated. This can only be accomplished first by building strong relationships with business peers that will result in measurable value creation. The next step is to implement a sophisticated PPM system that can handle the extreme complexity of orchestrating all the business and related technology portfolio of initiatives, capable of optimizing the plans (and the outcomes) as the business environment changes.

    To achieve this, a new PPM model needs to be created to look at portfolio management in a holistic way, enterprise-wide. Planners need a capability that will generate multiple scenarios and real-time decision support. This dimensionality and complexity is well beyond the capacity of the human brain. By implementing such a tool, IT would be positioned as a critical partner with the business – not just in implementing mainstream information systems, but also in helping the business with a much better way to plan and manage all of its key initiatives effectively

    This session focuses on how enterprise leaders and divisional leaders and IT leaders should be working in harmony to orchestrate great business outcomes, rather than looking after their parochial interests.
  • The development of a solid product innovation strategy is undoubtledly a collaborative effort, and company cultures that support an open and robust dialog will be more able to evolve their strategies to address their changing business environments.

    Attend this webcast featuring Michelle Jones from Stage-Gate International as she discusses how these companies are better equipped to address risk and derive more value from their product innovation efforts. Also hear why aligning your product innovation strategy is an important precursor to making continuous strategic assessments and project prioritization decisions.

    All attendees will gain insight into the 5 key elements that comprise a consensus based innovation strategy, the importance of clearly communicating that strategy to drive strategic portfolio management, and the metrics to measure performance.

    This event is approved for 1 Professional Development Unit (PDU) credit.
  • Wall Street expects it and customer demand it – accountability from Sr. Executives for the future direction of their organizations. How can executives ensure their strategic plans are in action and on track? How can they shift and pivot to changing market conditions along with the risks and impacts to the long-term vision and goals? How do you thread accountability from planning to execution to results?

    Join this session, where David Werner, Senior Principal Product Marketing Manager, CA Technologies, speaks with Rick Morris, published Author and Owner/President of R2 Consulting about ways to bring more accountability through your strategic plan.
  • A recent analyst study found that 88% of organizations are “doing Project and Portfolio Management (PPM).” This finding could lead many to believe all is well with this critical business process so essential to strategic success. This is hardly the case as studies also show PPM is still generally immature in enterprises today. The lack of maturity is largely due to the fact that most organizations are addressing only a subset of PPM capabilities. So though almost every organization can lay claim to doing PPM, few are actually doing PPM for all its worth. Many of these organizations will continue to miss out on the incredible possibility and promise of this essential business capability until they grasp and appreciate the full scope and potential of PPM.

    One of the greatest barriers to realizing the full potential of PPM is an enterprise-wide awareness of the span of PPM and the likely gap that must be overcome to achieve it. There is a plethora of great PPM insight contained in the numerous books, methodologies, and frameworks available today, but using this volume of information to get everyone on the same page is a daunting challenge. The key is to use a simple approach and model to quickly establish a common understanding of this critical business discipline and to easily foster the conversations and discussions to drive the endeavor to raise PPM proficiency.

    This brief webcast will present a PPM model that is easy to remember, easy to communicate, and proven to quickly illuminate the gap between existing immature PPM processes and the full scope and potential of comprehensive Project and Portfolio Management.
  • At its most basic level, communication is the transfer of information and ideas between two or more entities. In the context of organizational project and program management, communication is a core competency that, when properly executed, connects every member of a project team to a common set of strategies, goals and actions. Unless these components are effectively shared by project leads and understood by stakeholders, project outcomes are jeopardized and budgets incur unnecessary risk. Effective communications leads to more successful projects, allowing organizations to become high performers and risk 14 times fewer dollars than their low-performing counterparts.

    This webinar reveals the communications challenges that prevent organizations from accomplishing more successful projects, and identifies key initiatives enable organizations to improve their communication as they face their own unique challenges in an ever-changing complex and risky environment.

    This session is approved for 1 Professional Development Unit (PDU) credit.
  • A recent comprehensive survey commissioned by CA revealed some very clear trends in portfolio management and provided evidence of what distinguishes a strong portfolio performer from a weak one.

    In this engaging presentation report author, Andy Jordan will explore these indicators and provide recommendations for how your organization can become more adaptable, agile and responsive to portfolio changes.

    Learn how you can build improved effectiveness into your portfolio execution approach, and how communication can contribute to your success.

    This event is approved for 1 Professional Development Unit (PDU) credit.
  • The C-level suite agrees that aligning business and technology objectives are an essential element in achieving what’s necessary to win, retain and serve their customers, however, are they putting their money where their mouths are? The data tells a different story. According to Forrester Research, while two thirds of CIOs and CMOs agree that the CMO is an active participant in strategic planning, the perception of CIO involvement varies significantly between the two roles. Moreover, half of surveyed PMO leaders feel they have all the tools in place to competently manage the portfolio pipeline. Companies are routinely adopting practices to deliver faster and better; it’s time for executives to do the same. Effectively managing a portfolio that enables business leaders to achieve their strategic objectives requires tooling that supports pragmatic practices in order to gather data at the right level and at the right time.

    This presentation examines portfolio management trends and best practices that high achieving organizations have applied to turbo charge their planning process.

    Forrester Research, Inc., The State Of Strategic Execution In 2015, January 27, 2015

    This event is approved for 1 Professional Development Unit (PDU) credit.
  • At a time when digital transformation is driving significant change across all industry sectors, it is critical that organizations are able to align functional and cross-functional project activities to their strategic objectives. In the digital economy, the lines between technology, new product development, applications, service delivery and change management are increasingly blurred, and it's vital for the business to have an integrated view, not only to support strategic planning and investment prioritization, but also to effectively manage these initiatives through execution. The project portfolio management process must also evolve to handle both fast-moving digital initiatives and longer-term projects, with a shortened feedback loop that engages project teams and business stakeholders, and provides visibility at all levels. This session will address topics including:

    ·How to align projects to business goals in planning AND execution
    ·Why PPM is vital for a digital project portfolio
    ·How PPM can unify cross-functional initiatives
    ·When to consider changes to PPM processes
    ·Why project visibility is critical to successful business change

    This event is approved for 1 Professional Development Unit (PDU) credit.
  • Connecting buyer & supplier: Das Zusammenspiel von Lieferanten und Einkäufern im B2B stellt von je her die Anforderung an noch mehr Geschwindigkeit aber auch an verlässliche und korrekte Informationen über Produkte und Dienstleistungen.

    In diesem Webinar erfahren Einkäufer und B2B Lieferanten alles über die neue Version von Informatica Procurement 8.0 und ...

    - Informatica Procurement im Überblick

    - Catalog Stream the B2B Commerce Machine: für bessere Integration und Datenqualität von Lieferanten durch die direkte Anbindung von PIM-Systemen.

    - Simple Order: Einfache Bestell- und Freigabeprozesse mit erweiterter ERP-Integration und E-Mail

    - Always Auto Content: Automatisches Katalog-Refresh für stets validen Content, perfekte Suchergebnisse bei neuen Katalogen – auch für Anwenderbasierte Sichten

    - Catalog Information Everywhere: Einfache Integration mit verbundenen Anwendungen auf Basis der Service API z.B. für mobile Apps.

    - Live-Demo & mehr…
  • The risks and opportunities which digital technologies, devices and media bring us are manifest. Cyber risk is never a matter purely for the IT team, although they clearly play a vital role. An organisation's risk management function need a thorough understanding of the constantly evolving risks as well as the practical tools and techniques available to address them
  • Channel
  • Channel profile
  • Securing the “Internet of Things” When Everything has an IP Address Mar 17 2015 5:00 pm UTC 45 mins
    Endpoints are primary targets for cyber criminals. Traditional endpoints such as laptops, tablets, and smartphones support agents and can be centrally managed, configured, and protected. The Internet of Things will drive 4 times the volume of unmanaged devices on a network increasing the attack surface and creating welcome mats for unwanted threats. These unmanaged IP-based devices will be difficult to identify, unable to support an agent, and look like black boxes to security professionals. Without knowing the device type and its business criticality, containing a compromised endpoint will be challenging and time consuming.

    Attend this webinar to learn how to:
    • Identify and classify every IP device on your network without an agent
    • Correlate high fidelity security alerts with device context
    • Minimize the time from threat detection to containment
    • Secure the Internet of Things
  • Anatomy of a Cyber Attack Mar 17 2015 4:00 pm UTC 45 mins
    Victims of targeted attacks, or advanced persistent threats (APTs), make the headlines. Attend this webinar to learn how APTs work and how to defend your business from them. Pat Hill, HP TippingPoint Product Manager, and Bob Corson, Director, Solutions Marketing, discuss the anatomy of an attack and why it's critical to detect and isolate the attack at "patient zero," the initial point of infection.

    Attend this webinar to learn:
    · How the bad guys evade your security
    · The counter measures you need to detect and block them
    · How HP TippingPoint and Trend Micro have partnered to neutralize patient zero
  • Stop SSL-Encrypted Attacks in their Tracks! Mar 17 2015 4:00 pm UTC 45 mins
    Join us on March 17th to learn how SafeNet Luna HSMs integrate with F5 Networks Firewall Platforms to protect the integrity of the SSL communications.
  • Reducing the Risk of Targeted Attacks with Intelligence Mar 17 2015 3:00 pm UTC 45 mins
    If your intuitive response to the risk of targeted attacks is to run and get some Advanced Threat

    Protection, do yourself a favour and take a step back. The reality is that, while the number of advanced

    attacks has been increasing, the vast majority of cases still use fairly simple techniques and exploit

    publically known vulnerabilities that can be solved by regular patching or other mitigation actions.

    In this webinar we will talk about how you should use vulnerability intelligence to reduce the attack

    surface for hackers and strengthen resilience before you think of implementing ATP solutions.

    Key takeaways:

    - An overview of a multi-layered security approach

    - How to leverage vulnerability intelligence to reduce risk
  • Five Steps to a Zero Trust Network - From Theory to Practice Mar 17 2015 3:00 pm UTC 60 mins
    A Zero Trust network abolishes the quaint idea of a “trusted” internal network demarcated by a corporate perimeter. Instead it advocates microperimeters of control and visibility around the enterprise’s most sensitive data assets and the ways in which the enterprise uses its data to achieve its business objectives.
    In this webinar, guest speaker John Kindervag, Vice President and Principal Analyst at Forrester Research, and Nimmy Reichenberg, VP of Strategy at AlgoSec will explain why a Zero Trust network should be the foundation of your security strategy, and present best practices to help companies achieve a Zero Trust state.

    The webinar will cover:
    • What is a Zero Trust network, and why it should be a core component of your threat detection and response strategy
    • Turning theory into practice: Five steps to achieve Zero Trust information security
    • How security policy management can help you define and enforce a Zero Trust network
  • Catch me if you can: The Hunt for Hidden Botnets Mar 17 2015 2:00 pm UTC 45 mins
    Botnet sophistication is increasing at an astonishing speed. Malicious actors continually use new resources and develop new methods for attacking organisations for a myriad of reasons but with a simple purpose; to look for vulnerabilities in the whole operating environment and compromise an organisation’s security.

    It is estimated that about 16% to 25% of Internet traffic in the world comes from communication between various types of malware. Without an adaptive security approach it becomes challenging for any organisation to process and analyse the sheer volume of data being generated, which is why a different approach is critical. It should involve identifying botnet activity using new methods, leveraged on automation and machine learning techniques, which are best suited to help tackle this challenge.

    Join João Gouveia, CTO of AnubisNetworks for a discussion focused on the most common botnet evasion techniques and how to fight them. This webinar will highlight Cyberfeed’s (AnubisNetworks threat intelligence solution) capabilities, to present a cutting edge approach on botnet activity identification, related traffic and risk level.

    In this webinar you will learn:

    •The main challenges and the current Malware landscape

    •Botnet invasion techniques

    •A holistic approach to detecting botnet activity, correlating different attack vectors and techniques
  • Addressing the Combined Human and Cyber Threat Mar 17 2015 11:00 am UTC 45 mins
    One of the most pressing concerns in today’s ever-changing threatscape is how to address the human factor; with an estimated 14% of all breaches are linked to an insider.

    New forms of attack combined with a lack of experience has left many organisations vulnerable and as more and more companies consume more and more sensitive data, there is an increasingly important requirement for today's Information Security Professional to understand the threats and the mitigation techniques available to them.

    Andrew Rice, Director of Cyber, Security and Influence will be drawing upon QinetiQ’s extensive experience within cyber security to highlight vulnerabilities in your cyber defence and your workforce. Key takeaways will include:

    ** How to train your staff to deal with insider threats

    ** Case study into APT 1 using real-world examples

    ** Methods to combat ATPs including the AIW approach

    ** How best to measure your ATP protection

    ** How to integrate physical and cyber security

    Andrew will also be on hand at the end of the session for 15 minutes of Q&A for you to ask your pressing ATP questions.
  • 'Reeling in the Year' – Looking Ahead to 2015 Mar 17 2015 10:00 am UTC 45 mins
    2014 is in the bag and what a year it was - for the hacker and cybercriminal community that is.

    2014 was full of high profile data breaches and significant new vulnerabilities, some of which affected the very core of the online world. This session will combine looking back at 2014’s key events and a good dose of Fortinet’s cyber crystal ball to come up with some predictions for what we can expect during the upcoming 12 months.
  • Data-centric Security Key to Digital Business Success Mar 11 2015 5:00 pm UTC 45 mins
    With the exponential growth of data generation and collection stemming from new business models fueled by Big Data, cloud computing and the Internet of Things, we are potentially creating a cybercriminal's paradise where there are more opportunities than ever for that data to end up in the wrong hands. The biggest challenge in this interconnected world is merging data security with data value and productivity. If we are to realize the benefits promised by these new ways of doing business, we urgently need a data-centric strategy to protect the sensitive data flowing through these digital business systems. In this webinar, Ulf Mattsson explores these issues and provides solutions to bring together data insight and security to safely unlock the power of digital business.
  • Securing Office 365 Mar 11 2015 5:00 pm UTC 45 mins
    As much as Silicon Valley startup execs love to portray Microsoft as a dinosaur, the fact is that Office 365 adoption is accelerating in the enterprise. Office 365 offers a promising compromise for enterprises deciding, “to cloud or not to cloud": Bring cloud-based productivity tools under the company’s security umbrella so that people can work the way they want to, without sending sensitive company data astray. The idea that you can simply shift responsibility for your company’s data security to Microsoft, however, couldn’t be further from the truth. You can achieve Office 365 data security... but only through a partnership that involves, at its core, a comprehensive in-house security plan, together with Office 365’s built-in security functionality.

    In this webinar, Rich Campagna, VP Products at Bitglass, and Chris Hines, Product Marketing Manager, will help you understand where Microsoft’s security responsibility ends, and where yours begins, highlighting key gaps to keep in mind as you make the move to Office 365, and how to solve them.
  • Get Complete IT Compliance: Reduce Risk and Cost Mar 10 2015 3:00 pm UTC 60 mins
    Reacting to threats and remediating breaches can’t wait. Your compliance plan may be in place – but can you execute fast?

    Join BMC Software and Qualys to see how to get complete IT compliance and reduce the risk and cost in your organization. In this webinar, you will learn to:

    ·Easily detect security issues with new automated, online technology
    ·Quickly analyze operational dependencies and the potential impact of proposed fixes
    ·Enforce governance policies and change approval requirements
    ·Execute validated remediation actions rapidly
    ·Document actions and results in real time


    Plus, learn how to improve communications between security and operations to ensure a speedy resolution to compliance issues.
  • Avoiding the Headlines: 5 Critical Security Practices to Implement Now Mar 5 2015 6:00 pm UTC 45 mins
    2014 could have easily been called, “The year of the biggest security breaches since the beginning of forever.” But given current security practices and technologies, many of the breaches could have been prevented. So why weren’t they?

    Many of the affected companies fell into a very common trap, thinking that if a company goes to the trouble to be legally compliant then it will be effectively “secure.” Unfortunately, as with many kinds of regulations, legal compliance really represents the absolute least amount of effort required. If companies want to give themselves the best chance to avoid the very severe consequences that come with a major breach, there are five practices they need to put in place now.

    Join Adrian Sanabria, Senior Security Analyst at 451 Research, and Amrit Williams, CTO of CloudPassage, on this webinar to learn
    · Possible gaps left by the compliance-first approach to security
    · How to limit vulnerabilities across traditional, virtual and cloud infrastructures
    · Five best practices to avoid a major security breach in 2015
  • Top 7 File Sync & Share Features For Businesses Mar 5 2015 6:00 pm UTC 45 mins
    The bring-your-own-device (BYOD) movement has been a huge boon for businesses that put a premium on productivity. File sync and share solutions have emerged to help employees work from anywhere, at any time, on any device. In this BrightTALK exclusive, eFolder explores the top seven features that business should consider when adopting a file sync and share solution. Learn what is required for a file sync and share solution to improve collaboration, maximize productivity, and ensure security.
  • The coming Cyber-Storm and The Internet of Things Mar 5 2015 5:00 pm UTC 45 mins
    The Internet of Things (the new buzzword for the tech industry) is increasing the connectedness of people and things on a scale that was once beyond imagination. Connected devices outnumber the world's population by 1.5 to 1.It is expected to eventually touch some 200 billion cars, appliances, machinery and devices globally, handling things like remote operation, monitoring and interaction among Internet-connected products.

    In combination with the fact that there are almost as many cell-phone subscriptions (6.8 billion) as there are people on this earth (seven billion), we have all the ingredients for a Perfect Cyber Storm.

    Join me for an informal discussion of the challenges for our profession, and some possible solutions.
  • The One-Man SOC: Habits of Highly Effective Security Practitioners Mar 5 2015 5:00 pm UTC 60 mins
    Do you feel alone? No resources? No help? If you are like many security practitioners faced with a mountain of tasks each day and a small (or non-existent) team to help, prioritization and efficiency are key. Join Joe Schreiber, Solutions Architect for AlienVault for this practical session outlining habits to get the most out of your limited resources.

    In this session, you'll learn how to develop routines to efficiently manage your environment, avoid time-sucks, and determine what you can do by yourself and where you need help.

    In this practical session, Joe will cover:
    - How to work around the limitations of a small (or one person) team
    - Tips for establishing a daily routine
    - Strategies to effectively prioritize daily tasks
    - Benefits of threat intelligence sharing
    - Critical investigation & response steps when the inevitable incident occurs
  • Endpoint Security Just Got Simpler Mar 4 2015 6:00 pm UTC 60 mins
    From unobtrusive advanced malware detection technologies to automated threat response and actionable mobile-friendly dashboard – manage security from any device, any time, ESET will present new solutions for securing your endpoints and new ways to manage them.
  • Maintaining Security in a Mobile World Mar 4 2015 6:00 pm UTC 45 mins
    The game has changed. Due to cost savings, and the privacy and mobility needs of employees, in just a few short years companies have loosened the mobile device leash. Enterprises are now shifting from traditional “company owned” devices, to allowing “Bring Your Own Device” in the workplace. According to Gartner, by 2017 fifty percent of companies will actually force employee to bring their own device to work.

    But if you’re tasked with securing devices, how do you accommodate BYOD? Where do you start and what kinds of security solutions should you be looking for?

    In this webinar, Chris Hines, Product Manager at Bitglass will teach you how to balance the needs of IT admins and employees when it comes to securing your mobile world.
  • The Profitable MSSP Series –Sandbox-as-a-Service for MSSPs Recorded: Mar 3 2015 49 mins
    This webinar will outline methods of deploying Fortinet Sandbox solution as a hardware inclusive service and creating a compelling offering that will help build value in your portfolio and lead to high margin revenue. We will discuss the reasons for the renewed demand for Sandboxing, the deliverables of FortiSandbox, compare it to competitive solutions and discuss sizing, productizing and pricing models.
  • Security Rivals? The Value of Measuring & Comparing Network Security Performance Recorded: Feb 27 2015 50 mins
    Who has earned the bragging rights as the most secure college athletic conference?

    Colleges have rivals both on the football field and in the classrooms, but how do they fare in security performance? Watch this webinar featuring Stephen Boyer, CTO and Co-Founder of BitSight Technologies, and Rebecca Sandlin, CIO of Roanoke College, to learn how the major athletic conferences compared in key security performance metrics. There is also a discussion about why security benchmarking is so significant in education.

    Watch this webinar to discover:

    - The unique challenges higher education faces in securing their networks and how benchmarking can help
    - Why performance varies across the industry, and how that translates into actionable intelligence for security teams
    - How Security Ratings are enabling Roanoke College to gain tremendous insights about security strategy and performance issues that they can share with their board.
  • Actionable Intelligence: A Threat Intelligence Buyer’s Guide Recorded: Feb 26 2015 48 mins
    Today’s threat actors are more sophisticated than ever, and organizations need live attack intelligence that alerts them to emerging threats long before they become full-blown attacks that lead to sensitive data loss. Furthermore, organizations need the most current threat data available in order to protect their networks from incursions – they need real-time actionable intelligence.

    Join us for the upcoming webinar, “Actionable Intelligence: A Threat Intelligence Buyer’s Guide” featuring Rick Holland, Principal Analyst at Forrester Research, and Jeff Harrell, Senior Director, Product Marketing at Norse, to learn how to evaluate the various threat intelligence offerings in the marketplace, and how to utilize them to prevent today’s advanced attacks.

    In this webinar you will learn about:
    * The criteria needed to effectively evaluate threat intelligence solutions that meet your organization's needs
    * The value of the different types and sources of internal and external threat intelligence
    * How best to utilize threat intelligence to realize a greater return on security investments and better protect your organization
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Chase Away Cloud Challenges: User Access Governance & Compliance
  • Live at: May 23 2012 8:00 pm
  • Presented by: Alan Norquist, CEO & Founder, Veriphyr, Inc.
  • From:
Your email has been sent.
or close
You must be logged in to email this