Just-in-Time Authentication: Creating a New Balance of Security and Convenience
Enabling more sensitive online activities and transactions for a diverse user community (customers, partners, administrators) creates the need to have a high level of confidence that the person is who they say they are. At the same time the “Consumerization of IT” has raised user expectations for a smooth, intuitive online experience at anytime, from anywhere and from any device. This presents a real challenge because the historical relationship between authentication security and user convenience is inverse: as the strength of the authentication method goes up the user experience usually goes down.
With the emergence of new online threats, new device types and the increase in the amount of sensitive data available online, no one authentication method can meet all requirements to protect sensitive data and reduce fraud. There is a need for a flexible authentication system that can intelligently assess the risk of an activity and then require the appropriate authentication methods based on factors like the user, device, activity context and the activity itself. In this webcast, we will discuss the key requirements for a layered security approach that can enable a risk-appropriate and just-in-time authentication process which provides the security level required, while optimizing, or at least minimizing any negative impact on the customer experience.
RecordedAug 7 201253 mins
Your place is confirmed, we'll send you email reminders
Controlling the access of all users, especially privileged ones, is essential not only for risk reduction but also for easier compliance. But, controlling access isn't enough. Organizations need to govern all user access to ensure that no user has more access than they need, and that segregation of duties policies are enforced. On February 9, 2017, CA Technologies and (ISC)2 will highlight key aspects of effective identity governance, including for contractors and partners who might have access to your systems. Included in the discussion will be key capabilities and processes to help create leading-edge identity governance deployments that can improve the security of your critical data and simplify compliance audits.
Each year, security experts at CA Technologies offer predictions about some of the most compelling trends in the infosecurity space. Join CA Technologies and (ISC)2 on January 12, 2017 for a review of the research and data that contains compelling insights and information on trends on Security in the digital enterprise.
The rise of cloud adoption and a "bring your own app" trend in the workplace continues to grow, and IT and security leaders are hard pressed to keep up with the demands of a seamless user experience while protecting user identities across the cloud environment. On December 8, 2016 at 1:00PM Eastern, CA Technologies and (ISC)2 will examine how to leverage identity-as-a-service to secure access to cloud applications - including provisioning, onboarding and deployment, deliver a seamless user experience without compromising security and how to keep up with the pace of cloud adoption.
Identity is the new perimeter for Security in the digital enterprise. According to Forrester, 80% of security breaches involve the use or abuse of privileged credentials. At the same time, compliance mandates (such as PCI) require organizations to focus on how they manage and control privileged users in order to protect these critical resources. Privileged Access Management (PAM) provides a host of capabilities that enable organizations to address these critical challenges. Join CA Technologies and (ISC)2 on November 3, 2016 at 1:00PM Eastern for a webcast that will highlight emerging requirements in privileged access management, and present key capabilities that are important in a comprehensive PAM solution.
Steve McCullar, Sr. Director, Security Solutions at CA Technologies
Over 80% of security breaches involve privileged credentials, according to industry analysts, which makes protecting privileged user access absolutely critical.
To do that, you must build a zero-trust defense in depth system to protect privileged credentials.
Join Steve McCullar of CA Technologies in a live webcast to learn how:
•The military principle of defense in depth security can be applied to privileged access management.
•Make it more difficult for the “enemy” --implement a layered privileged access management defense system that combines a ‘zero-trust’ network-based and host-based security
Carol Alexander, Sr. Dir Security, CA Technologies; Rob Marti, Princ, Prod. Mgr, CA.; Brandon Dunlap
Making it easy for your customers to engage with you requires frictionless security. Begin by ensuring you have modern single sign-on and authentication to provide compelling, simple, yet non-intrusive environments for your customers. Join CA and (ISC)2 on October 6, 2016 at 1:00PM for Part 2 of our Briefings series where we'll examine how to employ analytics to streamline the path to your applications, address hybrid environments (both SaaS and on premise) and ensure AA and SSO are meeting continually emerging challenges of the digital enterprise.
Gedeon Hombrebueno, Director of Security Solutions (CA Technologies) and Piyush Pandey, Senior Manager Cyber Risk (Deloitte)
Business leaders believe compliance can keep them out of harm’s way. Yet the majority of organizations are not anywhere close to being safe from attacks. Why the disconnect?
Join Gedeon Hombrebueno (CA Technologies) and Piyush Pandey (Deloitte) as they discuss the importance of taking IT security measures beyond standards or regulations, and how to establish the necessary privileged access management controls to not only prevent data breaches, but also to satisfy audit and compliance demands.
You will learn:
• Why a “compliance based approach” to security is inadequate and flawed
• How to move from a compliance-based approach to risk-based approach
• How Privileged Access Management can help address compliance requirements, using PCI DSS compliance as an example
James Jenkins, Director, Payment Security Solutions, CA Technologies and Karen Webster, CEO, Market Platform Dynamics
It’s no secret that e-commerce is one of the biggest drivers of digital business transformation. This is due, primarily, to customers demanding the highest quality experience. No interruptions. No complex passwords. No incessant authentication requests … all without sacrificing security.
Enter Payment Security solutions from CA. These intelligent solutions not only let you build a secure e-commerce strategy centered on customer value, but also a broader digital business transformation plan focused on competitive advantage.
Want to learn more? Join James Jenkins, Director, Payment Security Solutions, CA Technologies and Karen Webster, CEO, Market Platform Dynamics as they discuss why banks and card issuers are at a pivotal juncture to embrace digital business transformation. Discover:
What technology, applications, and digital all have in common when it comes to the new e-commerce strategy.
•How business units can collectively drive enhanced digital services, combat fraud, and increase business performance.
•Why these evolutionary times are accelerating the Digital Business Transformation agenda
•What the experts are saying about digital strategies, focus areas, and best practices
Michelle Waugh, Security Business, CA Technologies; Brandon Dunlap
Your business is part of a new digital reality and the digital relationships you have with individuals are your greatest assets. They are also the new perimeter, where identities are the unifying control point across apps & data and users demand access and insight with an exceptional user experience. While all this drives your business, it also opens you up to attacks and breaches. Join CA Technologies and (ISC)2 on September 1, 2016 at 1:00PM Eastern for this first event of a six-part webcast series where you will learn how leaders can adapt to the new digital reality -- embrace new identity and access management strategies that allow you to innovate in ways you never imagined.
Carol Alexander, Sr Dir Product Marketing PaySec, CA; Hannah Preston, Solution Strategist PaySec, CA; Karen Webster, CEO MPD
Brace yourself, there's a storm coming. Soon you will see more and more global regulatory changes that could impact your payment security strategy. In fact, you may not even be aware that some changes are already underway.
Find out how to leverage innovative, already-available payment technologies during this evolution in the payment industry.
Join our distinguished panelists as they discuss regulatory disruption. Learn the steps you should be taking - right now - to help implement best practices in your fraud prevention strategies:
•Are you future-proofing your e-Commerce operations?
•Is your data at the center of your security strategy?
•Are you tracking the predictions for next 18 months?
Your identity and governance practices are well established, but they might not be as comprehensive as they need to be. Going beyond the basics is critical to greatly reduce security risk and improve efficiencies.
Join CA Technologies security expert, John Hawley, to examine how to broaden the scope of governance to include privileged users, contractors, and business partners, as well as controlling access to physical assets. You’ll also learn the important role of identity performance analytics in a governance deployment.
Cybercrime costs the global economy $445 Billion a year, more than the worldwide illicit drug trade, and even the GDP of many countries. And, targeted breaches are increasingly a tool of nation-states seeking intellectual property, dossiers on influential individuals, and devastating disruptions of business operations.
But for all their variety, each of these attacks share a common thread — a kill chain that exploits privileged users and their credentials to gain access to sensitive systems. Privileged access management is the most direct means of disrupting the kill chain and stopping attackers before they ever get started.
Join CA Technologies Dale Gardner and ISACA in an informative discussion on how to break the kill chain.
You will learn:
• How risks from system breaches — and the potential for long-lasting damages — are increasing
• How attackers exploit privileged users and their credentials in an ongoing string of data breaches and security incidents
• How to master the processes and tools needed to easily disrupt the kill chain, stopping attackers in their tracks and preventing breaches.
Rob Marti - CA Security and Jeremy Britton - Deloitte, Managing Director of Cyber Risk Services
Digital is everywhere—big data, cloud, mobile, social, the Internet of Things – and its changing the way we all work and play. Today, retailers are facing three major challenges: digital transformation initiatives, abandoned online shopping carts, and online identity fraud and data breaches. The common thread for success is to ensure that security becomes synonymous with a frictionless user experience.
Join security experts from CA Technologies and Deloitte in a discussion on how leading retailers are addressing these challenges and how a comprehensive Omnichannel Access solution can enable you to engage your customers in a secure and frictionless fashion across multiple devices and channels.
Jonathan D. Hancock, TSYS; James Jenkins, CA; Paul Dulany, CA; Steve Casco, CardNotPresent
3D Secure is “primed for ignition” … especially in the U.S., where the migration to EMV chip cards has resulted in an upward trend of card-not-present (CNP) fraud. In fact, it is estimated that in the U.S. alone, CNP fraud will reach approximately $7 billion by the year 2020.
What many card issuers may not know is that 3D Secure is an ideal solution to combat this specific type of fraud. What’s more, card issuers can leverage the enhanced data set available with 3D Secure to support a broader fraud strategy across CNP, brick and mortar, and even omni-channel segments.
Want to learn more? Join us to explore:
• How 3D Secure has evolved since its introduction and common misconceptions about this protocol
• Where to properly utilize various types of data available within 3D Secure and how it can enhance an overall fraud strategy
• What industry experts say about the impact of 3D Secure data and existing partnerships to support U.S. issuers
•Jonathan D. Hancock, Fraud & Risk Management Solutions Director, TSYS
•James Jenkins, NA Sales Director, CA Technologies
•Paul Dulany, Data Science VP, CA Technologies
•Steve Casco, Founder, CardNotPresent.com
In up to two-thirds of security breaches, stolen or compromised user credentials belonging to a privileged user with wide-ranging access to sensitive systems, served as the initial attack vector. In this way, attackers can steal sensitive data and wreak havoc. While you must provide access to third parties, you must also manage such high-impact security risks. Join us to learn the top five best practices for regaining control of third-party access, and the processes and technology necessary to stop unauthorized access and damaging breaches.
In this webcast, you’ll learn:
- The identity, access, and security governance processes needed to protect your network
- How to ensure positive user identification to prevent credential theft and misuse
- Techniques to limit access to only those resources required to satisfy work or business requirements
- Preventing the unauthorized commands — and inadvertent mistakes — threatening your network
- Establishing monitoring procedures that flag violations and speed forensic investigations
Dale R. Gardner, CA Technologies PAM, and Jeremiah Cornelius, Senior Security Architect, VMware
Virtualized network systems are inherently more secure than physical networks, since what is deployed can be known with absolute certainty – and therefore can be precisely identified and secured. And because the network is defined in software, connections can be securely defined only as a consequence of policy – rather than trying to add policy to physical network links after they’ve been deployed. Security is built in, rather than bolted on after the fact.
Network virtualization platforms for the Software-Defined Data Center (SDDC) bring the operational model of a virtual machine to your data center network, transforming the economics of network and security operations. This allows you treat your physical network as a pool of transport capacity, with network and security services attached to VMs with a policy-driven approach. Adding specialized protections to monitor and control the activities of privileged users, and to protect and secure the credentials they use are critical to achieving comprehensive security.
Join us for this informative webcast to learn the key components required for protecting the Software-Defined Data Center.
Derek Brink, VP and IT Research Fellow at Aberdeen Group & Sumner Blount, Director, Security Solutions at CA Technologies
The world of security has changed. Security must now be extended to a larger, and more diverse user population. These extended users (partners and consumers in addition to employees) demand a simple, frictionless, and business-oriented user experience, but without sacrificing the confidence that their private information is secure. Aberdeen has shown that organizations that can meet the needs of this increasingly diverse user population can gain significant benefits – up to 60% gain in user productivity and an 80% increase in user satisfaction!
Join Aberdeen Group and CA Technologies for an informative webcast to learn how these results were achieved and how you can leverage these principles in your own environment. We will also explore a major bank’s experience and how they are leveraging identity management and governance capabilities to help transform their business - securely!
John Hawley, VP, Security Strategy, CA Technologies; Brandon Dunlap, Brightfly
The Identity Management market continues to be heavily influenced by several important trends – cloud, mobile, the rise of the user, and increased app velocity, among others. These trends have dramatically shaped the identity landscape, and changed the security strategy and tactics that many companies have adopted. How will these trends continue to impact the identity landscape, and what should organizations do to prepare for it? Join CA Technologies and (ISC)2 on February 4, 2016 at 1:00PM Eastern as we look at the next phase of identity management, and how these and other emerging trends will continue to shape the role of Security. We will also offer best practice guidelines for dealing with these continuing changes.
Derek Brink, VP and IT Research Fellow at Aberdeen Group & Sumner Blount, Director, Security Solutions at CA Technologies
Identity and access management (IAM) initiatives with a focus on users can enable your business, while still supporting their traditional role in the important areas of security, compliance, and reliability.
In the research report "IAM for Everyone: How A Broader Strategic Focus on Users Pays Off," Aberdeen Group’s Derek Brink describes four high-level attributes that can help you quickly assess whether your organization’s IAM initiatives are on a path to achieve similar results:
- IAM is viewed not only as the technical means for control, compliance, and cost efficiencies, but also as an essential strategic business enabler
- Both rewarded risks (eg. enablement) and unrewarded risks (eg, protection) are among the top drivers of your IAM investment
- There is a strong focus on a convenient, streamlined, and personalized user experience
- The performance of your IAM investments are being measured and are helping to produce the desired business value
Join CA Technologies and Aberdeen Group for this highly informative on-demand webinar on IAM as a strategic enabler.
Nick Craig, VP of Payment Security, CA Technologies
Shopping cart abandonment is on the rise – often fueled by complicated checkout processes or card security prompts. In fact, the estimated value of online shopping carts left behind in 2015 was a staggering $3.38 trillion.*
Join this Card Not Present event with Nick Craig, VP of Payment Security, CA Technologies, to learn the methodology that card issuers can implement to streamline the checkout process and win back some of that lost revenue by providing a better, and more secure shopping experience.
Educational webcasts for the IT Security Professional
The CA Technologies Security Management solutions help CSOs and security professionals move the business forward by facilitating growth, innovation and collaboration, and driving IT operational excellence, all while managing risk and compliance. CA Technologies will show you how businesses can gain the control they need over physical, virtual, and cloud IT environments—so they can protect the business and the information on which it relies.
The competitive landscape of cloud computing in China and India looks very different today than it did a few years ago. Aside from gaining wholehearted support from local governments, positive investment climate has a role to play to ignite market interest and vendor support. While early cloud leaders like Amazon and Salesforce have helped define the evolving marketplace and invited further competition, local players, which used to be hampered by process oversights, are now turning to cloud-based business models and service delivery to reinvent themselves and stay agile as technology innovation collides with reality. How does the cloud market shape up in China and India so far? What types of cloud services will be important in near future? What does it mean for you going forward?
Today, Communications service providers face real challenges in terms of their ability to innovate and deliver new services with greater speed and agility and at lower costs. Software-Defined WAN (SD-WAN) is fast becoming a disruptive intersection of cloud, telco and enterprise. SD-WAN offers an alternative to delivering managed services with centralized configuration, management, and optimization of Enterprise applications across the WAN. According to IDC, SD-WAN is projected to be a $6B market by 2020, with an estimated compound annual growth rate of 100 percent.
In this webinar, viewers will learn about the technologies that enable SD-WAN and the value proposition for enterprises and communications service providers. They’ll also hear about specific deployment options where SD-WAN delivers benefits over traditional methods.
58% experienced issues when failing over IT systems! - The State of IT Disaster Recovery in the UK – 2016 Survey
Find out if you’re ahead or behind on IT Disaster Recovery. In a survey commissioned by iland and conducted by Opinion Matters, 250 IT decision makers in the UK were asked about their DR experiences, challenges and strategies. And, we’re sharing the results!
Learn from your peers:
- The frequency of DR testing – how much is enough?
- The impact of IT outages – how disruptive would it be to your business?
- The trade-offs IT leaders make between downtime, cost and security – what trade-offs make sense for you?
Join iland and Zerto as we dig into the survey findings which will be a useful benchmark for your own DR strategies. Don’t miss it.
Join us as we discuss how Trend Micro and VMware have partnered to deliver an optimized hybrid cloud security solution architected for VMware virtualized data centers, virtual desktops, and multi-cloud deployments that include AWS and Microsoft Azure.
In this webinar you will learn how to….
-Optimize data center resources with virtualization-aware security
-Deliver automated security across environments
-Manage and deploy security efficiently
-Achieve cost effective compliance
On September 27th, Datera invites you to join an exclusive event where you will hear from leading industry visionaries and experts who will offer executive-level insights into cloud technologies, processes, and solutions needed to keep pace with the speed of business.
Key experts from Comcast, Google and Mesosphere will be discussing the storage for clouds landscape and how it is changing fast and open source solutions, like Ceph, are just not delivering on the promise.
This is the storage breakthrough EMC, NetApp and HP don’t want you to know about. Don't make your next storage infrastructure investment on a legacy solution. Find out how an intent defined, infrastructure aware, API-first Dev/Ops, cloudy approach to storage streamlines application infrastructure operations and dramatically improves storage economics for private cloud operators.
VMware, NetApp and even EMC are proponents of using NFS based storage systems to support mission critical workloads like virtual machines, databases and performance sensitive unstructured data. But in comparison to mission critical fibre channel, the tools to monitor and optimize your NFS infrastructure are lacking. In this webinar Storage Switzerland and Virtual Instruments will discuss the five challenges facing IT professionals that depend on NFS-based storage infrastructure for performance-intensive workloads. You will learn how to detect and overcome:
Join this webcast to learn how to seamlessly deploy and orchestrate virtual network functions and services for the branch as both cloud-based and on-premises solutions. You’ll discover how easy it is to operationalize new service offerings and create a path to cost savings, rapid service monetization, and competitive differentiation.
RIFT.io and Brocade have collaborated to integrate the Brocade Vyatta Network Operating System, deployed as a Virtual Network Function (VNF) Platform, with RIFT.ware’s network service orchestration capabilities (NFV-O). This combination creates an on-premises branch services solution (vCPE) and cloud-based service.
The webcast will discuss best practices and feature a demo that will show:
• How Brocade and RIFT.ware jointly deliver a robust and scalable solution for operators to deploy virtualized network services for vCPE in the cloud and customer premises.
• How RIFT.ware and Brocade work together to deploy Vyatta Network OS as a VNF and VNF platform.
• Details on why an open architecture approach to interfaces is critical to ensure interoperability and rapid operationalization of services.
If you’re still spending days to provision infrastructure services, or weeks to deploy applications, it’s time to turn automation on. Join us and learn how you can automate the delivery and management of shared services, infrastructure, and applications.
What you will learn by attending this webcast:
- Tips on managing the dynamic hybrid cloud and providing on-demand infrastructure services
- How the California Department of General Services automated the delivery of virtualized compute, storage, and networking
- Why hybrid cloud capabilities are key to building a unified environment
Ransomware and business email compromise (BEC) scams have dominated the security threat landscape for the first half of 2016, truly making it the Year of Online Extortion. This webinar is designed to discuss these and other prominent threat trends we are currently seeing, as well as to give organizations possible security strategies and solutions that they can use to better defend their assets and data.
In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.