Hi [[ session.user.profile.firstName ]]

Developing and implementing risk-based access policies to match IAM strategies

The security challenges of companies large and small is changing. This is especially pronounced in the access management space as IT admins and CISOs are faced with more identities and devices across a growing number of cloud applications. In our recent survey, we found 72% of respondents found cloud access management tools as a solution to reducing the threat of large scale data breaches, while 62% highlighted the tools ability to help simplify the login process for their enterprise users.

In an organization, individuals dealing with security have different goals and objectives. Aligning them can be a challenge. We will look at the priorities of the user, IT teams and CISOs – where they are linked and where they diverge. To build effective risk-based access policies, you need to start with a living IAM strategy that takes into account geolocation, threats, unusual behavior and scenario based data. Using policy-based access management, internally and externally for example in the cloud, is helping enables aligning the different security teams in an organization and automate and simplify the log-in process for users as well. During the webinar attendees will walk away with an understanding of:

-Analyzing personas within your organizations security team to improve IAM solution implementations
-Things to consider when building your access management strategy
-Building risk-based access management policies across multiple applications or cloud environments
Recorded Mar 28 2018 55 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Amanda Rogerson, Product Expert at Gemalto
Presentation preview: Developing and implementing risk-based access policies to match IAM strategies
  • Channel
  • Channel profile
  • Understanding the Latest Strategies and Trends in Encryption Key Management Recorded: Nov 29 2018 51 mins
    Steve Kingston, Senior Manager at Gemalto
    Security and risk management professionals face ever-increasing needs to encrypt various types of sensitive data stored on-premises, in private and public clouds and in hybrid environments in order to protect their organizations in the event of a data breach. Compliance mandates, internal security audits, data residency issues and threats of hackers are driving the requirements for enterprises to develop a centralized enterprise-wide encryption strategy to prioritize sensitive data protection. In addition, regulations, such as the EU General Data Protection Regulation (GDPR), have dramatically increased pressure on security professional leaders to review and revamp their approach to encryption key management.

    To meet these needs, security professionals are using a growing number of encryption tools to protect data within a variety of data storage environments. These may be located within local and external IT environments and systems, such as file stores, databases, big data platforms or various clouds. However, encrypting data in each of these environment results in the creation of islands of encryption and diverse key management platforms which increases complexity, costs and risk of data loss.

    In this webinar, you will:
    • Gain insight into trends that are driving the digital cloud transformation and how key management plays a role
    • Understand the importance of developing a centralized approach to encryption key management
    • Examine where and when you should encrypt your organization’s data and typical key management use cases
    • Learn how to implement an enterprise-wide key management operational model that can reduce cost of ownership and minimize overall risks
  • PCI Compliance: Why Risk Losing Customers When Payment Card Data Is Stolen? Recorded: Nov 28 2018 60 mins
    Graeme Pyper, Regional Director A/NZ at Gemalto and Vaqar Khan, Senior Security Consultant, UL Identity Management & Security
    Amazon, eBay, Alibaba, Black Friday, Cyber Monday amongst others are all fuelled by online credit card payments. Even traditional bricks and mortar businesses accept card payments through point-of-sale devices, online or via applications on mobile devices. This trend is only going to grow as the world move towards a cashless society.

    With the same motivation as criminals stealing cash, in the digital age cyber criminals are now stealing personal financial information from payment card transactions and payment processing systems.

    The PCI Security Standards Council (PCI SSC) offers a set of standards and supporting materials to enhance credit card security. For retailers, financial institutions, payment processors, and a range of other organizations that store, process and/or transmit credit card data, and the service providers that enable their businesses, compliance with the relevant the PCI standards (e.g. PCI PTS, PCI DSS, PCI PIN, PCI P2PE, PCI 3DS) is critical to ensure the safe handling of credit card information at every step.

    This webinar will discuss and provide helpful and practical information on:

    •The overview of PCI standards and how they apply to businesses
    •Encryption and key management requirements in PCI and how to comply with focus on PCI DSS, PCI PIN, PCI P2PE and PCI 3DS
    •How to secure sensitive cardholder data & meet the critical challenges of complying with PCI standards
  • Turning PKI Smart Cards into Cloud SSO Gold Recorded: Nov 8 2018 52 mins
    Garrett Bekker, Senior Security Analyst at 451 Research and Stephane Vinsot, Senior Director, IAM Product Strategy at Gemalto
    Up until now, PKI hardware’s limitations meant companies could not adopt cloud and mobility projects without having to completely ‘rip and replace’ their current security framework. As a result, companies have been using smart cards and tokens to allow their employees to authenticate themselves while accessing corporate resources, but this was limited to activity within the enterprise perimeter. In addition, companies that use PKI credentials for email encryption and digital signing have also been limited to on-premises environments.

    In this webinar, you will learn about how organizations can deploy SafeNet Trusted Access and benefit from single sign on (SSO) and high assurance PKI-based authentication, making it easier and more secure to access cloud and web-based apps and resources from wherever and on any device. Using the solution, employees will no longer have to re-authenticate each time they access a resource with their smart card, enabling more efficiency across the company – while allowing enterprises to maintain high assurance security when needed.

    In this webinar you will also learn how to build on current PKI investments, and embrace digital transformation without compromising on security, including:
    •Enabling cloud transformation: Organizations can extend PKI credentials to access policies, allowing CISOs to maintain security in the cloud by triggering the use of step up PKI-based authentication to cloud and web-based apps when needed
    •Facilitating mobility: Employees can access enterprise applications within virtual environments with their PKI credentials. This means that employees and consultants will be able to access corporate apps via a VDI, from any device and carry out certificate-based transactions, even if they can’t use their smart cards
  • Cloud Transformation: Security in the Age of Digital Disruption Recorded: Oct 16 2018 54 mins
    Gary Marsden, Senior Director of Data Protection Services at Gemalto
    While the technological and commercial advances of the cloud have created significant opportunities for enterprises, service providers and IT vendors alike, this cloud-driven transformation has also undone conventional approaches to data security and created compliance challenges when it comes to data control and ownership.

    These changes have unwittingly drawn us into a realm of increasing threat vectors, poor security practices and bad actors. From reducing cost of ownership to empowering IT decision making across the value chain, it is safe to say that the cloud means that life will never be the same for anyone.

    During this webinar we will:
    - Look at the challenges facing today's IT and security teams;
    - See how this wave of disruption can be overcome using ever advancing automation, processing and intelligence technologies that can be used to build and deliver security an increasingly diverse IT landscape; and
    - Look at how security will need to evolve in the wake of digital transformation.
  • Fintech, Compliance & Data Protection – Steps to Secure the Breach Recorded: Aug 14 2018 43 mins
    Ferry de Koning, Director Business Development, Gemalto and Gary Marsden, Senior Director, Encryption Products
    Fintech startup companies are disrupting the financial services industry, raising more than $120 billion over the last three years. Although these new entrants are changing how money and markets operate, they must still do business within the realities of regulations like GDPR and Australia's Notifiable Data Breaches scheme that the rest of the financial industry must operate. This means that data security and trust are just as important to Fintech companies as it is to traditional banks.

    Fintech companies are unique because of their agility, lean operations and that most are built using the cloud and digital technologies that banks are just now adopting. While this makes Fintech companies more nimble and they can enter new markets faster, it also presents more complexities for how Fintech companies need to manage security and meet compliance mandates.

    In this webinar you will learn about:

    •Fintech compliance and regulation from a data protection perspective.
    •How to build a secure the breach strategy using a case study from the physical world
    •Understand key elements for building cloud-based data security strategy that fits the needs of Fintech companies
  • Implementing Virtualized Network Encryption to Secure SD-WANs Recorded: Jun 21 2018 60 mins
    Stan Mesceda, Senior Product Manager at Gemalto and Julian Fay, CTO at Senetas
    Today enterprises and service providers are increasingly using network functions virtualization (NFV) and software-defined networking (SDN) technologies to design, deploy and manage their networks and cloud-based services. These software-based technologies give organizations cost and operational benefits because they move network functions from dedicated hardware appliances to virtual servers. These same technologies can be now be applied to how encryption is deployed and managed to protect sensitive data and communications the flow across SD-WANs.

    In this webinar you will learn about:
    •What is the best network fit for virtualized encryption
    •How to implement a virtual network encryption appliance in software-defined network
    •What are the cost, operational and performance benefits of virtual encryption
    •What it means to be transport layer independent and how you can protect network traffic simultaneously across Layers 2, 3 and 4
  • 451 Research and Gemalto present "MSPs - Maximizing ROI with Security" Recorded: May 15 2018 60 mins
    Gary Marsden, Senior Director of Data Protection Solutions at Gemalto and William Fellows, Research VP 451 Research
    Digital transformation is a critical part of an enterprise business strategy. However, for many organizations, having more digital assets introduces major headaches due to the complexity of technologies, the lack of available and affordable skills and the ever-changing security threat landscape. The ability to use cloud based solutions to service digital strategies is helping reduce costs but is also increasing risks, isolating data and reducing controls.

    Many MSPs have recognized this as an opportunity and are building business plans and service strategies to help their customers. Being the one-stop shop for applications, cloud services and related security aspects is a path that is actively being trodden by MSP’s, MSSP’s and traditional resellers alike. According to 451 Research, it is about a “sell with” approach by addressing business requirements with security “built-in”. In this joint webinar, our guest William Fellows, 451 Research analyst will provide new research results this related data points and discuss how the cloud is creating opportunities as well as challenges. The interactive Q&A style webinar will cover:

    • A current view of the cloud’s impact on digital transformation
    • Opportunities for MSPs to expand service portfolios and generate new revenue streams
    • What a true “sell with” partnership looks like
    • Technology enabling this new sales and marketing strategy for MSPs

    Presenters:
    William Fellows is a co-founder of The 451 Group. As VP of Research, he is responsible for the Cloud Transformation Channel at 451 Research.

    Gary Marsden: Senior Director of Partnerships at Gemalto
  • New Data Breach Findings: The Year of Internal Threats & Misplaced Data Recorded: May 14 2018 52 mins
    Jason Hart, CTO of Data Protection at Gemalto
    2018 has started off as an eventful year with data breaches at Saks Fifth Avenue, Lord & Taylor and Under Armour’s MyFitnessPal app. And it will continue to be a catalyst year for data security with the 25th of May deadline for the European Unions’ General Data Protection Regulation, which regards “privacy as a fundamental human right and to protect it as such.” Data exposed or breached is not only a headache for security teams, but also impacts brand reputation, customer confidence and stock prices.

    Gemalto’s 2017 Breach Level Index found 2.6 billion records where compromised in 2017, a 88% increase from 2016. In this webinar our expert, Jason Hart, will walk attendees through the most shocking 2017 stats, new data breach tactics and how companies can manage risk by mapping out where your data resides. Join us to learn more about:
    -Internal threats and misconfigured cloud databases
    -Growing security threats like data integrity attacks
    -Innovative technology that is solving some of these issues
    -What we have in store for 2018
  • Seal, Lock & Protect: How not to leave your networks and cloud vulnerable Recorded: May 7 2018 54 mins
    John Ray, Product Management and Danna Bethlehem, Product Marketing Gemalto and Josh Chambers, Product Management at F5
    Securing and monitoring your network and cloud environments has changed over the past few years and compliance and government regulations will add to it. Network traffic monitoring tools have been presented as a solution to meeting compliance and performance on a network. But monitoring alone is not enough. In terms of security, companies need to holistically secure their network, cloud and data, no matter where their users are accessing from.
    This joint webinar between F5 and Gemalto will help attendees prepare for the next-generation of secure network access as more data resides in more places with more people accessing it. It will also walk them through the integration between F5 and Gemalto and what options this partnership offers.

    In this webinar, you will earn how to:
    •Reduce the risk of breaches by ensuring that only authorized users are accessing network, using the F5 environment as an example
    •Protect & encrypt your customer data
    •Manage secure cloud access
    •Comply with regulations
  • The future of smart connected (or IoT) devices, but what about security? Recorded: Apr 11 2018 61 mins
    Paul Lockley, VP of Partnerships at Device Authority and Gorav Arora, CTO Office Director of Products
    One of the biggest obstacles to IoT adoption is security. Our recent survey found 65% of consumers are concerned about hackers controlling IoT devices and 60% worry about their data being stolen. Recent widespread attacks using IoT device vulnerabilities has also highlighted how interconnected the system is and one weak link creates a ripple effect Securing the identities of both humans and machines, access to the devices and protecting the integrity of the data and device opens the door to more opportunities. For example, the ability to manage blockchain identities and data security policies across any IoT deployment.

    In our joint webinar with Device Authority, our experts will outline how security by design methodology helps future proof IoT deployments. They will have an open conversation and a question and answer session on topics that customers are dealing with, related news topics, compliance and government regulations, business opportunities and technologies that are changing the game. Join us to hear more about how using the security by design approach can help:

    •Identify and manage risks and challenges in the short and long term
    •Prepare for legislation and compliance
    •Create new opportunities for a secure blockchain-based IoT
    •Leverage new technology like machine learning and analytics
  • Developing and implementing risk-based access policies to match IAM strategies Recorded: Mar 28 2018 55 mins
    Amanda Rogerson, Product Expert at Gemalto
    The security challenges of companies large and small is changing. This is especially pronounced in the access management space as IT admins and CISOs are faced with more identities and devices across a growing number of cloud applications. In our recent survey, we found 72% of respondents found cloud access management tools as a solution to reducing the threat of large scale data breaches, while 62% highlighted the tools ability to help simplify the login process for their enterprise users.

    In an organization, individuals dealing with security have different goals and objectives. Aligning them can be a challenge. We will look at the priorities of the user, IT teams and CISOs – where they are linked and where they diverge. To build effective risk-based access policies, you need to start with a living IAM strategy that takes into account geolocation, threats, unusual behavior and scenario based data. Using policy-based access management, internally and externally for example in the cloud, is helping enables aligning the different security teams in an organization and automate and simplify the log-in process for users as well. During the webinar attendees will walk away with an understanding of:

    -Analyzing personas within your organizations security team to improve IAM solution implementations
    -Things to consider when building your access management strategy
    -Building risk-based access management policies across multiple applications or cloud environments
  • Trends in IAM: The Consumerization of Enterprise Security Recorded: Mar 7 2018 34 mins
    Danna Bethlehem, Director of Product Marketing
    With a growing number of cloud apps in use, more employees working remotely increasing the need for stronger authentication. This is driving IT decision makers to find ways to ‘consumerize’ the login process. To get a better understanding of access management challenges and views on the industry Gemalto surveyed 1,000 IT decision makers to compile the 2018 Identity and Access Management Index. During this webinar, we will share some of the fascinating key findings that will shape cybersecurity and the way enterprise IT professionals evaluate and implement access management technology. Join us to learn more about:

    •2018 key findings and trends
    •How consumerization of IAM can be achieve in the enterprise security space
    •How organizations can maintain security while lowering barriers to authentication
    •Evolution of IAM Trends: A look at the historical numbers compared to the new findings
  • Ponemon Research 2017 Trends in Cloud Security: Cloud & Compliance Compatible? Recorded: Feb 27 2018 60 mins
    Larry Ponemon, Chairman and Founder of the Ponemon Institute and Jason Hart, CTO office for data protection
    95% of companies have adopted cloud services but the 2018 Global Cloud Data Security Survey found there is a wide gap in the level of security precautions applied by companies in different markets. Organizations admitted that on average, only two-fifths (40%) of the data stored in the cloud is secured with encryption and key management solutions. This is disturbing since only a quarter (25%) of IT and IT security practitioners revealed they are very confident they know all the cloud services their business is using,

    The reality is cloud creates challenges in knowing where your data resides and what or who has access to it. In 2018, breaches like Uber and Accenture occurred because of improperly configured security for web and cloud applications that were connected to a company’s network. A major catalyst to address this is upcoming regulations and compliance, which are trying to catch up with cloud adoption. Over the next few years, companies will be faced with more complicated and intricate auditing to demonstrate security and privacy best efforts in the cloud.

    During this webinar, Larry Ponemon, Chairman and Founder of the Ponemon Institute, and Jason Hart, CTO of Data Protection, will walk attendees through the research methodology, key findings and how things have changed over the past couple of years. Join us to learn more about:
    -2018 Global Cloud Data Security Findings
    -Compliance and cloud security: How will this work?
    -A shift in the budget: Where is IT spending their money?
    -Country breakdown of IT cloud security: Who is doing the best?
    -What can you do to secure the cloud and comply with regulations?
  • Before you choose Microsoft – 5 Things to Check in an Access Management solution Recorded: Feb 26 2018 59 mins
    Mor Ahuvia, Authentication Product Marketing at Gemalto
    Organizations with Microsoft environments, such as Azure or Office 365, are inclined to implement Microsoft’s native access management solutions (namely, Azure AD and AD FS). Defaulting to Microsoft’s cloud SSO solutions may appear to be the best choice, a closer examination of these solutions reveals critical downsides, as well.

    Join this webinar to learn the five things to consider before implementing Microsoft’s access management solutions. You will also see a demo of how you can centrally define access management policies (including cloud SSO and step-up authentication) for Microsoft and 3rd party apps with a vendor agnostic-solution.
  • How to Prepare for GDPR: A Gemalto Case Study Recorded: Dec 18 2017 60 mins
    Jean-Pierre Mistral, Director of Global Data Privacy and Alex Hanway, Encryption Product Marketing
    Join us for a new webinar in our series focused on helping companies prepare for the upcoming global government regulations, like European General Data Protection Regulation (GDPR). Data sovereignty, especially for cloud-first companies, is becoming an important part of any security strategy as these data breach regulations go into effect next year. Being able to demonstrate best efforts to protect the privacy of an individual’s data will be a requirement and non-compliance will have hefty monetary ramifications.

    This webinar will walk attendees through what Gemalto has already done and is doing to prepare for data privacy regulations from product management to sales operations and more. Our Director of Global Data Privacy, Jean-Pierre Mistral, will share how and what we have done, takeaways and timelines and Alex Hanway, Product Marketing, will cover the different technologies companies can use to mitigate the risk of non-compliance and what this means for business operations globally.

    Join us to hear more about:
    •What is GDPR?
    •Case Study: A look at how Gemalto has prepared for GDPR
    •The implications for local businesses and technologies that can help mitigate risk around complying with data privacy regulations
  • How Cryptocurrencies are Changing the Face of Financial Services Recorded: Dec 15 2017 61 mins
    Eric Larchevêque, CEO at Ledger and Joe Pindar, CTO Office Director of Strategy
    Joint webinar with Ledger and Gemalto discussing how cyrptocurrencies have the potential to revolutionize the financial industry and what needs to be done to secure the digital assets.
  • SafeNet Authentication Service Live Product Demo Recorded: Nov 24 2017 26 mins
    Ms. Mukta Gupta - Technical Consultant Engineer, Identity & Data Protection, India & SAARC, Gemalto
    SafeNet Authentication Service (SAS) delivers fully-automated, highly secure strong authentication-as-a service. A new product demo webinar is now available.

    Register now for our 30 minute demo and see how easy and simple it is to:
    - Set up a strong authentication account on SAS
    - Add users to an account
    - Assign tokens to users
    - Generate reports

    Please email us at InfoAPAC@gemalto.com if you have any questions or problems registering.
  • Are you Ready for Australia's Privacy Act? A Gemalto Case Study Recorded: Nov 22 2017 61 mins
    Jean -Pierre Mistral, Legal Counsel for Data Privacy and Graeme Pyper, Regional Director of Enterprise and Cybersecurity
    Join us for part two of our webinar series focused on helping companies prepare for the upcoming Australian Privacy Act and global government regulations, like European General Data Protection Regulation (GDPR).
    Data sovereignty, especially for cloud first companies, is becoming an important part of any security strategy as these data breach regulations go into effect next year. Being able to demonstrate best efforts to protect the privacy of an individual’s data will be a requirement and non-compliance will have hefty monetary ramifications.

    This follow up webinar will walk attendees through what Gemalto has already done and is doing to prepare for data privacy regulations from product management to sales operations and more. Our legal counsel for global data privacy, Jean-Pierre Mistral, will share how and what we have done, takeaways and timelines and Graeme Pyper, Regional Director for New Zealand and Australia, will cover the different technologies companies can use to mitigate the risk of non-compliance and what this means for business operations globally.

    Join us to hear more about:
    •The Mandatory Data Breaches scheme
    •Case Study: A look at how Gemalto is preparing for Australia’s NDB & GDPR
    •The implications for local businesses and technologies that can help mitigate risk around complying with data privacy regulations
  • What is New with PCI-DSS Compliance in 2018? Recorded: Nov 7 2017 46 mins
    Danna Bethlehem, Director Product Marketing, Gemalto
    The deadline to comply with Payment Card Industry Data Security Standard (PCI DSS) 3.2 is quickly approaching, leaving many businesses scrambling to understand and meet compliance requirements. Join us for an hour and learn more about the mandate and how you can prepare and be ready by February 2018.
    This webinar will discuss and provide helpful information on the upcoming mandate including:
    •Overview of PCI DSS 3.2
    •What is new in PCI DSS 3.2 and what that means for your business
    •Comprehensive solutions that will help you ensure compliance
    •Mapping solutions to the needs of your department
    Please visit our BrightTalk channel to register for the webinar.
  • 451 Research & Gemalto Present "Alphabet Soup: Deciphering Multi-Cloud Security Recorded: Oct 19 2017 57 mins
    Eric Hanselman, Chief Analyst at 451 Research and Michael Gardiner, Security Lead for CTO office, Gemalto
    The cloud provides organizations with elasticity and speed and by 2018 60% of an enterprises’ workloads will run in the cloud says 451 Research. The amount of business operations running in the cloud means organizations have more cloud computing service providers, with a typical enterprise having roughly six. This requires companies to develop and implement a multi-cloud strategy, especially when it comes to security. But each CSP has its own security offerings and integrations sometimes making the process confusing and complex. Even prior to the cloud, encryption and key management have presented challenges for many organizations, but with encryption becoming ubiquitous – a strong key management strategy is key. This is especially important with industry mandates and government regulations like European General Data Protection Regulation (GDPR) and U.S state data breach disclosure laws.

    In this joint webinar with 451 Research, we will cover topics including:

    -Building a multi-cloud security strategy for encryption and key management
    -Best practices, benefits and pitfalls of managing your own security
    -Impact of regulations on data protection in the next few years
    -Understanding the different CSP requirements for key management:
    oCustomer-Supplied Encryption Key (CSEK)
    oBring Your Own Key (BYOK)
    oHold Your own Key (HYOK)
    oGeneral cloud service provider key management services overview
Security for What Matters Most: Data
As the global leader in digital security, Gemalto brings trust to an increasingly connected world. From secure software to biometrics and encryption, our technologies and services enable businesses and governments to authenticate identities and protect data so they stay safe and enable services in personal devices, connected objects, the cloud and in between.

Gemalto’s solutions are at the heart of modern life, from digital payments and transactions to enterprise security and the Internet of things. We authenticate people, transactions and objects, encrypt data and create value for software – enabling our clients to deliver secure digital services for billions of individuals and things.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Developing and implementing risk-based access policies to match IAM strategies
  • Live at: Mar 28 2018 3:00 pm
  • Presented by: Amanda Rogerson, Product Expert at Gemalto
  • From:
Your email has been sent.
or close