By David Stern We often focus our discussions on the pervasive inadequacies of information security programs in business, government, and education. Detracting factors include ignorance, lack of budget, and misplaced priorities of management. In this article, I would like to observe the other end of the spectrum. Information security has become ubiquitous enough that many [...]

By David Stern Meta Directories and Federation Mergers and acquisitions tend to grow IT organizations horizontally. Companies such as Johnson and Johnson or Proctor and Gamble may have dozens of divisions that developed as the result of such activity. The challenge of integrating processes and personnel is big enough without trying to force a common [...]

By David Stern Before we delve any deeper into IDM, we should take a moment to acknowledge three “interim solutions” to the IDM problem that have supported IT for many years. Each of these solutions was designed to support centralized credentials for a specific class of system. NIS – Network Information System or “Yellow Pages” [...]

David Stern, CISSP Introduction Depending on where you sit, Identity Management (IDM) is irrelevant, a holy grail, or a complete boondoggle. Having experienced all three situations at one time or another, and more recently seeing it actually work, it’s time to demystify the subject matter. In this article, we will cover the conceptual framework of [...]

By David Stern Since the late 90′s, Blackberry technology from RIM has opened new avenues of employee connectivity and efficiency. Leaps in both hardware and software have allowed the Blackberry to evolve from a simple email platform to a true mobile computing device. In the Enterprise model, the devices connect back to a server, known [...]

By David Stern With the holiday season fading into the horizon, a new more powerful theme has become pervasive in my daily activities. The auditors are upon us. The “pre-audit” crew from E&Y has departed and has been replaced by the SOX crew from BDO. At the same time VISA PCI issues are also in [...]

by David Stern While it may be true that computers don’t make mistakes, they do run programs that were written by humans. We have grown comfortable with the concept of patching our systems and applications – to improve performance, enhance features and especially to correct ‘bugs’ and other security concerns. Often times, bugs that may [...]

By David Stern Wink wink. Nod nod. “Here’s our retention policy: we don’t have one. HAHAHAHA” On December 1, 2006, the Federal Rules of Civil Procedure were amended to better address digital discovery of company records. While there were many changes overall, they boil down to a few points: •    Files, instant messages, and email [...]