Shine a light on shadow apps

Glossary

  • images/What-is-CIEM.png

    What is Cloud Infrastructure Entitlement Management (CIEM)?

    Cloud Infrastructure Entitlement Management (CIEM) is a cloud security framework focused on managing and securing cloud identities within an organization's cloud infrastructure. Learn common CIEM use cases and what to look for in CIEM solutions

  • images/11-best-access-governance-2.png

    11 Best Access Governance Software for Identity Management in 2024 [+User Feedback]

    Looking for an access governance software to tighten up your organization's security posture? We've got you covered in this expert buyer's guide.

  • images/What-is-single-sign-on-sso.png

    What is Single Sign-On (SSO)?

    Single sign-on (SSO) allows organizations to authenticate and grant access to users across numerous applications using a single set of credentials. Learn how SSO works and why it's an important access management tool.

  • images/What-is-JIT-access.png

    What is Just-in-Time (JIT) Access?

    Just-in-time (JIT) access is a security practice for granting access to applications or systems. Learn how JIT access works and its use cases, benefits, and types.

  • images/What-is-SoD.png

    What is Separation of Duties (SoD)?

    Separation of duties (SoD), also sometimes referred to as segregation of duties, is the principle that no user should be given a combination of privileges that would allow them to misuse a system on their own. Learn why SoD is an important cybersecurity and compliance practice.

  • images/What-is-an-IdP.png

    What is an Identity Provider (IdP)?

    An identity provider (IdP) stores, maintains, and manages digital user identities and ensures users are authenticated before getting access to an organization's resources. Learn why IdPs are an important foundation for effective identity security.

  • images/What-is-shadow-IT(1).png

    What is Shadow IT?

    Shadow IT refers to the use of applications, infrastructure, and even hardware without the approval of an organization's IT and security teams. Learn how to proactively protect against the risks posed by shadow IT.

  • images/what-is-10.png

    What is ISO 27001?

    Learn all about ISO 27001 and how its certification can improve your organization's reputation and instill confidence in its security practices through demonstrating strong security posture to external stakeholders, such as customers, partners, and regulators.

  • images/what-is-8.png

    What is GLBA?

    The Gramm-Leach-Bliley Act (GLBA) is a US federal law that, when enforced, ensures customers' information privacy and security. Complying with GLBA's requirements, financial institutions can minimize security risk, while also enhancing customer trust and confidence.

  • images/copy-of-c1-resource-graphics-33.png

    What are Time-Based Access Controls?

    Time-based access controls restrict access to critical infrastructure which increases security posture through reducing attack surface area. Learn more about time-based access controls and their importance here.

  • images/what-is-6.png

    What is NIST?

    The National Institute of Standards and Technology (NIST) plays a crucial role in cyber and information security, but what exactly is it and what role does it play? Learn all about NIST and how following NIST guidelines is a security best practice here.

  • images/what-is-7.png

    What is Temporary Elevated Access?

    Temporary elevated access refers to granting users temporary privileges outside the standard access scope. It is a security best practice, enabling organizations to enhance security, maintain compliance, and minimize risks.

  • images/copy-of-c1-resource-graphics-28.png

    What is FedRAMP?

    FedRAMP framework is a government program that provides a standardized approach for assessing, authorizing, and monitoring the security of cloud service providers (CSPs) used by federal agencies. But how can I get the certification and why should I care? Learn all about FedRAMP and its importance here.

  • images/copy-of-c1-resource-graphics-25.png

    Why Migrate from Birthright to Just-in-Time (JIT) Access?

    Birthright access is a common place, but unsafe, security practice and because of this more and more companies are shifting left and migrating to Just-in-Time access. But what are the differences and how can I start to change? Learn why JIT access is a security best practice here.

  • images/copy-of-c1-resource-graphics-24.png

    What is HITRUST?

    HITRUST is a certification framework for managing and protecting sensitive healthcare information and is a security and compliance best practice for the healthcare industry. Learn more about the benefits of HITRUST here.

  • images/copy-of-c1-resource-graphics-23.png

    What is IAM?

    Identity and Access Management (IAM) is a security best practice that increases security posture through defining and enforcing access controls. Learn more about the benefits of IAM here.

  • images/what-is-4.png

    What is PAM?

    PAM (privilege access management) is a security best practice that helps organizations protect their sensitive data and critical systems by controlling access to privileged accounts. Learn more about PAM and why they can help improve your security posture.

  • images/what-is-3.png

    What is Birthright Access?

    Birthright access is a common place practice that has the ability to open the door to security breaches and other malicious activity. Learn more about how to decrease birthright access while increasing your security posture.

  • images/copy-of-c1-resource-graphics-29.png

    What is the Difference Between Identity Governance and SaaS Security Posture Management?

    Identity Governance and SSPM are two related but distinct concepts within the field of information security. Learn more about how they are similar and different here.

  • images/what-is-2.png

    What is SAML vs SCIM?

    SAML and SCIM are both best practice security protocols that help to ensure the safety of users and systems that contain the most sensitive information. Learn more about the differences between SAML and SCIM here.

  • images/copy-of-c1-resource-graphics-20.png

    What is the Difference Between SOX and SOC Compliance?

    SOX and SOC 2 compliance initiatives are similar, yet very distinctly different aspects of access control regulations. Learn more about each specifically and the differences between the two here.

  • images/copy-of-c1-resource-graphics-19.png

    What is Provisioning and Deprovisioning?

    Provisioning and deprovisioning are essential to increasing your security posture and the safety of your more sensitive information. Learn more about the differences between the two in our newest glossary article.

  • images/what-is.png

    What are Orphaned Accounts?

    Orphaned accounts pose a significant security risk for both individuals and organizations as they are easily targeted by attackers. Learn more about how orphaned accounts occur and how to manage them to increase your security posture here.

  • images/what-is-1.png

    What is Authentication vs. Authorization?

    Authentication and authorization are commonly used and. more commonly confused terms for cloud forward companies. Learn about the similarities and differences of authorization and authentication here!

  • images/copy-of-c1-resource-graphics-12.png

    What is Zero Standing Privilege?

    The practice of zero standing privilege can reduce the risk of security breaches and help keep sensitive resources and data safe. Learn more about how reducing and managing standing privilege can improve your security posture.

  • images/copy-of-c1-resource-graphics-10.png

    What are Access Requests?

    Access requests play a key role in achieving security objectives and in the safety of sensitive data. Learn more about how access requests can keep you more secure through the prevention of unwanted users gaining access.

  • images/copy-of-c1-resource-graphics-6.png

    What are Access Controls?

    Access controls are an essential part of security through the management of the information spread throughout an organization's numerous apps and systems. Learn more about the types of access controls and the importance of its implementation.

  • images/copy-of-c1-resource-graphics-3.png

    What is Zero Trust?

    Learn more about the importance of zero trust as a security framework to ensure the security of your most sensitive information and resources.

  • images/copy-of-c1-resource-graphics-1.png

    What is Identity Security?

    Identity security refers to the visibility, controls, and management for the purpose of security. The implementation of identity security strategies is crucial for information and access safety because of the increasing amounts of security breaches.

  • images/copy-of-c1-resource-graphics-2.png

    What are User Access Reviews?

    User access reviews (UARs) are a security and compliance tool used to enhance security through assessing privilege. Learn how they can prevent security breaches and ensure that users retain the appropriate levels of access.

  • images/copy-of-c1-resource-graphics-7.png

    Understanding Entitlements

    An entitlement is what a user can do within an app, whether it is a permission, a role, a setting or an admin, all depending on the app’s definition. But most simply put, it is the ability for a user to do something. The user can be entitled to view, edit or delete data.

  • images/copy-of-c1-resource-graphics-30.png

    Least Privilege Access vs. Zero Trust

    Least privilege principles and zero trust are two cybersecurity frameworks that focus on how to get the strongest security without hindering workforce productivity.

  • images/copy-of-c1-resource-graphics-32.png

    Identity Management vs. Identity Security

    Organizations are struggling to manage all the identities attached to their infrastructure. See how deploying IAM and investing in identity security tools can help.

  • images/copy-of-c1-resource-graphics-31.png

    How companies are staying compliant with periodic access reviews

    A user access review is a periodic audit of access rights to verify that users and accounts have proper authorization to access networks and applications.

  • images/copy-of-c1-resource-graphics-27.png

    What is Identity Governance?

    Identity governance is the policy-based orchestration between identity management and access control. It ensures that identities are properly and securely connected to IT resources.

  • images/copy-of-c1-resource-graphics-26.png

    What is least privilege?

    Least privilege is an approach to security where users have access only to what they require. It’s about giving people the right tools to do their jobs without compromising other people or systems.

images/newsletter-3.png

Stay in touch

The best way to keep up with identity security tips, guides, and industry best practices.