There’s no way around it: program management skills are a must for any IAM leaders, lest they wish to preside over a chaotic, disorganized mess. IAM initiatives often involve complex, interconnected systems and processes – and most of all, people. Without a firm grasp of program management, leaders risk delays, overruns and a final implementation that’s more like a Frankenstein’s monster than a well-running solution.

The adoption of cloud services and the shift to remote work have rapidly expanded the attack surface. In many ways, identities are arguably now at the frontier of cybersecurity – which means traditional identity and access management (IAM) approaches are increasingly inadequate. Cyberattacks are also growing in sophistication, in part through exploiting vulnerabilities in the traditional, fragmented IAM systems that many companies are still using.

Active Directory (AD) is the most prolific identity platform in the world. Like many companies already using AD on-premises, you may now be considering extending your identity environment to the cloud to create a hybrid landscape. There are many reasons behind this: resource constraints, strategy evolution, merger, acquisition or otherwise.

We all know identity management and security are critical to hardening cybersecurity ecosystems. We also know that we can make it happen using the many features and functions across Active Directory (AD), Entra ID and Microsoft 365. The challenge is making sure these are deployed in a way that allows them to work seamlessly together, staying aligned even in environments where there’s fluidity and decentralization.

Passwords are bad, and our whole industry is trying to move away from these simple strings granting access to our systems. But change is slow, and adopting newer standards is difficult, even if passwords are deeply problematic. Now, the National Institute of Standards and Technology (NIST) is updating the core standard for authentication – and it adopts the “new school” of password policies.

Employees come and go, and so do their identities within their organizations. On the surface, it seems a linear lifecycle, starting with onboarding and ending with offboarding, with a whole lot of access to resources in between. But it’s the “in between” where things are more complex – whether related to migration from one business unit to the next or integrating an acquisition.

You may already be using Active Roles to manage privileged access, identity and Active Directory (AD) from a single pane of glass. But now, you can get more. Active Roles release 8.2 is poised to offer multiple new features that support customers who are migrating to the cloud and applying web-based resources during the continuing market evolution. It also introduces enhancements to management within Entra ID.

If you run an online image search for “cyber hacker,” you’ll likely find countless pictures of shadowy, hooded figures hunched over a laptop. There’s just one problem with those search But here’s the catch: The image of a human hacker is in the minority these days.

When we think about privilege access management (PAM), we typically think about it first as preventive control. PAM solutions manage who has privileged access to systems, enforce least-privilege principles and monitor and record privileged user activity. This is crucial for preventing misuse of high-level permissions and ensuring accountability.