Authentication in the real world: Moving from strategy to implementation
When management wants to roll out a strong authentication system across a heterogeneous IT environment, security administrators face the challenge of effectively weaving an authentication plan into diverse directories such as LDAP, Microsoft Active Directory and Novell NDS. In this tip, we look at taking a large strategic authentication plan and putting it into tactical implementation, examining issues like the benefits of multiple LDAP corporate directories, using group policies at the directory level, and the use of tiered groups to best control internal and external user access.Get more information on security authentication strategies for your customer's implementation.
About the author
Tom Bowers, CISSP, PMP and a Certified Ethical Hacker, is a well known expert on the topics of ethical hacking, penetration testing and protection of the global enterprise. He is the vice president of the Philadelphia chapter of Infragard, the second largest chapter in the country with more than 600 members. Additionally, he serves as manager of information security operations for a fortune 100 pharmaceutical company, where his areas of expertise include risk assessment and leading information protection teams for 120 offices globally. Bowers is a technical editor of Information Security magazine and a regular speaker at events like Information Security Decisions.
This was first published in April 2007