The Identity Portability and Accountability Act of 2011

Last week, the NSTIC program office held the first of three outreach workshops. While a who’s who of the identerati (along with government and trade group representatives) discussed what kind of governance body NSTIC requires, there were a variety of…

No, really, who has access to what?

In the unceasing wake of the RSA breach, and especially given Art Coviello’s most recent post, I’ve been thinking about what role identity and access governance can play in mitigating post-RSA attacks. As you know, I don’t cover authentication

Privacy pendulum swings

If you haven’t been following the “right to be forgotten” topic, this article in The Atlantic is a fairly good primer – and it has a few quotes from Marty Abrams as a bonus. I’m with Marty on this – I don’t think that the right to be forg…