White Papers
Bravura Security white papers
Identity Security Whitepapers
Welcome to Bravura Security's collection of whitepaper documents. Our team developed these resources to highlight the expertise of our work and how our products are fit to perform in any industry. Whitepapers include research-based evidence of products and services, broken down to show each step of our methodology.
Here, you'll find information about our product performance based on real-world implementations. Our whitepapers will provide you with comprehensive knowledge of these products so you can make an informed decision for your workflow.
Traditional password management has long been a cornerstone of organizational security practices. However, as the digital landscape evolves, so do the challenges associated with managing passwords. Conventional password management strategies often exhibit critical shortcomings, including user password fatigue, the risk of user lockouts, and compliance challenges with security standards. This whitepaper introduces Bravura Pass Plus, a solution designed to address these issues by removing the traditional password management and password safety burdens while transforming password management strength, security, and accountability.
How to Go Passwordless at Your Organization to Reduce Cybersecurity Risk. Password Management Explained from Federation and Password Managers to Adaptive Authentication, and Legacy Solutions.
Passwords pose significant problems for organizations and users alike, precisely due to their evergrowing abundance and complexity. These common - and almost universal - scenarios and actions employees take to deal with the problems associated with password management that puts your organization’s security at risk. Companies need strategies that work with human nature.
Download the White Paper to learn more.
Organizations should be deliberate about building proactive strategies to stay a step ahead of ransomware and other cybersecurity risks. Zero Trust empowers your organization with the security and framework you need to combat the new ransomware-as-a-service paradigm. That may be reason enough to mature your operational security with Zero Trust, but there are many other marketplace-driven factors to encourage the change.
Driving Modernization and Digital Transformation in Higher Education
Work and learning are moving from place-based to remote, and the cybersecurity threats to higher education institutions are shifting with them. With hybrid, remote, and distance learning here to stay, universities are on a quest to provide seamless yet secure, modern learning experiences equivalent to in-person models. The continual change in pressures and threats has upended higher education cybersecurity strategy.
For institutions to prevent, detect, and respond to these new threats new technologies and strategies are required.
consideration are an automation-first approach to identity and access management (IAM). In organisations where Zero Trust initiatives are being scoped, intelligent IAM can play a foundational role. Notwithstanding, IAM deployments should be regarded as multi-phase projects accompanied by unique obstacles that stakeholders would do well to avoid.
Security breaches of privileged accounts can be catastrophic to any business by allowing bad actors unfettered access to the company’s most sensitive data and IT systems. Related vulnerabilities have accelerated in recent years due to increased IT infrastructure complexities and broad distribution of business-critical services. To assist organizations with identifying the most effective methods for managing privileged access, Bravura Security sponsored EMA's primary, survey-based research into the real-world requirements, challenges, and management techniques employed for securing privileged access.
As budgets continue to be in flux, and IT and security teams must reduce risk using fewer resources, automation - a key business enabler - is becoming paramount. This 2020 survey from Bravura Security and Pulse of 100 Higher Education IT Executives uncovers the discrepancy between the IAM processes currently in place and what best practises truly are-especially when it comes to the benefits of IAM automation.
Everything is different now, and there's no telling when employees will be back in the office, if ever. Capital One doesn't expect to bring employees back until after Labor Day. Amazon has extended its work from home policy to October. Facebook and Google will allow employees to work from home through the end of 2020. Shopify has closed all offices until at least 2021 with all employees working from home. Twitter employees never have to return to the office if they don't want to. These changes come with new challenges for IT. Some of them you've encountered already. Others are issues to anticipate and prepare for. Then there are the steps you might have overlooked in the scramble to fully enable remote work for your employees. Now is the time to strengthen your organization's security. Let's look at five questions every CIO should be asking right now.
Modern password management systems must address new requirements, to operate in a world of BYOD, cloud, mobility and encryption.
This document lays out what Bravura Security offers in its 'as-a-service' IAM application: architecture, security and privacy protections, support and implementation services, change controls and commercial model.
IAM process automation using Bravura Identity: discovery, systems of record, requests, workflows, certification and analytics.
An overview of role-based access control (RBAC), including definitions, business processes, implementation strategy and organizational impact.
Both IAM and ITSM systems include request portals, which raises the question: which UI should be presented to users who wish to request new access to changes to their identity information?
A core problem in all identity and access management (IAM) systems is how to help requesters articulate access requests. Requesters rarely know exactly what entitlements, on what systems, are required to perform a given function.
Privileged Access Management systems are generally used to replace static, well known passwords with frequently changing, cryptographically stored passwords.
This document gives a brief introduction to Title 21 of the Code of Federal Regulations, Volume 11 (21 CFR 11 for short), and describes how it impacts information security in the pharmaceutical industry.
This document outlines a variety of problems that can arise with user profile data, the impact of those problems on the efficacy of an enterprise AAA infrastructure, and the solutions that an identity management system can bring to bear to eliminate those problems.
This nine-step guide will address the most common questions and concerns surrounding a practical PAM system deployment. It will also help you establish a painless and rewarding rollout and ongoing operation to the implementation. By following these best practices, you will streamline user adoption and foster scalability as you implement a PAM solution across your network's architecture.
In this document, access management is first defined and then the various challenges faced by many organizations are described.
Understanding and avoiding the pitfalls of a purely role-based approach when automating IAM lifecycle processes.
Using password synchronization to support migrating users between applications and directories.
This documents reviews the US National Institute of Standards and Technology (NIST) guidelines for password complexity and non-password authentication systems.
This document explains how a reference implementation of an identity and access management (IAM) system enables lower cost, lower risk process automation, as compared to a fully custom approach.
How to plan for an IAM deployment, including resourcing, product selection, deployment sequence and ongoing scope expansion.
Summary of GDPR - EU 2016/679 along with how the privacy-protection regulation impacts IAM systems.
Replacing single-factor on SaaS logins with strong, multi-factor Bravura Pass logins.
Addressing entitlement accumulation by periodically inviting stake-holders to review and correct lists of users and access rights.
Configuring and placing the back-end database for Bravura Security Fabric application servers.
Builds a business case for monitoring administrator activity and explores design decisions for the technology and implementation required to implement it.
Using IAM process automation to meet privacy protection requirements in the Health Insurance Portability and Accountability Act.
Architectural and process requirements for IAM process automation on a typical Extranet, supporting customers or partners.
Plain-language guide for choosing secure passwords that are hard to compromise.
Typical components in a shared platform for managing manage users, their entitlements and credentials.
Relate password management to single sign-on systems and clarify the need to integrate IAM systems with E-SSO.
Prioritizing functionality and maximizing user engagement to get good adoption rates and ROI.
Pros and cons of implementing IAM automation using a suite of products from a stack vendor versus a combination of best-of-breed products.
Best practices for password complexity, lockout policy, synchronization and reset processes.
Making passwords secure, friendly and cost effective: on-premises, in the cloud, off-site; pre-boot, at the PC login screen and via BYOD.
This document is meant for a technical audience which has been tasked with replacing static, embedded Windows service account passwords with a system where these passwords are automatically changed to new, random values on a regular basis.
Assigning unique identifiers, leveraging roles, deactivating access and more.
Evaluate the pros and cons of physical and virtual appliances as compared to software on managed operating system images.
Enabling BYOD access to on-premises applications from smart phones which are neither on-premises or VPN-attached, without exposing a public URL.
Best practices guide for securing a Bravura Security Fabric server, from hardware through configuration and patch management.
Best practices for defining, assigning and maintaining the definitions of roles in an IAM system.
Enforcing a principle of least privilege through request/approval workflows, risk scores, SoD policy enforcement, periodic reviews and more.
Replacing static and/or plaintext passwords embedded in scripts and applications with a secure API.
Addressing help desk call volume, weak passwords and user complaints with password management automation.
Addressing access risk, administration cost and business agility requirements with identity and access process automation.
Moving group lifecycle and membership management from a centralized IT support model to a combination of unattended processes, self-service requests and periodic reviews.
Best practices for managing users, identity attributes and entitlements in a typical Extranet Partner / B2B web portal.
Best practices for managing users, identity attributes and entitlements in a typical consumer-facing Extranet web portal.
Considerations when deploying an IAM system in a SaaS model -- network perimeters, trust, risk/liability and more.
Best practices for managing users, identity attributes and entitlements in across a workforce.
Product features in Bravura Privilege.
Self-service login problem problem resolution in difficult contexts: pre-boot, at the OS login screen, off-site and from a smart phone.
Replicated, geographically distributed credential storage is essential to fault-tolerant privileged access management.
Using password randomization, a credential vault and a request/approval process to secure access to shared, privileged accounts.
Best practices for assigning and managing unique user identifiers, such as login IDs and e-mail addresses.
Recommended processes, implementation sequence and stake-holders for successful password management automation.
The technical and business consequences of locating users, applications and IAM systems on-premises, in the cloud and off-site.
Product features in Bravura Identity.
Best practices for deploying and operating an IAM infrastructure, including long-term commitments, metrics and more.
Building a business case and defining functional and technical requirements for a password management system.
Collecting, updating and redistributing Notes ID files to automate password management with Bravura Pass.
Assisting users who forgot or locked out their PC login password.
Formulating memorable, secure and easy-to-use challenge/response questions as a backup to passwords.
Using IAM process automation to meet governance objectives in the Sarbanes-Oxley Act of 2002 (SOX).
Conflict between endpoint device diversity and wallets of randomized application passwords.
Integrating Bravura Pass with telephony infrastructure, either using an existing IVR system or routing calls to the included password-reset IVR system.
Using IAM process automation to meet authentication and control objectives in Title 21 of the Code of Federal Regulations, Volume 11 (21 CFR 11).
Using self-service to drive down password-related support call volume at an Internet Service Provider.
The strategy of granting access strictly based on roles and the challenges with deploying and managing such a system.
Bravura Cloud
With a large organization to oversee, how can you keep track of everything you need to? Enter Bravura Cloud. This software gives you a comprehensive overview of all your security features and how your staff interacts with them. Monitor and adjust security compliance, password management and other vulnerabilities in real time.
Bravura Identity
The right IAM protects your business, employees and clients simultaneously. Bravura Identity offers a robust IAM solution that improves security while reducing costs. Our IAM whitepapers detail how various aspects of this software contribute to business security through:
- Identity governance: Monitoring, protecting and consolidating user information throughout their entire lifetime with your organization.
- Data governance: Building policies to control the storage, use and integrity of data stored on-site and in the cloud.
- Risk-based contextual controls: Identifying a user's risk based on metadata like IP address, device and location.
Bravura OneAuth
Technology and malicious attackers evolve together. Password logins and Multi-Factor Authentication (MFA) don't do the job as well as they used to — the new golden standard is passwordless authentication. Bravura OneAuth makes logins more secure and less complex, and your users will love it.
Bravura Pass
Bring back the ease of Single Sign-On (SSO) while maintaining the added security of MFA through Bravura Pass, which integrates into your existing password management systems.
Instead of making your users remember dozens of account security details, Bravura Pass offers a secure location to store them all. Explore our password management whitepapers and start encouraging your users to make more unique passwords without the added stress of remembering them all.
Bravura Privilege
Our Privileged Access Management (PAM) whitepapers give you a detailed view of how we maintain data security even within your organization. Bravura Privilege gives you the chance to implement rules like:
- Least privilege and zero trust: Give your users permission for the information they need and only that information to prevent data breaches.
- Just-in-time access management: When users only need information for a certain project, limit their accessibility to keep data secure.
- Single sign-on: Enable access to multiple websites with one set of credentials, allowing for comprehensive entry to those who require it.
- Password randomizations: Random passwords containing special characters, numbers, and a mix of uppercase and lowercase letters are harder to guess.
Bravura Safe
Give more power to your staff with Bravura Safe, the smartest way to manage multiple passwords across many websites. Bravura Safe will help your employees create and store unique passwords for every site they have an account with. It will also make it easier for you to send encrypted data while protecting information from malicious intent.
Bravura Security Fabric
Customize your identity management procedures, password and passwordless logins, and other security measures with Bravura Security Fabric, your single framework solution for comprehensive access control. This platform helps you automate security measures and improve user experience.
Explore Full Reports at Bravura Security
Whatever products you choose from Bravura Security, these whitepapers will give you detailed evidence of their effectiveness. Our team believes in quality work led by quality information, and these resources give you both. Explore the Bravura Security solutions you're most interested in and start researching ways to improve your data protection today.