Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

11/16/2009
03:23 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

New Program From Courion Aims To Limit Data Breach Threats

Courion Connector Program enables customers to expand the implementation of their Access Assurance strategy

FRAMINGHAM, Mass. —November 16, 2009 — Courion' Corporation, leaders in access governance, provisioning and compliance, today announced an enhanced connector program that will radically reduce the cost while expanding the benefits of identity and access management (IAM) in large enterprises. Through the Courion Connector Program, Courion's unprecedented, aggressive fixed pricing will enable customers to expand the implementation of their Access Assurance strategy across more applications, cut operational costs, mitigate risk from improper access to sensitive data and ensure compliance with relevant regulations.

Connectors serve to verify, create, manage and terminate user credentials for specific critical applications, such as financial applications, ERP systems and other enterprise applications, allowing for automated user provisioning, role management, password management, compliance and more. Research shows that in most businesses, fewer than 20% of applications are governed by an identity and access management solution. This is a major problem, since sensitive data resides on many more applications in the typical enterprise. This leaves enterprises exposed to a wide variety of security and compliance risks stemming from current and former employees being able to gain inappropriate access to systems and data.

"Large enterprises that deploy user account provisioning and other IAM solutions often have hundreds or even thousands of customized or internally developed applications that have accumulated over the years, and many if not all of these applications fall within the scope of an IAM program," said Perry Carpenter, research director at Gartner. "The high cost associated with connectors is one of the factors that Gartner clients tell us inhibits wider use of provisioning software in their organizations. Clients expect highly-reliable, low-cost solutions which will enable them to extend the benefits of provisioning to a broader range of applications and resources."

Courion is changing the game by offering the lowest fixed pricing for connectors the industry has ever seen. While typical connectors from other vendors cost anywhere from $30,000-$50,000, Courion's full-suite connectors, whether out-of-the-box or custom designed, cost just $12,000 per system or application. These full-suite connectors include functionality for compliance, password management, provisioning, and role management. Additionally, all PasswordCourier password management connectors will be as low as $9,600.

With more than 250 connectors currently available, Courion offers more connectors than any other company in the market. Courion will further extend this lead over the competition through its India Technology Center, which opened this summer and is solely focused on creating new connectors.

Courion connectors provide a wide range of services, including account creation, entitlement management, notification, policy, trigger, and reset capabilities. This enables customers to detect breaches of access policy, and also to prevent and remediate breaches by proactively blocking improper access. Courion's connectors also give IT managers the ability to manage account changes over time and remove access instantaneously as conditions merit.

Courion's connectors are light-weight and do not incorporate extensive business logic, making them easier to modify and update to meet changing industry requirements, allowing customers to:

Effectively leverage current automated provisioning, role management, password management and compliance.

Make dramatic improvements to operational speed, efficiency and control by extending the reach of the applications that Courion's solution can help automate and recertify.

Enhance the value and ROI of the Courion solution with minimal additional investment.

"In a time when enterprises want to extend access management to home-grown applications and new infrastructures such as virtualization and cloud, Courion gives them the ability to install automated preventative and detective controls across an unlimited range of applications. This lets them mitigate risk and liability while significantly increasing efficiency," said Chris Sullivan, vice president of customer solutions for Courion. "Courion was already far and away the market leader in the number and variety of connectors it offers, and with this new capability, Courion customers now get the best connectors at the lowest cost and the only predictable total cost for a comprehensive access governance solution " period."

Courion's unique Access Assurance approach to identity, access and compliance management ensures that only the right people have the right access to the right resources and are doing the right things. Access Assurance unifies Access Governance, Access Provisioning and Access Compliance in the most complex, heterogeneous environments. This comprehensive approach increases operational efficiency and transparency, strengthens security, and improves compliance, while delivering the industry's fastest time to value and lowest total cost of ownership.

About Courion Courion's award-winning Access Assurance solutions are used by more than 400 organizations and over nine million users worldwide to quickly and easily solve their most complex identity and access management (password management, provisioning, and role management), risk and compliance challenges. Courion's business-driven approach results in unparalleled customer success by ensuring users' access rights and activities are compliant with policy while supporting both security and business objectives. For more information, please visit our website at www.courion.com, our blog at blog.courion.com/, or on Twitter at twitter.com/Courion.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3493
PUBLISHED: 2021-04-17
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivile...
CVE-2021-3492
PUBLISHED: 2021-04-17
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (ker...
CVE-2020-2509
PUBLISHED: 2021-04-17
A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later Q...
CVE-2020-36195
PUBLISHED: 2021-04-17
An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote attackers to obtain application information. QNAP has already fixed this vulnerability in the following versions of Multimedia C...
CVE-2021-29445
PUBLISHED: 2021-04-16
jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...