Google Security and Codenomicon revealed on Monday that a flaw had existed in OpenSSL for more than two years that could be used to allow anyone (they would have to know the vulnerability existed and be proficient with SSL and network security) on the Internet to read the memory of the systems protected by the […]
Category: Uncategorized
Don't Be Another Data Breach Statistic
Verizon released their annual Data Breach Investigation Report recently which you can find here. It is a great study of security breaches that occurred in 2013 and provides a good insight into what we can expect in 2014. If there is anything to take away from this report its this, don’t be a statistic in […]
Improving Authentication Guesswork
I was reading Gunnar Peterson’s article on darkReading recently about authentication and authorization and he concludes with the idea that we should focus more on authorization while improving the guess work associated with authentication. As Gunnar points out there are more authentication contexts these days that it’s impossible to support them all. Nervepoint Access Manager […]
Dedicated Identity and Password Solutions
Computerworld recently reported KPN closed down its self service portal for its corporate customer care service, as 2/3 of them had never changed their default password; a security disaster waiting to happen. KPN security breach closes self service portal It struck me that this is what self service password management (SSPM) solutions are surely for! […]
Password Self Service Challenges
Today’s business environment is becoming increasingly complex with more pressure than ever to reduce costs while at the same time increasing user productivity and improving security levels. Traditionally password management has been an IT responsibility. With so much at stake, businesses need to be certain that a user’s identity is securely managed. Regulatory compliance initiatives […]
