May 2011 - Entrust, Inc. 1-10 of 11
Enterprise Data Breaches. . . or why I’m really not cheating on you!
I’ve decided to branch out. Now folks, don’t go getting jealous – I’m still here for all of you who’ve come to appreciate my thoughtful, articulate and witty insight around issues tied to authentication and fraud detection – ok, I guess I’m laying it on a bit thick eh?! But anyway, I just posted a blog today on [Read More...]
When things are moving just a bit too quickly. . . the whirlwind of data breaches!
I’ve just coined a new term – at least I think I can take credit for it – and remember, you heard it here first: “Breach Speed” . I derived it from the dramatic speed at which data breaches are occurring. Borrowing from the Urban Dictionary, I’d see it something like this: Breach Speed: A [Read More...]
Strong Security to Access a Mobile Device? It better be easy!
I read and commented on an interesting blog post by Craig Mathias of NetworkWorld related to stronger authentication to access your mobile device – he suggested possible physical factors such as tokens, smart cards etc communicating through some form of wireless protocol such as bluetooth, RFID or NFC. I think his intentions are in the [Read More...]
Public Key Pinning
In the wake of the Comodo attack, the Internet industry is looking for ways to mitigate similar attacks in the future. Public key pinning may prove to be effective. Google has developed the public key pinning concept that will debut in Chrome version 13 for most Google Internet properties (e.g., https://www.google.com). Public key pinning means [Read More...]
SSL False Start Performance Results
As a follow-up to ‘Google is speeding up SSL’, Google has reported very favorable SSL False Start performance results. In summary, False Start reduces the latency of a SSL handshake by 30 percent. In addition, Google has implemented False Start into Chrome so that it is basically 100 percent backwards-compatible. Google Chrome is the only [Read More...]
Is it SSL, TLS or HTTPS?
Throughout this blog I appear to use (or misuse) the terms SSL, TLS and HTTPS interchangeably. From time to time I catch myself and say, “Which one should I be using?” Frankly, my default is to use SSL. When I reference an article or site, I do tend to side with the term it prefers. [Read More...]
Biometrics and Mobile Security – Points to Ponder
Last week’s FS-ISAC Annual Summit in Miami was once again top notch. This is the second year Entrust has participated in the event which in my opinion, is one of the top venues for bringing financial security decision makers and industry experts together to discuss, debate, brainstorm and overall collaborate on the top information security [Read More...]
Protecting My Business and Personal Online Identity. . . or, how Meg Ryan could be my downfall!
I thought this was an interesting story: “Webmail gets hacked, corporate passwords exposed”, and one that ought to be read by executives in many companies – the folks who can actually change behavior that could otherwise jeopardize corporate security. But it’s also a story that is highly relevant to consumers because they – “we” – [Read More...]
Do you want to make the Internet a safer place? Maybe this is something for you. Internet activists, Electronic Frontier Foundation (EFF) and Access have teamed to launch HTTPS Now, an international campaign aimed at soliciting consumers to help make web surfing safer. HTTPS Now comprises three initiatives: Individuals are encouraged to use HTTPS Everywhere, [Read More...]
Embedded Security for Mobile Applications . . . Way Cool!
I’m going to start this blog off by sounding like a corporate hack! Ok, I know, as a marketing person, I’m supposed to be kind of a corporate hack; but I don’t generally act like one, I certainly don’t dress like one, and I try not to sound like one. But today Entrust dropped a [Read More...]