Entrust Identity On: Latest Posts
Twenty years ago, PKI technology was introduced amidst a whirlwind of hype and expectation. But due to its cost and complex deployment, it was placed on the back burner for several years as companies waited for a solution that would make it cheaper and easier to implement. This allows organizations a simplified way to ensure [Read More...]
Whether it’s through the constant use of passwords, answering security questions online or verifying an address over the phone, most people understand the importance of authenticating identities. But this theory also is critical to verify the identities of mobile devices connecting and interacting with a secure network. Today, organizations require a methodical and proven solution [Read More...]
A balanced relationship must exist between governments that require personal information from citizens entering their country and citizens who are willing to give up this information. The ePassport is a security model designed to ensure that this balance occurs as it ensures the authentication of citizens through a secure trust infrastructure and advanced privacy controls. [Read More...]
Apart from one another, information technology (IT) and operational technology (OT) are two separate entities that perform different functions. But together, they make up the backbone of a nation’s security and economic stability—both in the private and public sectors. Governments, utility companies and transportation departments must ensure, at all costs, that critical infrastructure protection is [Read More...]
Certification authorities (CA) have always been compliance-minded and have historically imposed third-party audits upon themselves. The CAs disclose their requirements through a certificate policy (CP) document or certification practice statement (CPS). In these documents they state that they will be audited by a third party to meet these requirements. Historically, the CAs had to choose [Read More...]
For quite awhile now, we have been following several stories related to the hacking of Twitter accounts. And this week, the newsfeed is inundated with information that the hackers have indeed struck again. And yet again, it’s the Syrian Electronic Army causing social media mischief. While the Associated Press was a major victim of social [Read More...]
In the last few months, I have been reading blog posts (e.g., Google and Evernote) about certificate subscribers changing their keys from 1024-bit to 2048-bit RSA. I suppose congratulations may be in order. But, on the other hand, what’s been the delay? I’ve post a couple of blogs about key size policy back in 2010 [Read More...]
The topic of perfect forward secrecy has come up due to the alleged actions of NSA and PRISM. It has been reported the NSA has been able to trap website communications and then are able to search and review those communications at a future time. Users that use SSL were assuming their communications were secure. [Read More...]
Web security is a topic important to health and viability of the internet. It is crucial for privacy, integrity and authenticity of sites and users alike.
In case you hadn’t seen the news, Twitter login verification was announced yesterday. While I certainly don’t want to praise Twitter for implementing second-factor authentication login long after they knew a problem existed, it does remain a solid step in the right direction.