A Framework Approach to Authentication and Identity & Access Management
Around a decade ago, I remember thinking of what it would be like if vendors kept pumping out point solutions to solve each individual problem. Luckily, that trend is not as bad as I may have thought — although I still see many vendors pushing hard for individual point solutions. Is this truly what customers [Read More...]
As a follow to my post on new gTLDs, here is an interesting request for a gTLD called .secure. Artemis Internet is planning to provide secure domain names. Security will be provided through human verification, security policies, and enforcement. The .secure gTLD would be available to any organization or individual. The users would have to [Read More...]
Layered Security for Mobile Banking
American Banker published a great article last week covering some of JPMorgan’s security strategies for mobile banking. Lloyd O’Conner explained the importance of layering multiple security technologies to protect their clients — as well as their own company — from the growing cyberthreats that not only target the online channel but are zoning in on [Read More...]
Survey: Site Seals vs Reliable Security – Which is Most Important?
There is a lot of hype right now about a major player in the SSL security space “rebranding” itself as the go-to SSL provider. But hype and big brand names alone shouldn’t influence security buying decisions. While this sounds logical, too many companies and organizations pay a premium for an over-marketed SSL trust seal. Entrust [Read More...]
Sophos Breach Tied to Partner Portal
Security Week reports in, “Sophos Kills Partner Portal After Suffering Breach” that the security firm Sophos has disabled its partner portal after discovering a breach. They aren’t saying much yet — kudos to them for their disclosure and response — but they think that the breach came from an older part of their portal, and [Read More...]
Leveraging Consumerization Concepts to Combat Security Threats
Let me be clear right up front. Yes, cybersecurity threats are real. Yes, they are growing in volume and in sophistication. And, yes, they are the root of the problem. BUT, one of the underlying frustrations I have with the cyber-threat situation is that, in general, many organizations remain anything but creative and strategic when [Read More...]
Strong Security to Access a Mobile Device? It better be easy!
I read and commented on an interesting blog post by Craig Mathias of NetworkWorld related to stronger authentication to access your mobile device – he suggested possible physical factors such as tokens, smart cards etc communicating through some form of wireless protocol such as bluetooth, RFID or NFC. I think his intentions are in the [Read More...]