Authentication | News, how-tos, features, reviews, and videos

4 simple steps to bulletproof laptop security

Follow these tips, tools, and techniques to protect your Windows notebook against theft, intrusion, and data loss

No nyms equals evil

Gibbs discusses privacy and pseudonyms and how Google is being particularly evil by demanding "real" names

With SSL, who can you really trust?

SSL, the encryption scheme that protects virtually all secure online transaction, requires that users rely on trusted third parties, but what if they can't be trusted?

MacBook Air takes on MacBook Pro

Apple's latest ultraportable brings spectacular responsiveness and superior mobility to heavier workloads

Google explains its data correlation privacy settings

In response to my blog post about how Google seems to be gathering pubic data about people and correlating it with their Google user names, Google has offered some explanations. A company spokesperson told me that the search giant...

Is your IT support making you vulnerable to hackers?

Data breaches are more prevalent and more costly than ever. Smarter technologies seem to breed smarter hackers, making it difficult for IT to keep up. But sometimes IT unwittingly helps the bad guys by improperly using core tools,...

Safer mobile transactions

Last week ("More on biometrics") I recommended "biometric recognition as well as using passwords and SMS codes" for more secure mobile banking transactions. Long time reader Patrick O'Kane (he's chief architect for identity and access...

Your first car and other challenges

The federal agency that regulates banks, the Federal Financial Institutions Examination Council (FFIEC), has finally released an update to its 2005 guidance on Internet banking authentication. This has been awaited since a draft of...

Securing mobile devices requires enterprise and service provider controls

Enterprises are adept at securing and managing computing endpoints such as desktop and laptop computers, but most do not have the same controls and processes in place for what is likely the fastest-growing computing platform:...

RSA: Lessons learned

Not surprisingly, there's been a lot of discussion about the RSA SecurID debacle among my colleagues at Kuppinger-Cole.

Build a secure, customer-driven enterprise with an identity and context virtualization service

While directory-focused security initiatives and database-driven customer data integration (CDI) projects might seem to have little in common, a look under the hood reveals they begin with the same need, and would both benefit from a...

Serious Mobile Security: We Need Two-Factor Authentication for Handsets

I spent some time at Interop discussing what I think is a critical requirement for mobility, hardware-based two-factor authentication. Note that we already have a form of two-factor authentication via certificates, but a software...

Secure authentication to the cloud

Directories and directory stores featured in a great workshop session I attended at the recent European Identity Conference (EIC), which was also a good place to catch up with an old friend, Michel Prompt -- CEO of Radiant Logic, one...

Almost all Android phones vulnerable to authentication attack

Researchers at the University of Ulm in Germany have identified a vulnerability in Android that allows an attacker to steal and use authentication credentials on 99% of the phones that are based on Google's operating system   Google...

RSA risk mitigation

Unless you've been in a coma the past week you're aware that some sort of security breach occurred at RSA and that "... information specifically related to RSA's SecurID two-factor authentication products" was "extracted from RSA's...

Four steps to take if your business depends on RSA SecurID tokens

With the theft of sensitive data about RSA's SecurID technology, large businesses should reassess the risks to the assets the two-factor authentication deployment is supposed to protect, a risk management expert advises.

Five iPad safety tips

Don't deploy iPads in the enterprise without considering these security measures.

Protecting your Cisco routers (all your co-workers don't really need access to the Command-Line Interface)

One of the most common requests regarding TACACS+, that I get, relates to restricting CLI access using command authorization on IOS.  Usually my customers want to ensure that a group of users can only execute some show commands for...

What you missed: A major Internet security hole was finally plugged

The No. 7 top sleeper tech story of 2010

Open Source 2 Factor Authentication - WiKID

Our present system of usernames and passwords is just not secure enough. How many of you use the same password on multiple sites? How many of you have a password that can be guessed based on one of your family members' names, dates...

Load More
Top News