We tested integration with a Sophos UTM (formerly Astaro) and WiKID for two-factor authentication.
The good news: that's a decrease.
Just a bit of framing on this issue. Analysis of breach impact should be relative to the market and competition.
A great tutorial on two-factor auth for F5 APM.
How to add two-factor authentication to IPSec. SSL-VPN and administrator access for the Check Point Security Gateway.
I'm not sure we have thought this through.
More detailed information on adding two-factor authentication to a Cisco SSL or IPSec VPN.
Sounds good - but I'd like to see more stats.
These are some of the questions we get about Enterprise two-factor authentication deployments and some common assumptions that are not necessarily true.
Using packer it is incedibly easy to create two-factor authentication servers for EC2, GCE, Digital Ocean as well as VMWware, VirtualBox, etc.
Using modern configuration tools it should be easy to eliminate common infrastructure weaknesses.
Security is hard.
The New York Times is reporting on the cause of the JP Morgan attack. One server lacked the required two-factor authentication.
And they seem likely to continue into 2015.
The software to deploy your own SaaS is getting pretty good - creating options for vendors and customers.
Free as in beer or free as in speech, you pick. 4.0 is easier to implement than a hosted service, less expensive and as reliable. You maintain control of the keys to your kingdom.
Home Depot reveals that a vendor's credentials were used in their attack.
We've released a packer script that creates x2go virtual servers on Github and created a public AMI for it.
Information on how to disable SSL V3 for tomcat and the WiKID server in case you are worried.
Brian Krebs tells a story that is most likely too typical.