Skip to main content

The WiKID Blog

Viewing posts tagged pci

Defense at every stage

Another tweet struck me for it's common sense and truth:

New eGuide on Adding Two-factor Authentication to your Network

Multi-factor authentication is a key requirement for securing infrastructure, we have tried our best to make it less expensive and less of a headache for users and admins. We do a lot of work helping systems administrators integrate two-factor authentication. These efforts often involve supporting other products and we're ok with that. People ask us "Do you work with my VPN?" So we often produce tutorials on how to add two-factor authentication a specific product, like OpenVPN or a Cisco box or a Juniper UAC.

More on the security concerns for SSH and Key Management

We've blogged previously about the potential compliance issues around SSH keys and about the risks of poor SSH key management.  A recent Forrester survey (PDF warning!)  revealed:

Risks from poorly managed SSH Keys

Read Computerworld's article about a Ponemon study discussing SSH key management issues:

SSH key management a potential risk

We've long said that while we love SSH, SSH key management is a weak point, especially if you need to meet compliance requirements such as PCI.  Now Charles Kolodgy of IDC is saying the same thing:

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom