Viewing posts from January, 2009
infoworld-on-how-to-become-a-great-information
Posted by: admin 15 years, 7 months ago
Consistency, covering the basics and using metrics Great article for all management, not just information security. When problems crop up in management, it is usually because either we stopped doing some basic thing like cross-department meeting or it could have easily been avoided by implementing some new simple thing.
identity-theft-hits-3-percent-in-2004
Posted by: admin 15 years, 7 months ago
Security Focus has the article about the DOJ Survey on the number of US citizens hit by identity theft, but Security Curve puts it in perspective
infosec-economics-article-on-security-pipeline
Posted by: admin 15 years, 7 months ago
There's an interesting article on Security Pipeline about the economics of information security. The article discusses why ROI is a poor measure, echoing my first post. But it misses out on a key point: that investing in security reduces your weighted average cost of capital and that you must include the cost of capital in your investment analysis.
interesting-analysis-of-passmarks-technology
Posted by: admin 15 years, 7 months ago
Adam has pointed out a friend's new blog who has a set of interesting new blog posts, most about security and some about authentication and one in particular about Passmark's Sitekey - now deployed by Bank of America - and the issues he has with it. They fall into two categories: user interaction predictions and securityis-hipaa-about-to-get-some-teeth
Posted by: admin 15 years, 7 months ago
The healthcare world is abuzz with the news that the Department of Health and Human Services is auditing Atlanta's Piedmont Hospital:
Neither Piedmont nor the HHS has confirmed that the audit was launched, and few details about it have been disclosed publicly. But an HHS document obtained by Computerworld shows that Piedmont officials were presented with a list of 42 items that the agency wanted information on.
Among them were the hospital's policies and procedures on 24 security-related issues, including physical and logical access to systems and data, Internet usage, violations of security rules by employees, and logging and recording of system activities. The document also requested items such as IT and data security organizational charts and lists of the hospital's systems, software and employees, including new hires and terminated workers.
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)