Skip to main content

The WiKID Blog

Viewing posts tagged Two Factor Authentication

kaspersky-labs-update-on-bank-attacks

Posted by: admin 16 years, 3 months ago

Hat tip: Securology.

read more / 0 comments

kim-cameron-on-fingerprint-readers

Posted by: admin 16 years, 3 months ago

Read the post: Fingerprint charade.

read more / 0 comments

google-apps-and-two-factor-authentication

Posted by: admin 16 years, 3 months ago

We previously announced our proof-of-concept for adding two-factor authentication to Google Apps. We have published How to add two-factor authentication to Google Apps over on Howtoforge. Check it out.

read more / 0 comments

maintaining-control-over-your-teleworkers

Posted by: admin 16 years, 3 months ago

Turns out even if you don't have a teleworking offering for your workers, they probably do it anyway by loading their laptop up with private, unencrypted information and taking it home. At least that seems to be the case in the Federal government according to a recent study by the Telework Exchange:

The report found that 63 percent of respondents who worked from home unauthorized -- more half of the non-teleworkers surveyed -- used their home computers in doing that work. "People were saving documents on their home computers that were unprotected," said Josh Wolfe of Utimaco, a data security company that underwrote the study.
I wonder how people get to telework if they are not authorized? I assume telework means that they are connecting via a VPN, right? Are over half of Federal employees technically able to remotely connect to their internal network, but on the honor system to not do it? Registering for the doc gets some answers. Teleworkering means that you are working away from the office. That could mean on your blackerry. However, the point of the study stands: unsanctioned teleworking occurs:
  • 54% of non teleworkers carry files home
  • 41% of non teleworkers log onto their agency’s network from home
Holy Cow! How do people log in to their agency network if they are not allowed! And unsanctioned teleworkers are less likely to be protected from malware:
When teleworkers and nonteleworkers where asked if they had antivirus protection on their laptop or desktop computers, 94 percent of teleworkers responded yes, while only 75 percent of non-teleworkers said yes.
I think implementing two-factor authentication for remote access in federal government agencies would be a huge win - it would immediately eliminate the 41% of unauthorized users accessing the network.

read more / 0 comments

more-on-de-perimeterization

Posted by: admin 16 years, 3 months ago

Having just posted on de-perimeterization, I thought that this quote from Scott Borg of the U.S. Cyber Consequences Unit on the consequences of breaches:

"We started seeing huge vulnerabilities," Borg said Wednesday at the GovSec conference in Washington, where the draft document was released. Most of the systems were compliant with current security checklists and best practices. "And portions of those systems were extraordinarily secure. But they were Maginot Lines," susceptible to being outflanked.

read more / 0 comments

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom