Security Management Strategies for the CIO
Email Alerts
-
Best Authentication Products 2011
null
-
Understanding tokenization amid PCI encryption requirements
This mini learning guide offers a brief introduction to tokenization technology, as well as PCI DSS encryption requirements. Learn more about the future of tokenization and how the technology may help to ease PCI DSS compliance burdens. Learning Guide
-
Quiz: Next-generation authentication
A five-question multiple-choice quiz to test your understanding of the content presented by expert Mark Diodati in this lesson of SearchSecurity.com's Identity and Access Management Security School. Quiz
-
Future authentication technologies: How to choose the right product
In this lesson in SearchSecurity.com's Identity and Access Management Security School, Burton Group's Mark Diodati explores innovative and cost-effective user-based authentication technologies. Identity and Access Manag
-
Spy vs. Spy
Excerpt from Chapter 6 of Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day. Book Chapter
-
Lesson/Domain 2 -- Security School: Training for CISSP Certification
SearchSecurity.com Security School webcasts are focused on CISSP training. Each lesson corresponds to a specific domain in the CISSP exam's "Common Body of Knowledge." School
-
Infosec Know IT All Trivia: Authentication
Test your knowledge of authentication methods with our Infosec Know IT All Trivia. Quiz
-
RSA responds to SecurID attack, plans security token replacement
Following a retooling of its manufacturing and supply chain management processes, RSA plans to replace security tokens for high risk customers. News | 07 Jun 2011
-
Contractor attacks via SecurID tokens fuel call for data security reassessment
Security pros advocate a reassessment of security processes and technologies in the wake of breaches that may be tied to RSA SecurID weaknesses. News | 02 Jun 2011
-
Survey finds users re-evaluating two-factor authentication options
In the wake of the RSA SecurID breach, a vendor survey finds a reduced level of confidence in the security provided by tokens. News | 27 Apr 2011
-
PCI tokenization push promising but premature, experts say
Merchants see value in the technology helping to reduce the scope of a PCI assessment, but a lack of standards and complexity issues are a cause for concern. Article | 04 Mar 2010
-
First Data, RSA push tokenization for payment processing
The encryption-token service could compete against vendors offering format preserving encryption to secure payment transactions. Article | 22 Sep 2009
-
RSA researcher Ari Juels: RFID tags may be easily hacked
Ari Juels, chief scientist and director of RSA Laboratories, is one of the world's foremost cryptographers. He is well-known for his research and publications on biometric security, RFID security and privacy, electronic voting, browser security, comb... Interview | 23 Apr 2009
-
Portable security storage device could replace OTP devices
A new USB-like device, hardened with security features, could overtake one-time password devices and give end users flash memory to carry around encrypted data. Article | 16 Mar 2009
-
Kerberos: Authentication with some drawbacks
Kerberos is one of the most-widely used authentication methods today, but experts explain that it comes with some weaknesses. Article | 02 Apr 2008
-
Video: Changes ahead for MIT Kerberos Consortium
MIT's Kerberos Consortium members discuss the evolution of Kerberos, changes ahead for the widly used authentication platform and the issues that threaten its future. Article | 02 Apr 2008
-
Q&A with RSA Security's Art Coviello
This year's RSA Conference will be unlike any other in the past 16 years. RSA Security is now a division of storage and data management giant EMC, thanks to a $2.1 billion acquisition in July, just another indicator of how quickly and dramatically th... Interview | 17 Jan 2008
- See More: News on Security Token and Smart Card Technology
-
Secure tokens: Preventing two-factor token authentication exploits
What are the most common attacks against two-factor authentication, and how can you protect against them? Expert Nick Lewis weighs in. Tip
-
SMS two-factor authentication for electronic identity verification
Tokens are no longer the only choice when it comes to OTPs and electronic identity verification. Learn about new two-factor authentication options involving SMS and mobile phones. Tip
-
Are 'strong authentication' methods strong enough for compliance?
If multifactor authentication is so great, why hasn't it replaced the password? Michael Cobb reviews the hype surrounding strong authentication. There are more drawbacks than you think. Tip
-
Security token and smart card authentication
Get advice on how to mitigate data theft from hackers with security token and smart card authentication technology, smart card readers and software. Tip
-
Smart card deployment: How to know if it's smart for your enterprise
Smart cards are an efficient way to combine credentialing for logical and physical access, but the implementation process isn't easy. In this tip, contributor Joel Dubin discusses multiple aspects of smart card installation and deployment, and unveil... Tip
-
Preparing for integrated physical and logical access control: The common authenticator
In an enterprise setting, who wouldn't want a simple, single credential that provides entry to the office building, access to corporate resources and proper management of the user life cycle? Not so fast, says analyst and contributor Mark Diodati. Im... Tip
-
Compliance benefits of tokenization
If your organization handles credit card data, then it's probably already heard about the benefits of tokenization. However, as Joel Dubin explains, tokenization not only keeps confidential data out of the hands of malicious hackers, but also offers ... Tip
-
How to choose the right smart card
The ISO 7816 form factor is the most commonly deployed smart card in the enterprise, but it's not always the best option. As Burton Group's Mark Diodati explains, those looking for desktop simplicity and lower costs may want to consider an alternativ... Tip
-
One-time password tokens: Best practices for two-factor authentication
In this tip, Joel Dubin examines how to physically secure one-time password tokens and how to properly implement them to provide effective two-factor authentication. Tip
-
Biometrics: Best practices, future trends
Biometrics products are improving, but they still require careful consideration and planning before implementation. In this tip, ID and access management expert Joel Dubin reviews some best practices and pitfalls to watch out for. Tip
- See More: Tips on Security Token and Smart Card Technology
-
Smart card security: Disable a lost smart card and track with GPS?
Is it possible to track a lost or stolen smart card with GPS? In this IAM expert response, Randall Gamby gives advice on enhancing smart card security in such a situation. Ask the Expert
-
Electronic access control system and biometrics authentication
Biometrics authentication and an electronic access control system can be closely related, but they're not the same thing. In this IAM expert response, Randall Gamby explains the difference. Ask the Expert
-
The pros and cons of implementing smart cards
Most infosec pros agree that smart cards create a higher level of enterprise security than passwords alone. Learn how to weigh the pros and cons of smart cards to know if they're right for your enterprise? Ask the Expert
-
How to log in to multiple servers with federated single sign-on (SSO)
Single sign-on is a rapidly evolving technology that, when partnered with federation tools, can offer a greater and greater level of granularity for access control. Learn how from expert Randall Gamby. Ask the Expert
-
Can you combine RFID tag technology with GPS to track stolen goods?
When laptops or smartphones are stolen, retrieving them can mean the difference between a data breach a close call. Learn if it's possible to combine RFID tag technology with GPS devices for tracking stolen goods to their exact location, and if so ho... Ask the Expert
-
What should an enterprise look for in a password token and a vendor?
One-time password (OTP) tokens can aid data security by creating another layer of authentication. In this identity and access management expert response, learn which OTPs are the most secure. Ask the Expert
-
Are smart cards insecure if Mifare Classic RFID encryption is cracked?
The security of RFID chips and smart cards may not be fully mature, but there are best practices to keep facilities safe. Identity and access management expert Joel Dubin explains. Ask the Expert
-
What are good features to look for in access control software?
When supporting environments with HID card readers and proxy cards, what qualities should control access software have? Identity and access management expert Joel Dubin weighs in on software and implementation best practices. Ask the Expert
-
What techniques are being used to hack smart cards?
Hacked smart cards are a large potential threat to enterprises that utilize them. Learn how to thwart smart card hackers. Ask the Expert
-
What are the dangers of using radio frequency identification (RFID) tags?
In this expert response, Joel Dubin discusses the dangers associated with radio frequency identification (RFID) tags, and how users can protect themselves. Ask the Expert
- See More: Expert Advice on Security Token and Smart Card Technology
-
tokenization
Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security. Definition
-
national identity card
A national identity card is a portable document, typically a plasticized card with digitally-embedded information, that someone is required or encouraged to carry as a means of confirming their identity. Since the World Trade Center tragedy of Septem... Definition
-
authentication server
An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued) Definition
-
key string
A key string is the authentication code included in each key in a key chain, which is a series of keys that can be created to help ensure secure communication between routers in a network. Definition
-
key chain
A key chain is a series of keys that can be created to help ensure secure communication between routers in a network. Authentication occurs whenever neighboring routers exchange information. Plain text authentication sends a plain text key with each ... Definition
-
Chameleon Card
The Chameleon Card is a programmable card in development at Chameleon Network that can represent each of the owner's credit, debit, and customer cards as required, making it unnecessary to carry all of the aforementioned. Definition
-
two-factor authentication
Two-factor authentication is a security process in which the user provides two means of identification, one of which is typically a physical token, such as a card, and the other of which is typically something memorized, such as a security code. Definition
-
key fob
A key fob is a type of security token: a small hardware device with built-in authentication mechanisms. Definition
-
security token (authentication token)
A security token (sometimes called an authentication token) is a small hardware device that the owner carries to authorize access to a network service. Definition
-
smart card
A smart card is a plastic card about the size of a credit card, with an embedded microchip that can be loaded with data, used for telephone calling, electronic cash payments, and other applications, and then periodically refreshed for additional use.... Definition
-
Gartner’s Neil MacDonald on RSA, APT and the social engineering threat
In this video, Gartner Vice President Neil MacDonald discusses the SecurID attack at RSA, APT realities and the growing enterprise social engineering threat. Video
-
Best Authentication Products 2011
null
-
Secure tokens: Preventing two-factor token authentication exploits
What are the most common attacks against two-factor authentication, and how can you protect against them? Expert Nick Lewis weighs in. Tip
-
Gartner’s Neil MacDonald on RSA, APT and the social engineering threat
In this video, Gartner Vice President Neil MacDonald discusses the SecurID attack at RSA, APT realities and the growing enterprise social engineering threat. Video
-
RSA responds to SecurID attack, plans security token replacement
Following a retooling of its manufacturing and supply chain management processes, RSA plans to replace security tokens for high risk customers. News
-
Contractor attacks via SecurID tokens fuel call for data security reassessment
Security pros advocate a reassessment of security processes and technologies in the wake of breaches that may be tied to RSA SecurID weaknesses. News
-
tokenization
Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security. Definition
-
Survey finds users re-evaluating two-factor authentication options
In the wake of the RSA SecurID breach, a vendor survey finds a reduced level of confidence in the security provided by tokens. News
-
national identity card
A national identity card is a portable document, typically a plasticized card with digitally-embedded information, that someone is required or encouraged to carry as a means of confirming their identity. Since the World Trade Center tragedy of Septem... Definition
-
SMS two-factor authentication for electronic identity verification
Tokens are no longer the only choice when it comes to OTPs and electronic identity verification. Learn about new two-factor authentication options involving SMS and mobile phones. Tip
-
Understanding tokenization amid PCI encryption requirements
This mini learning guide offers a brief introduction to tokenization technology, as well as PCI DSS encryption requirements. Learn more about the future of tokenization and how the technology may help to ease PCI DSS compliance burdens. Learning Guide
- See More: All on Security Token and Smart Card Technology
About Security Token and Smart Card Technology
Get tips on how to use security tokens and smart card technology for secure user authentication. This resource defines what a smart card is, and provides information on deployment, smart card writers and readers and software.