Security Management Strategies for the CIO
Email Alerts
-
Deep dive into authentication methods and best practices
Is your token authentication vulnerable to exploit or attack? In this handbook, discover how to lock down two-factor authentication methods in the enterprise. Then, we look at authentication methods such as two-factor tokens, biometrics and cloud-ba... E-Handbook
-
An expert guide to tokenization and using it effectively
Access this month’s issue to uncover the latest tokenization trends (including, payment card data security, tokenization as a service, as well as protecting PII data) and explore how this revived technology not only offers enhanced data protection, b... E-Zine
-
Best Authentication Products 2011
Readers vote on the best digital identity verification products, services, and management systems, including PKI, hardware and software tokens, smart cards. Guide
-
Understanding tokenization amid PCI encryption requirements
This mini learning guide offers a brief introduction to tokenization technology, as well as PCI DSS encryption requirements. Learn more about the future of tokenization and how the technology may help to ease PCI DSS compliance burdens. Learning Guide
-
Future authentication technologies: How to choose the right product
In this lesson in SearchSecurity.com's Identity and Access Management Security School, Burton Group's Mark Diodati explores innovative and cost-effective user-based authentication technologies. Identity and Access Manag
-
Quiz: Next-generation authentication
A five-question multiple-choice quiz to test your understanding of the content presented by expert Mark Diodati in this lesson of SearchSecurity.com's Identity and Access Management Security School. Quiz
-
Spy vs. Spy
Excerpt from Chapter 6 of Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day. Book Chapter
-
Lesson/Domain 2 -- Security School: Training for CISSP Certification
SearchSecurity.com Security School webcasts are focused on CISSP training. Each lesson corresponds to a specific domain in the CISSP exam's "Common Body of Knowledge." School
-
Infosec Know IT All Trivia: Authentication
Test your knowledge of authentication methods with our Infosec Know IT All Trivia. Quiz
-
Microsoft acquires multifactor authentication vendor PhoneFactor
Microsoft has purchased the multifactor factor authentication platform vendor for an undisclosed amount. News | 05 Oct 2012
-
RSA responds to SecurID attack, plans security token replacement
Following a retooling of its manufacturing and supply chain management processes, RSA plans to replace security tokens for high risk customers. News | 07 Jun 2011
-
Contractor attacks via SecurID tokens fuel call for data security reassessment
Security pros advocate a reassessment of security processes and technologies in the wake of breaches that may be tied to RSA SecurID weaknesses. News | 02 Jun 2011
-
Survey finds users re-evaluating two-factor authentication options
In the wake of the RSA SecurID breach, a vendor survey finds a reduced level of confidence in the security provided by tokens. News | 27 Apr 2011
-
PCI tokenization push promising but premature, experts say
Merchants see value in the technology helping to reduce the scope of a PCI assessment, but a lack of standards and complexity issues are a cause for concern. Article | 04 Mar 2010
-
First Data, RSA push tokenization for payment processing
The encryption-token service could compete against vendors offering format preserving encryption to secure payment transactions. Article | 22 Sep 2009
-
RSA researcher Ari Juels: RFID tags may be easily hacked
Ari Juels, chief scientist and director of RSA Laboratories, is one of the world's foremost cryptographers. He is well-known for his research and publications on biometric security, RFID security and privacy, electronic voting, browser security, c... Interview | 23 Apr 2009
-
Portable security storage device could replace OTP devices
A new USB-like device, hardened with security features, could overtake one-time password devices and give end users flash memory to carry around encrypted data. Article | 16 Mar 2009
-
Kerberos: Authentication with some drawbacks
Kerberos is one of the most-widely used authentication methods today, but experts explain that it comes with some weaknesses. Article | 02 Apr 2008
-
Video: Changes ahead for MIT Kerberos Consortium
MIT's Kerberos Consortium members discuss the evolution of Kerberos, changes ahead for the widly used authentication platform and the issues that threaten its future. Article | 02 Apr 2008
- See more News on Security Token and Smart Card Technology
-
Secure tokens: Preventing two-factor token authentication exploits
What are the most common attacks against two-factor authentication, and how can you protect against them? Expert Nick Lewis weighs in. Tip
-
SMS two-factor authentication for electronic identity verification
Tokens are no longer the only choice when it comes to OTPs and electronic identity verification. Learn about new two-factor authentication options involving SMS and mobile phones. Tip
-
Are 'strong authentication' methods strong enough for compliance?
If multifactor authentication is so great, why hasn't it replaced the password? Michael Cobb reviews the hype surrounding strong authentication. There are more drawbacks than you think. Tip
-
Security token and smart card authentication
Get advice on how to mitigate data theft from hackers with security token and smart card authentication technology, smart card readers and software. Tip
-
Smart card deployment: How to know if it's smart for your enterprise
Smart cards are an efficient way to combine credentialing for logical and physical access, but the implementation process isn't easy. In this tip, contributor Joel Dubin discusses multiple aspects of smart card installation and deployment, and unveil... Tip
-
Preparing for integrated physical and logical access control: The common authenticator
In an enterprise setting, who wouldn't want a simple, single credential that provides entry to the office building, access to corporate resources and proper management of the user life cycle? Not so fast, says analyst and contributor Mark Diodati. Im... Tip
-
Compliance benefits of tokenization
If your organization handles credit card data, then it's probably already heard about the benefits of tokenization. However, as Joel Dubin explains, tokenization not only keeps confidential data out of the hands of malicious hackers, but also offers ... Tip
-
How to choose the right smart card
The ISO 7816 form factor is the most commonly deployed smart card in the enterprise, but it's not always the best option. As Burton Group's Mark Diodati explains, those looking for desktop simplicity and lower costs may want to consider an alternativ... Tip
-
One-time password tokens: Best practices for two-factor authentication
In this tip, Joel Dubin examines how to physically secure one-time password tokens and how to properly implement them to provide effective two-factor authentication. Tip
-
Biometrics: Best practices, future trends
Biometrics products are improving, but they still require careful consideration and planning before implementation. In this tip, ID and access management expert Joel Dubin reviews some best practices and pitfalls to watch out for. Tip
- See more Tips on Security Token and Smart Card Technology
-
Smart card security: Disable a lost smart card and track with GPS?
Is it possible to track a lost or stolen smart card with GPS? In this IAM expert response, Randall Gamby gives advice on enhancing smart card security in such a situation. Ask the Expert
-
Electronic access control system and biometrics authentication
Biometrics authentication and an electronic access control system can be closely related, but they're not the same thing. In this IAM expert response, Randall Gamby explains the difference. Ask the Expert
-
The pros and cons of implementing smart cards
Most infosec pros agree that smart cards create a higher level of enterprise security than passwords alone. Learn how to weigh the pros and cons of smart cards to know if they're right for your enterprise? Ask the Expert
-
How to log in to multiple servers with federated single sign-on (SSO)
Single sign-on is a rapidly evolving technology that, when partnered with federation tools, can offer a greater and greater level of granularity for access control. Learn how from expert Randall Gamby. Ask the Expert
-
Can you combine RFID tag technology with GPS to track stolen goods?
When laptops or smartphones are stolen, retrieving them can mean the difference between a data breach a close call. Learn if it's possible to combine RFID tag technology with GPS devices for tracking stolen goods to their exact location, and if so ho... Ask the Expert
-
What should an enterprise look for in a password token and a vendor?
One-time password (OTP) tokens can aid data security by creating another layer of authentication. In this identity and access management expert response, learn which OTPs are the most secure. Ask the Expert
-
Are smart cards insecure if Mifare Classic RFID encryption is cracked?
The security of RFID chips and smart cards may not be fully mature, but there are best practices to keep facilities safe. Identity and access management expert Joel Dubin explains. Ask the Expert
-
What are good features to look for in access control software?
When supporting environments with HID card readers and proxy cards, what qualities should control access software have? Identity and access management expert Joel Dubin weighs in on software and implementation best practices. Ask the Expert
-
What techniques are being used to hack smart cards?
Hacked smart cards are a large potential threat to enterprises that utilize them. Learn how to thwart smart card hackers. Ask the Expert
-
What are the dangers of using radio frequency identification (RFID) tags?
In this expert response, Joel Dubin discusses the dangers associated with radio frequency identification (RFID) tags, and how users can protect themselves. Ask the Expert
- See more Expert Advice on Security Token and Smart Card Technology
-
smart label
A smart label is a slip of paper, plastic or other material on a product that contains an RFID tag in addition to bar code data. Definition
-
tokenization
Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security. Definition
-
national identity card
A national identity card is a portable document, typically a plasticized card with digitally-embedded information, that someone is required or encouraged to carry as a means of confirming their identity. Since the World Trade Center tragedy of Septe... Definition
-
authentication server
An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued) Definition
-
key string
A key string is the authentication code included in each key in a key chain, which is a series of keys that can be created to help ensure secure communication between routers in a network. Definition
-
key chain
A key chain is a series of keys that can be created to help ensure secure communication between routers in a network. Authentication occurs whenever neighboring routers exchange information. Plain text authentication sends a plain text key with each ... Definition
-
Chameleon Card
The Chameleon Card is a programmable card in development at Chameleon Network that can represent each of the owner's credit, debit, and customer cards as required, making it unnecessary to carry all of the aforementioned. Definition
-
two-factor authentication
Two-factor authentication is a security process in which the user provides two means of identification, one of which is typically a physical token, such as a card, and the other of which is typically something memorized, such as a security code. Definition
-
key fob
A key fob is a type of security token: a small hardware device with built-in authentication mechanisms. Definition
-
security token (authentication token)
A security token (sometimes called an authentication token) is a small hardware device that the owner carries to authorize access to a network service. Definition
- See more Definitions on Security Token and Smart Card Technology
-
Secure authentication trends: Cloud biometrics, next-generation authentication
In this video, Ant Allan discusses secure authentication trends, including next-generation authentication options and cloud biometrics possibilities. Video
-
RSA SecurID attack, social engineering threat analysis from Gartner's Neil MacDonald
In this video, Gartner Vice President Neil MacDonald discusses the SecurID attack at RSA, APT realities and the growing enterprise social engineering threat. Video
-
smart label
A smart label is a slip of paper, plastic or other material on a product that contains an RFID tag in addition to bar code data. Definition
-
Microsoft acquires multifactor authentication vendor PhoneFactor
Microsoft has purchased the multifactor factor authentication platform vendor for an undisclosed amount. News
-
Deep dive into authentication methods and best practices
Is your token authentication vulnerable to exploit or attack? In this handbook, discover how to lock down two-factor authentication methods in the enterprise. Then, we look at authentication methods such as two-factor tokens, biometrics and cloud-ba... E-Handbook
-
Secure authentication trends: Cloud biometrics, next-generation authentication
In this video, Ant Allan discusses secure authentication trends, including next-generation authentication options and cloud biometrics possibilities. Video
-
An expert guide to tokenization and using it effectively
Access this month’s issue to uncover the latest tokenization trends (including, payment card data security, tokenization as a service, as well as protecting PII data) and explore how this revived technology not only offers enhanced data protection, b... E-Zine
-
Best Authentication Products 2011
Readers vote on the best digital identity verification products, services, and management systems, including PKI, hardware and software tokens, smart cards. Guide
-
Secure tokens: Preventing two-factor token authentication exploits
What are the most common attacks against two-factor authentication, and how can you protect against them? Expert Nick Lewis weighs in. Tip
-
RSA SecurID attack, social engineering threat analysis from Gartner's Neil MacDonald
In this video, Gartner Vice President Neil MacDonald discusses the SecurID attack at RSA, APT realities and the growing enterprise social engineering threat. Video
-
RSA responds to SecurID attack, plans security token replacement
Following a retooling of its manufacturing and supply chain management processes, RSA plans to replace security tokens for high risk customers. News
-
Contractor attacks via SecurID tokens fuel call for data security reassessment
Security pros advocate a reassessment of security processes and technologies in the wake of breaches that may be tied to RSA SecurID weaknesses. News
- See more All on Security Token and Smart Card Technology
About Security Token and Smart Card Technology
Get tips on how to use security tokens and smart card technology for secure user authentication. This resource defines what a smart card is, and provides information on deployment, smart card writers and readers and software.