Certificate based authentication


  • Why a healthcare SSO platform is a must-have

    By using the single-sign on product installed at their workplace, healthcare professionals can quickly log on to multiple applications without much hassle.Continue Reading

  • Readers' top picks for DLP products

    The companies and DLP products that organizations consider, when they seek to address compliance and data security requirements across multiple platforms and environments.Continue Reading

  • Ask the expert: Encryption is key for a HIPAA covered entity

    David Reis, CISO at Lahey Hospital & Medical Center, discusses important steps a healthcare organization, as a HIPAA covered entity, should take to remain compliant.Continue Reading

  • The business case for vulnerability management tools

    Expert Ed Tittel describes business use cases for vulnerability management tools and examines how organizations of all sizes benefit from these products.Continue Reading

  • How to handle a data breach: Managing public perception

    When your organization plans out how to handle a data breach, managing public perception should be given special consideration. One piece of advice: Don't play the victim.Continue Reading

  • Eight-step data breach plan for the IT organization

    A data breach plan that addresses the many variations a hack can take should consider these eight points.Continue Reading

  • How to handle a data breach: Managing public perception

    When your organization plans out how to handle a data breach, managing public perception should be given special consideration. One piece of advice: Don't play the victim.Continue Reading

  • GDPR: How will the EU data protection law impact U.S. industry?

    Three years in the making, European Union officials finally agreed on a draft of the General Data Protection Regulation. The EU-wide legal framework sets standards for data collection, sharing and ...Continue Reading

  • IT security measures obstruct operational efficiency

    While companies go to great lengths to enlist IT security measures, the reality is they block business productivity.Continue Reading

  • Data protection requirements start with firm grasp of GRC needs

    Corporate data protection requirements are complex, but determining a company's unique GRC needs is an essential first step to information security.Continue Reading

  • What data breach notification policy should enterprises follow?

    A data breach notification policy is important to have, but deciding how to alert customers can be tough. Expert Mike Chapple explains some best practices.Continue Reading

  • How to identify and handle potential cloud security breaches

    With the increasing popularity of the cloud over traditional data centers, it's important to be aware of some of the potential risks of cloud computing.Continue Reading

  • Mastering the cloud contract

    Cynthia Nustad recalls a time not that long ago when businesses didn't have much flexibility in negotiating contracts with cloud providers. "Maybe you could negotiate on price or add-ons, but the core service was pretty vanilla and hardened," said the CIO at HMS, a healthcare management services company. Back then, agreements that had the provider assuming part of the risk in the event of a breach were a no-go. Today, however, things have markedly changed. The rapid growth of cloud computing has given IT leaders an edge when it comes to negotiating a cloud contract.

    In this issue of CIO Decisions, get advice from CIOs and experts on how to procure more safeguards and custom features in your cloud contract that address your business needs. Also in this issue, we walk through UPS' journey from analog to digital business; outline common mistakes companies make when implementing hybrid cloud; take a look at what's under the hood of Etsy's business model; talk to former McCormick CIO Jerry Wolfe about how the spice company is using its platform business model to shake up the food industry; and examine why getting the most out of knowledge workers today requires "Supportive Leadership."Continue Reading

  • The best endpoint security approach in this interconnected age

    Some endpoint security suites have reached a level where they create almost all the capabilities of an enterprise in microcosm. New emphasis has been placed on protections that don't depend on traditional static scanning, but how well are these various approaches (whitelisting, sandboxing and so on) working out? And could the cloud possibly be the best endpoint security solution in today's mobile age? This handbook looks at the current state of endpoint protection and offers tips on how to best ensure endpoint security in the future.

    SearchSecurity contributors examine the question of how best to secure endpoints, and provide actionable advice. Karen Scarfone questions the all-too-common assumption that using the cloud undermines security, and also outlines specific ways in which cloud-based tools can be useful in improving endpoint security. In a separate chapter, Scarfone considers whether the best endpoint security is achieved by combining tools and methods -- that is, by using an endpoint security suite. Ed Tittel focuses on the threat to endpoint security from malware and how antimalware tools can beef up defenses, offering scenarios that show how antimalware products work to secure endpoints.Continue Reading

  • Azure AD PowerShell supports MFA to protect authentication

    The preview of the Azure AD PowerShell module flexes its muscles by supporting MFA and device management.Continue Reading