 |
|
|
|
|
| Randall Gamby is the enterprise security architect for a Fortune 500 insurance and finance company. Previous to this position he was an Analyst for the Burton Group working in their Security and Risk Management Services group. His coverage areas included: secure messaging, security infrastructure, identity and access management, security policies and procedures, credential services, and regulatory compliance.
Prior to joining Burton Group, Randall was a senior consultant and infrastructure designer for Fortune 500 companies, global organizations, and federal governments developing integrated systems for enterprise, national and worldwide deployments. With 20 years of experience, Randall is a founding participant in OSI communications development and was a representative for McDonnell Douglas Corporation (now Boeing Aerospace) in the Aerospace Industries Association, which worked for standardized interoperation between aerospace organizations and the U.S. Government. |
| |
| 1. |
Penetrating a biometric security system |
| In this Ask the Expert Q&A, our identity and access management expert takes a closer look at the strengths and weaknesses of a biometric security system. |
| URL: |
|
| 2. |
Hacking smart cards and biometric security systems |
| In this Ask the Expert Q&A, our identity and access management guru explains how biometrics and smart cards can be fooled. |
| URL: |
|
| 3. |
Managing internal network devices |
| In this Ask the Expert Q&A, our expert explains how tokens can be used to manage an internal network. Also learn best practices for implementing this management system. |
| URL: |
|
| 4. |
What is two-factor authentication? |
| In this Ask the Expert Q&A, our identity and access management expert explains what two-factor authentication is and how it protects you from hackers. |
| URL: |
|
| 5. |
What is single sign-on? |
| Learn what single sign-on is and how it can help save your enterprise time and money. |
| URL: |
|
| 6. |
How to store and protect captured data on the back end of a biometric application |
| In this Ask the Expert Q&A, our identity and access management guru discussses how to store and protect biometric data that is placed on database servers. |
| URL: |
|
| 7. |
Authentication Header vs. IKE |
| In this Ask the Expert Q&A, Joel Dubin discusses how and when the Authentication Header encryption protocol is used. |
| URL: |
|
| 8. |
How to create a secure password system |
| In this Ask the Expert Q&A, Joel Dubin examines the security risks associated with using a password system that includes employee identifiers. |
| URL: |
|
| 9. |
P2P availability, confidentiality and authentication vulnerabilities |
| Learn tactics you can employ to reduce common P2P vulnerabilities. |
| URL: |
|
| 10. |
How to protect a LAN from unauthorized access |
| In this Ask the Expert Q&A, web access control guru Joel Dubin outlines steps to take to protect a LAN. |
| URL: |
|
| 11. |
How IPsec and SSL/TLS use symmetric and asymmetric encryption |
| In this Ask the Expert Q&A, our identity and access management expert explains how IPsec and SSL/TLS use these two authentication methods to establish secure Web sessions. |
| URL: |
|
| 12. |
How Kerberos, PKI and IPsec interoperate |
| In this Ask the Expert Q&A, our identity and access management expert explains how these three unrelated systems interoperate to authenticate and manage digital certificates. |
| URL: |
|
| 13. |
Verifying legitimate help desk requests |
| Learn how to to defeat social engineers and measures help desk staff should take to protect the network after password resets. |
| URL: |
|
| 14. |
How an attacker cracks a symmetric key-based system |
| Learn how an attacker cracks a symmetric key-based system. |
| URL: |
|
| 15. |
Fingerprinting logon techniques |
| Learn how to personalize/replace the Windows 2000 logon prompt with fingerprint login techniques, in this identity and access management Q&A. |
| URL: |
|
| 16. |
How to create stronger passwords |
| Learn how password crackers work, six ways you can create stronger passwords and two ways you can avoid the risks of password cracking. |
| URL: |
|
| 17. |
How to build a user registration form |
| Learn how to build a secure user registration form and some general Web-based system guidelines to guide you through the process. |
| URL: |
|
| 18. |
Changing user IDs and passwords |
| Learn why organizations should limit the number of username changes in this identity and access management ATE Q&A. |
| URL: |
|
| 19. |
Synching passwords between an iSeries and Windows network |
| Learn whether it is possible to synch passwords between an iSeries and a Windows network, and, if there a way to synch password between multiple iSeries, in this Ask the Expert Q&A. |
| URL: |
|
| 20. |
Complying with SOX 404 |
| Learn how SOX compliance regulations can affect log on policies and procedures, and how a thorough risk analysis can help administrators keep their default accounts. |
| URL: |
|
| 21. |
Bingo card authentication systems |
| In this Ask the Expert Q&A, our identity and access management expert explains what a "bingo" card authentication system is, how it works and how secure it is. |
| URL: |
|
| 22. |
Dealing with passwords that can't authenticate to the server |
| Learn how to deal with passwords that can't authenticate to the server, and where to find resources that will help you troubleshoot this problem. |
| URL: |
|
| 23. |
How to securely distribute one-time password tokens |
| In this Ask the Expert Q&A, our identity and access management expert examines how to properly distribute one-time password (OTP) tokens to your employees so they don't leave your systems open to an attack. |
| URL: |
|
| 24. |
How to detect rogue DHCP servers, routers and NICs on a network |
| In this Ask the Expert Q&A, our identity and access management expert identifiies techniques and tools that help detect rogue DHCP servers, routers and network interface cards on a network. |
| URL: |
|
| 25. |
Securing Web logins |
| In this identity and access management Ask the Expert Q&A, our expert outlines best practices and techniques for securing Web logins. |
| URL: |
|
| 26. |
Password authentication resources |
| Learn where you can find literature regarding the need for stronger password authentication, in this Ask the Expert Q&A. |
| URL: |
|
| 27. |
How SSOs differ from login and passwords |
| Learn how SSO systems and login and passwords differ, and which systems are more likely to be exploited and why in this Ask the Expert Q&A. |
| URL: |
|
| 28. |
How PKI systems work |
| Learn how PKI systems work and whether there are any potential user problems enterprises should be aware of. |
| URL: |
|
| 29. |
How hackers can bypass two-factor authentication systems |
| In this Ask the Expert Q&A Joel Dubin, our identity and access management expert, discusses whether network systems can still be exploited if they are protected by two-factor authentication systems. |
| URL: |
|
| 30. |
Authentication controls for systems using e-signatures |
| In this Ask the Expert Q&A, Joel Dubin, our identity and access management expert examines various authentication controls for systems using e-signatures, and weighs the pros and cons of each. |
| URL: |
|
| 31. |
Data integrity authentication schemes. |
| In this Ask the Expert Q&A, Joel Dubin, our identity and access mangement expert examines various data integrity authentication schemes. |
| URL: |
|
| 32. |
Should an organization design and use their own Certification Authority? |
| While using a unique Certification Authority may improve an organization's defense-in-depth strategy, using a commercial CA might save you time and money in the long run. Weigh the pros and cons of each, in this Ask the Expert Q&A. |
| URL: |
|
| 33. |
The pros and cons of PKI and two-factor authentication methods |
| There are myriad authentication methods to choose from today; learn the pros and cons of two such methods, Public Key Infrastructures and two-factor authentication systems, and how each system helps validate user identities, in this identity and access management Ask the Expert Q&A. |
| URL: |
|
| 34. |
Are smart cards tamper-proof? |
| While choosing to use smart cards to authenticate users may seem like the smart move, know that they are not tamper-proof. Discover what industry standards are available to protect your organization if your smart cards are tampered with. |
| URL: |
|
| 35. |
Should employees have local admin rights? |
| While it may save you time, granting users local administrator rights also puts your organization at risk. Discover why this practice is considered a risk and learn alternate access control methods you can use to safeguard your organization. |
| URL: |
|
| 36. |
How to manage user permissions |
| Managing multiple user permissions can be a daunting task. Learn best practices for managing these permissions including servicing account passwords, granting local admin access, permissions for files and shares and other access related requests, in this identity and access management Q&A. |
| URL: |
|
| 37. |
How to clean up dormant accounts in Active Directory |
| Inactive or dormant Active Directory accounts can serve as a gateway for attackers. Learn how to identify and clean up inactive Active Directory accounts in this Identity Management and Access Control Ask the Expert Q&A. |
| URL: |
|
| 38. |
How to improve Web access controls |
| Wish your enterprise provided more granular Web access to specific users? Learn how to do so by augmenting proxy servers or firewall with a Web filtering appliance, in this identity management and access control Ask the Expert Q&A. |
| URL: |
|
| 39. |
Password-protecting removable media devices |
| Safeguard your removable devices. Learn if any products can password-protect the entire device without requiring that the individual connections are encrypted, in this identity management and access control Q&A. |
| URL: |
|
| 40. |
One-time password tokens: Reliable authentication mechanisms? |
| Thinking of purchasing a key fob? Read this identity management and access management Ask the Expert Q&A, and learn from our expert as he examines the pros and cons of this authentication tool. |
| URL: |
|
| 41. |
Should we use biometric authentication devices? |
| Are more companies using biometrics? SearchSecurity's resident identity management and access control expert tackles this question and reviews five fundamental barriers that may limit the growth of biometric authentication. |
| URL: |
|
| 42. |
Risk-based authentication vs. static authentication |
| How does risk-based authentication methods differ from static authentication methods? SearchSecurity's resident identity management and access control expert tackles this question in this Ask the Expert Q&A. |
| URL: |
|
| 43. |
What is federated identity management? |
| A SearchSecurity.com member asks, "What is federated identity management?" Resident identity management and access control expert Joel Dubin tackles this question in this Ask the Expert Q&A. |
| URL: |
|
| 44. |
What steps are involved in assessing risk? |
| In this identity management and access control Ask the Expert Q&A, SearchSecurity's resident expert reviews the processes involved when conducting a risk assessment. |
| URL: |
|
| 45. |
RFID tags: Do they have a secure future? |
| RFID tags, an automatic identification method can be useful, but do they have a future? In this Identity Management and Access Control Ask the Expert Q&A, resident expert Joel Dubin explains how RFID tags work and discusses the future of this technology. |
| URL: |
|
| 46. |
Extending SSO outside the company: Is it worth the risk? |
| Thinking of extending SSO outside your company? Read this Identity Management and Access Control Ask the Expert Q&A. Resident expert Joel Dubin examines it's potential risks and what organizations can do to prevent malicious access to your network systems. |
| URL: |
|
| 47. |
SSO: What verticals are further ahead in deploying this authentication mechanism? |
| In this Identity Management and Access Control Q&A our resident expert reviews why the SSO marketplace tends to be vertically integrated and discusses what may occur as SSO shifts to smaller organizations. |
| URL: |
|
| 48. |
How does single sign-on affect compliance efforts? |
| In this Identity Management and Access Control Ask the Expert Q&A, resident Joel Dubin examines how using single sign-on influences enterrprise-wide compliance efforts. |
| URL: |
|
| 49. |
Which public key algorithm is used for encrypting emails? |
| Although PGP and S/MME both use public key encryption, Expert Joel Dubin explains PGP and S/MME's distinct approaches to e-mail coding. |
| URL: |
|
| 50. |
How should we use Microsoft's Personal Storage Manager power tool? |
| Microsoft pulled its Personal Storage Manager power tool at the last minute. In this Ask the Expert Q&A Identity Management and Access Control expert Joel Dubin addresses Microsoft's growing interest in encryption and explains the risks of using withdrawn programs. |
| URL: |
|
| 51. |
How should we distribute our unique firewall password to our clients? |
| Expert Joel Dubin outlines a company's options for distributing firewall passwords to a network of clients. |
| URL: |
|
| 52. |
What are the best authentication tools for locking down a laptop? |
| Stolen laptops continue to be a troublesome issue for businesses. In this Identity Management and Access Control Ask the Expert Q&A, Joel Dubin reviews the best available authentication and encryption tools for securing company laptops. |
| URL: |
|
| 53. |
What components should an application security management system (ASMS) have? |
| Is there one product that will solve all of your ASMS needs? Maybe not, but Identity Management and Access Control expert Joel Dubin reviews the three components that should be included in any application security management system, in this Ask the Expert Q&A. |
| URL: |
|
| 54. |
How to safely issue passwords to new users |
| In this Ask the Expert Q&A, our identity management and access control expert Joel Dubin offers tips on safe password distribution, and reviews the common mistakes that help desks and system administrators make when issuing new passwords. |
| URL: |
|
| 55. |
Can a security administrator be granted exclusive access to a Windows 2000 security log? |
| A security manager can gain exclusive access to Windows 2000 security logs and allow limited access to his or her support staff, but not without complicating the security process. SearchSecurity.com's identity management and access control expert, Joel Dubin explains the accessibility options of Windows 2000 security logs. |
| URL: |
|
| 56. |
How do local identity, SSO and federated identity management models differ? |
| In many organizations, users have several applications that they need to log on to, each requiring distinct user IDs and passwords. In our expert Q&A, Joel Dubin explains how federated identity management and single sign-on can provide convenient solutions. |
| URL: |
|
| 57. |
What are the criteria for a strong authentication system? |
| In this Q&A, identity management and access control expert, Joel Dubin examines what components are necessary to create any secure authentication system. |
| URL: |
|
| 58. |
Should an enterprise change administrator rights to accomodate new users? |
| Giving admin rights to users can put your business data at risk. In our expert Q&A, Joel Dubin reviews what to consider before insisting upon such permissions. |
| URL: |
|
| 59. |
How do role-based access control methods authorize user accounts? |
| In this expert Q&A, Joel Dubin demonstrates how to authorize groups using role-based access control (RBAC). |
| URL: |
|
| 60. |
Access control management strategy essentials |
| In our expert Q&A, Joel Dubin reviews essential components of an access management strategy and reveals how to deliver the plan to executives. |
| URL: |
|
| 61. |
How to begin identity management and access control implementation |
| Looking to build an identity management and access control program from scratch? In this expert Q&A, Joel Dubin explains what you'll need to do first. |
| URL: |
|
| 62. |
What available management software can centralize access control to Web applications? |
| Unifying access to a diverse set of Web applications can be a challenge. In our expert Q&A, Joel Dubin recommends products that can provide centralized access management. |
| URL: |
|
| 63. |
What tools can limit users' acess to applications and network resources? |
| In this expert Q&A, Joel Dubin explains how SSL VPNS can limit outsider access to applications and network resources. |
| URL: |
|
| 64. |
How will HSPD-12 affect authentication? |
| HSPD-12, signed in 2004, has called for standardized access to government facilities. In this expert Q&A, Joel Dubin reviews the mandate and states how it could impact today's authentication methods. |
| URL: |
|
| 65. |
Can single sign-on (SSO) provide authentication for remote logons? |
| If you're accessing multiple applications through a remote Citrix server, you have two options. Identity management and access control expert Joel Dubin explains both in this SearchSecurity.com Q&A. |
| URL: |
|
| 66. |
Will biometric authentication replace the password? |
| Some security observers say user IDs and passwords are obsolete and can be easily cracked, but that doesn't mean you should fire up biometric authentication projects just yet. In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin explains why enterprises are still holding back on biometrics. |
| URL: |
|
| 67. |
Is a privacy seal useful for an ecommerce Web site? |
| Can a privacy seal protect your ecommerce Web site, or is it just a useful marketing tool? In this expert Q&A, identity management and access control expert Joel Dubin explains how well privacy seals actually protect a site's customer data. |
| URL: |
|
| 68. |
How does a privacy seal protect an ecommerce Web site? |
| Can a privacy seal protect your ecommerce Web site, or is it just a useful marketing tool? In this expert Q&A, identity management and access control expert Joel Dubin explains how well privacy seals actually protect a site's customer data. |
| URL: |
|
| 69. |
What should be considered when purchasing an authentication product? |
| With one-time tokens, smart cards, and biometrics being only a few of the many available authentication products, it's often difficult for an enterprise to select which tools are most appropriate. Luckily, in this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin reveals which questions need to be asked and answered before buying an authentication product. |
| URL: |
|
| 70. |
What is the harm in removing a credit card's RFID chip? |
| If you're concerned that a credit card's RFID chip is putting your personal data at risk, why not just drill the darn thing out? Not so fast, says Joel Dubin. In this SearchSecurity.com Q&A, the identity management and access control expert explains some other options. |
| URL: |
|
| 71. |
Will the costliness of PKI architectures prevent their growth? |
| Implementing a public key infrastructure takes time and money, leaving some wondering if PKI technologies will continue to grow. In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin explains what's keeping PKI in the authentication game. |
| URL: |
|
| 72. |
How to implement IIS authentication settings |
| In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin reviews how to set IIS authentication permissions and allow open access to Web sites hosted on the server. |
| URL: |
|
| 73. |
What are the best ways to block proxy server sites? |
| Proxy services allow employees to view unauthorized content, but the proxies themselves and the sites that list them are tricky to detect. In this SearchSecurity.com Q&A, learn how some content monitoring tools can help block proxy server sites. |
| URL: |
|
| 74. |
Can content management tools customize access request forms? |
| Still using a paper system for access requests? In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin explains which content management tools can customize your Web-based forms. |
| URL: |
|
| 75. |
Can ADFS technology manage multiple-user authentication? |
| In this SearchSecurity.com Q&A, Joel Dubin, expert in identity management and access control, addresses multiple aspects of ADFS systems, including the technology's ability to authenticate multiple users to a Web application. |
| URL: |
|
| 76. |
Which private keys and public keys can create a digital signature? |
| Identity management and access control expert Joel Dubin explains how a digital signature can help manage electronic documents. |
| URL: |
|
| 77. |
How should termination procedures address a user's multiple roles? |
| In this SearchSecurity.com Q&A, expert Joel Dubin explains how the right access management tools can eliminate all traces of a terminated employee. |
| URL: |
|
| 78. |
Using privacy filters to guard computer screens |
| In this SearchSecurity.com Q&A, security expert Joel Dubin offers different methods on how to protect your computer screen from roaming eyes. |
| URL: |
|
| 79. |
How to verify 140-2 (FIPS 140-2) compliance |
| In this SearchSecurity.com Q&A, identity management and access control expert, Joel Dubin, discuses several ways to verify that Federal Information Processing Standard 140-2 is being enforced. |
| URL: |
|
| 80. |
How secure is the Chip and PIN card system? |
| In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin discusses the Chip and PIN card system and examines whether or not it would be productive in the United States. |
| URL: |
|
| 81. |
Is a digital watermark a legitimate authentication factor? |
| Identity management and access control expert Joel Dubin explores how reliable a digital watermark is when acting as a authentication factor. |
| URL: |
|
| 82. |
What is the purpose of CAPTCHA technology? |
| In this SearchSecurity.com expert response, Joel Dubin defines CAPTCHA technology and discusses its purpose. |
| URL: |
|
| 83. |
Are knowledge-based authentication systems doing more harm than good? |
| In this SearchSecurity.com Q&A, security expert Joel Dubin examines if the password security policies used in knowledge-based authentication systems are doing more harm than good. |
| URL: |
|
| 84. |
Choosing the right public key algorithm: RSA vs. Diffie-Hellman |
| In this SearchSecurity.com expert response, Joel Dubin explores two different public key encryption algorithms and discusses how to make the right choice for your information security needs. |
| URL: |
|
| 85. |
Is there an identity management software product for audit and analysis? |
| In this SearchSecurity.com Q&A, security expert Joel Dubin identifies the several identity management auditing tools on the market, and discusses which products best suit your needs in terms of regulatory compliance and network access control. |
| URL: |
|
| 86. |
Creating a personal digital certificate |
| In this SearchSecurity.com expert Q&A, identity management and access control pro Joel Dubin discusses the pros and cons associated with creating a personal digital certificate. |
| URL: |
|
| 87. |
What's the best way to verify client authentication across unrelated Web servers? |
| In this SearchSecurity.com Q&A, security expert Joel Dubin reveals how clustering can verify client authentication across unrelated servers. |
| URL: |
|
| 88. |
How to test an enterprise single sign-on login |
| In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin examines the best ways to test an enterprise single sign-on (SSO) login. |
| URL: |
|
| 89. |
Is the use of digital certificates with passwords considered two-factor authentication? |
| In this SearchSecurity.com Q&A identity management and access control expert Joel Dubin identifies the factors that contribute to two-factor authentication, such as smart cards and digital certificates. |
| URL: |
|
| 90. |
Is there any policy or regulation to help protect biometric data? |
| In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin examines how authentication credentials, such as biometric data, are in need of more protection from current regulations such as SOX, GLBA and HIPAA. |
| URL: |
|
| 91. |
What are the best security practices for securing sensitive data on PDAs? |
| In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin discusses several ways of securing sensitive data on PDAs, such as establishing an acceptable use policy and practicing data encryption. |
| URL: |
|
| 92. |
Should void user IDs be preserved in an audit history? |
| In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin explains how inadequate management of user access can result in compliance violations and information security threats for a corporation. |
| URL: |
|
| 93. |
What are the potential risks of giving remote access to a third-party service provider? |
| In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin discusses the potential risks involved with providing remote access to a third-party service provider. |
| URL: |
|
| 94. |
What challenges arise when designing a logging mechanism for peer-to-peer networks? |
| In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin discusses how to track a peer-to-peer network by using open source security tools. |
| URL: |
|
| 95. |
What are the risks of turning off pre-boot authentication? |
| In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin discusses the dangers associated with turning off pre-boot authentication (PBA)? |
| URL: |
|
| 96. |
Is it safe to use remote access tools to grant system access? |
| In this SearchSecurity.com Q&A, security expert Joel Dubin discusses remote access tools and examines whether or not these products can have negative effects. |
| URL: |
|
| 97. |
What are the PCI DSS compliance benefits of tokenization? |
| In this SearchSecurity.com Q&A, security expert Joel Dubin defines tokenization and discusses how the technology can help ease the burden of achieving PCI DSS compliance. |
| URL: |
|
| 98. |
What risks are associated with biometric data, and how can they be avoided? |
| In this SearchSecurity.com Q&A, security expert Joel Dubin examines the pros and cons of implementing biometric data and explains how to avoid risks associated with the technology. |
| URL: |
|
| 99. |
Are one-time password tokens susceptible to man-in-the-middle attacks? |
| In this SearchSecurity.com Q&A, security pro Joel Dubin discusses the vulnerabilities of one-time password (OTP) token authentication, including man-in-the-middle attacks. |
| URL: |
|
| 100. |
What mistakes are made when implementing enterprise IAM systems? |
| In this SearchSecurity.com Q&A, security expert Joel Dubin unveils the biggest mistakes made by corporations during identity and access management system implementation, and offers advice on how to avoid them. |
| URL: |
|
| 101. |
What are the pros and cons of using keystroke dynamic-based authentication systems? |
| In this SearchSecurity.com Q&A, security pro Joel Dubin discusses the positive and negative aspects of using keystroke dynamic-based authentication systems. |
| URL: |
|
| 102. |
Does single sign-on (SSO) improve security? |
| In this expert response, security pro Joel Dubin discusses the impact that enterprise single sign-on (SSO) can have on a security program. |
| URL: |
|
| 103. |
How do anonymous credentials and selective disclosure certificates affect enterprise IAM? |
| In this expert response, security pro Joel Dubin defines anonymous credentials and selective disclosure certificates, explains how they work and unveils how these two factors can affect enterprise IAM. |
| URL: |
|
| 104. |
Is there a way to bridge physical and logical security without using smart cards or biometrics? |
| Identity management and access control expert Joel Dubin explains how a corporation can merge physical and logical security without using expensive measures, such as smart cards and biometrics. |
| URL: |
|
| 105. |
How should sensitive customer data, such as driver's license information, be handled? |
| In this Q&A, Identity management and access control expert Joel Dubin discusses how to properly protect the personal data of a driver's license. |
| URL: |
|
| 106. |
Choosing from the top PKI products and vendors |
| In this expert response, security pro Joel Dubin discusses the best ways to compare PKI products and vendors for enterprise implementation of PKI. |
| URL: |
|
| 107. |
Is third-party software the only way to prevent access within a domain group? |
| Identity management and access control expert Joel Dubin discusses how to prevent administrator access to certain documents within a domain group. |
| URL: |
|
| 108. |
How can the combination of biometrics and electrophysiological signals be used for authentication? |
| Identity management and access control expert Joel Dubin explains the relationship of biometrics and electrophysiological signals, and examines how these two factors create an adequate authentication method. |
| URL: |
|
| 109. |
Can tokenization of credit card numbers satisfy PCI requirements? |
| In this expert response, Joel Dubin discusses whether or not tokenization can meet PCI DSS standards for storing credit card data. |
| URL: |
|
| 110. |
What are the dangers of Web-based remote access systems? |
| Identity management and access control expert Joel Dubin discusses the security risk associated with using Web-based remote access systems, such as LogMeIn and GoToMyPC. |
| URL: |
|
| 111. |
Where did the biometric device come from? |
| In this expert Q&A, security expert Joel Dubin discusses the history of the biometric device, more specifically the fingerprint reader and scanner. |
| URL: |
|
| 112. |
Best practices for deploying enterprise single sign-on (SSO) |
| In this expert response, Joel Dubin discusses some enterprise single sign-on (SSO) best practices and common obstacles. |
| URL: |
|
| 113. |
Using fingerprint door locks in a network environment |
| Identity management and access control expert Joel Dubin discusses fingerprint door lock technology, and unveils whether or not they can be controlled through a network. |
| URL: |
|
| 114. |
Traditional single sign-on (SSO) products versus federated identities |
| Identity management and access control expert Joel Dubin discusses the pros and cons of single sign-on products and federated identities. |
| URL: |
|
| 115. |
Will enabling Group Policy password settings affect existing user accounts? |
| In this expert response, identity management and access control expert Joel Dubin discusses the affect that Active Directory Group Policy password settings can have on user accounts. |
| URL: |
|
| 116. |
What type of protections should security question and answer authentication credentials have? |
| Identity management and access control expert Joel Dubin discusses how corporations can secure security question and answer authentication credentials. |
| URL: |
|
| 117. |
What is the best way to securely change the local administrator password in a domain? |
| Identity management and access control expert Joel Dubin unveils how a corporation can change local administrator accounts and passwords on a domain system. |
| URL: |
|
| 118. |
Should PKI systems be used for laptop encryption? |
| In this expert reponse, Joel Dubin discusses the pros and cons of using PKI systems for laptop encryption. |
| URL: |
|
| 119. |
How can root and administrator privileges of different systems be delegated on one account? |
| In this expert response, Joel Dubin discusses how corporations can manage "superuser" accounts by delegating root and administrator privileges. |
| URL: |
|
| 120. |
How does identity propagation work? |
| In this expert Q&A, Joel Dubin defines identity propagation and explains how it works. |
| URL: |
|
| 121. |
Is it secure to use .NET membership class for user authentication? |
| Identity management and access control expert Joel Dubin discusses how .NET membership class can be used as a secure authentication framework. |
| URL: |
|
| 122. |
How to choose the right biometric security product |
| Identity management and access control expert Joel Dubin discusses the different types of biometric security products on the market today, and offers advice on how you can choose the right biometric product for your organization. |
| URL: |
|
| 123. |
How to prevent hackers from accessing your router security password |
| In this Q&A, Joel Dubin unveils the best practices for protecting a router security password from compromise. |
| URL: |
|
| 124. |
What precautions should be taken if biometric data is compromised? |
| In this Q&A, Joel Dubin discusses what precautions to take if corporate biometric data is stolen. |
| URL: |
|
| 125. |
CardSpace vs. user IDs and passwords |
| Identity management and access control expert Joel Dubin discusses the pros and cons of using Cardspace, and how it compares to using a common password system. |
| URL: |
|
| 126. |
Biometrics vs. biostatistics |
| In this expert response, Joel Dubin examines the differences between biometrics and biostatistics. |
| URL: |
|
| 127. |
What should an internal support model for identity management look like? |
| In this Q&A, Joel Dubin discusses how to create an internal support model for enterprise access management. |
| URL: |
|
| 128. |
What are the dangers of using radio frequency identification (RFID) tags? |
| In this expert response, Joel Dubin discusses the dangers associated with radio frequency identification (RFID) tags, and how users can protect themselves. |
| URL: |
|
| 129. |
What are the risks of connecting a Web service to an external system via SSL? |
| Security pro Joel Dubin discusses the risks associated with SSL connections, and offers advice on how to avoid them. |
| URL: |
|
| 130. |
How to conduct an efficient and thorough employee access review |
| In order to meet HIPAA and SOX compliance requirements, an employee access review is necessary. |
| URL: |
|
| 131. |
Should users set up password expiries in Active Directory? |
| Resetting the Active Directory password is a security best practice. But what happens to current users? |
| URL: |
|
| 132. |
What are the pros and cons of using stand-alone authentication that is not Active Directory-based? |
| Password managment tools other than Active Directory are available, though they may not be the best access control coordinators. |
| URL: |
|
| 133. |
For a small office, what are the best, least expensive office servers with secure access? |
| Which secure access servers are best for small offices when price is an issue? |
| URL: |
|
| 134. |
How to prevent hack attacks against smart card systems. |
| What are smart cards, and how can the security of a smart card itself be maintained? |
| URL: |
|
| 135. |
How are biometric signatures more than a fingerprint scanner? |
| How secure are biometric signatures, and what's the best way to keep them from being defeated? Identity and access management expert Joel Dubin explains. |
| URL: |
|
| 136. |
What is the purpose of RFID identification? |
| RFID identification can be used to keep track of everything from credit cards to livestock. But what security risks are involved? |
| URL: |
|
| 137. |
How to prevent users from sharing root passwords |
| On a Linux/Unix system, creating user IDs with root privilege who are unable to delete their own system logs is possible with a built-in tool. Identity and access management expert Joel Dubin explains. |
| URL: |
|
| 138. |
To what exactly would a request for biometric data from an insurance provider pertain? |
| Biometric data serves only to verify identity. Identity and expert management expert Joel Dubin explains what an insurance company might want with biometric data. |
| URL: |
|
| 139. |
Pre-requisites for implementing enterprise single sign-on (SSO) |
| Implementing single sign-on (SSO) in an enterprise involves many security considerations, and there are no universal protocals. Identity access management expert Joel Dubin gives his advice on implementation. |
| URL: |
|
| 140. |
What are the benefits of identity managed as a service? |
| How do Software as a Service (SaaS) and IAM interact? Identity and access management expert Joel Dubin weighs in on how to approach the integration of the two. |
| URL: |
|
| 141. |
What 'picture password' technologies are available for mobile devices? |
| Picture passwords for mobile device security aren't a new idea, but they have been recently improved. Identity and access management expert Joel Dubin explains how picture passwords work and how they can be most effective. |
| URL: |
|
| 142. |
Should a new user have to confirm an email address to gain access? |
| 'Authenticate new user' emails can be helpful tools in preventing spammers from creating a million users that will flood a site. Identity and access management expert Joel Dubin gives advice. |
| URL: |
|
| 143. |
Can home PCs provide a way for viruses and spyware to enter a corporate LAN? |
| When considering allowing remote access to a corporate LAN, security concerns are paramount, especially when corporate security pros have no control over the home PCs. Learn how to protect the corporate LAN from viruses and spyware. |
| URL: |
|
| 144. |
What are good features to look for in access control software? |
| When supporting environments with HID card readers and proxy cards, what qualities should control access software have? Identity and access management expert Joel Dubin weighs in on software and implementation best practices. |
| URL: |
|
| 145. |
Pre-boot biometric user authentication tools and strategies |
| Thinking about implementing biometric fingerprint readers for authentication? Learn what to look for in user authentication tools and how to be sure they're compatible with the OS. |
| URL: |
|
| 146. |
Is encryption only as good as an organization's password management and access control policies? |
| Is data encryption helpful if a system's root or admin account is hacked? Learn more about this identity and access managment dilemma. |
| URL: |
|
| 147. |
What techniques are being used to hack smart cards? |
| Hacked smart cards are a large potential threat to enterprises that utilize them. Learn how to thwart smart card hackers. |
| URL: |
|
| 148. |
Using batch files for temporary user access to the local admin group |
| When a program that many users need to access requires local admin rights to run, what's the best way to manage user privileges? IAM expert Joel Dubin weighs in on how best to manage user accounts. |
| URL: |
|
| 149. |
Do the Group Policy Object and 'Password Never Expires' flag interact? |
| How does the Group Policy Object interact with the 'Password Never Expires' flag in Active Directory? Identity and access management expert Joel Dubin explains. |
| URL: |
|
| 150. |
Best practices for remote management of medical imaging devices |
| Securing externally facing websites, especially those that include sensitive medical information, can be challenging. Learn more about best practices for remote management in this identity and access management expert response. |
| URL: |
|
| 151. |
Are there efforts to develop a common logging and audit standard? |
| As many people believe a common logging and audit standard is imminent, what steps are being taken to create one? Identity and access management expert Joel Dubin gives his thoughts. |
| URL: |
|
| 152. |
Are smart cards insecure if Mifare Classic RFID encryption is cracked? |
| The security of RFID chips and smart cards may not be fully mature, but there are best practices to keep facilities safe. Identity and access management expert Joel Dubin explains. |
| URL: |
|
| 153. |
What guidelines do you recommend regarding best practices for user provisioning? |
| User provisioning is a very important aspect of information security; taking the steps to do it right can make data that much more secure. Learn best practices from identity and access management expert Joel Dubin. |
| URL: |
|
| 154. |
How do RFID-blocking passport wallets work? |
| RFID passports can provide quicker passage through customs, but may put sensitive data at risk. Learn about whether RFID-blocking passport wallets can keep personal credentials from being sniffed. |
| URL: |
|
| 155. |
Is it illegal to ask a fellow employee for his or her password? |
| Password protection is a vitally important piece of data security. In this identity and access management expert response, learn best practices for keeping passwords safe. |
| URL: |
|
| 156. |
What should an enterprise look for in a password token and a vendor? |
| One-time password (OTP) tokens can aid data security by creating another layer of authentication. In this identity and access management expert response, learn which OTPs are the most secure. |
| URL: |
|
| 157. |
Users can no longer reach any Microsoft login site. Any ideas? |
| When users can no longer access certain websites, a proxy is most likely the cause. In this identlty and access management expert response, learn best practices for managing such proxies. |
| URL: |
|
| 158. |
Could someone place a rootkit on an internal network through a router? |
| If a hacker gains control of a router and then uploads a new configuration opening ports up for communication, it may be possible to place a rootkit on the internal network. In this IAM expert response, learn how this attack might happen, and how to prevent it. |
| URL: |
|
| 159. |
User provisioning and SSO for PeopleSoft- and Unix-based products |
| When working with PeopleSoft and Unix, which single sign-on (SSO) vendors offer the most effective products? Learn how to choose an SSO product in this IAM expert response. |
| URL: |
|
| 160. |
Comparing access control mechanisms and identity management techniques |
| In the IAM world, what's the difference between access control and identity management. This IAM expert response explains how the two relate as well as some best practices for both access control mechanisams and identity management. |
| URL: |
|
| 161. |
Options for a mechanical door security system on a server room door |
| After a server room door has been compromised, finding a more secure solution is of utmost importance. Learn how to choose a server room door that can secure your server without breaking the bank. |
| URL: |
|
| 162. |
Can mutual authentication beat phishing or man-in-the-middle attacks? |
| What's the best way to prevent phishing and man-in-the-middle attacks? IAM expert David Griffeth explains the benefits of mutual authentication over one-way SSL. |
| URL: |
|
| 163. |
Is it possible to encrypt CDs and DVDs as well as SD cards? |
| Encryption is a necessary technology to keep today's enterprises secure, so it makes sense that companies would want to encrypt as much as possible. But are there products available to encrypt CDs, DVDs and SD cards? IAM expert David Griffeth weighs in. |
| URL: |
|
| 164. |
Does password sharing in international branches violate SOX? |
| Does password sharing in a company's international branch violate Sarbanes Oxley compliance? Learn enterprise password management solutions for international companies. |
| URL: |
|
| 165. |
Should the CTO have domain administrator access? |
| Should a CTO or SVP of technology have domain administrator access? In this identity and access management expert response, learn whose job description should include domain administrator privileges. |
| URL: |
|
| 166. |
Can any firm or organization get a digital signature certificate? |
| Learn how a firm can obtain a digital signature certificate. Also, learn about several certificate authorities (CA) that manage them. |
| URL: |
|
| 167. |
Cryptosystem attacks that do not involve obtaining the decryption key |
| When a cryptosystem is attacked, are there more things to look out for than attacks that involve getting the decryption key? Find out more in this IAM expert response. |
| URL: |
|
| 168. |
Is there a free enterprise-caliber password-management tool? |
| Enterprise-caliber password-management tools can be very expensive. Learn about a few free open source password management tools that can improve IAM at your enterprise. |
| URL: |
|
| 169. |
Can you combine RFID tag technology with GPS to track stolen goods? |
| When laptops or smartphones are stolen, retrieving them can mean the difference between a data breach a close call. Learn if it's possible to combine RFID tag technology with GPS devices for tracking stolen goods to their exact location, and if so how much would it cost? |
| URL: |
|
| 170. |
Employee information security awareness training for new IAM systems |
| When an enterprise gets new IAM systems, training employees on how to interact with the technology is one of the most important aspects of deployment. Learn how to implement employee information security awareness training for new IAM systems and technologies cost effectively using a third-party source. |
| URL: |
|
| 171. |
What are best practices for secure password distribution after a data breach? |
| After an information security data breach, it might seem like a good idea to create new user IDs and passwords for all employees in the user directory. But is there an easier way to handle the aftermath of a data breach? Find out more in this IAM expert response. |
| URL: |
|
| 172. |
Learn about enterprise strategy for server virtualization single sign-on |
| Virtualization is a technology that's taking off, but how can information security professionals know how it will interact with their existing networks and applications? In this identity and access management expert response, learn how virtualizing a server impacts enterprise single sign-on. |
| URL: |
|
| 173. |
Randall Gamby, Identity management and access control |
| Randall Gamby is an enterprise security architect for a Fortune 500 insurance and finance company who has worked in the security industry for more than 20 years. |
| URL: |
|
| 174. |
How to confirm the receipt of an email with security protocols |
| Many websites try to ensure secure registrations by sending email confirmations. But how is it possible to confirm receipt of that email by the correct recipient? Identity and access management expert Randall Gamby weighs in. |
| URL: |
|
| 175. |
How to log in to multiple servers with federated single sign-on (SSO) |
| Single sign-on is a rapidly evolving technology that, when partnered with federation tools, can offer a greater and greater level of granularity for access control. Learn how from expert Randall Gamby. |
| URL: |
|
| 176. |
Is Identity Management as a Service (IDaaS) a good idea? |
| Identity Management as a Service (IDaaS) is new on the managed security service provider scene, so how can you know which of these SaaS service providers to trust with your identity and management access tools? Find out in this expert response. |
| URL: |
|
