Evaluate

Password Management and Policy

• Analyzing the top 2019 data breach disclosures: Hindsight in 2020

  Make 2020 the year your company keep its resolution to avoid a data breach. Experts offer lessons learned from the top 2019 data breaches to help stay secure in the year ahead. Continue Reading

• Google expands multiple Chrome password protection features

  Chrome's updated, built-in protections are intended to help users protect their passwords and data against malware, data breaches and phishing sites, according to the company. Continue Reading

• Key customer identity access management features to consider

  Evaluating customer identity access management products is complicated but necessary. Learn what’s new and what you need most right now. Continue Reading

• CIAM vs. IAM: The key differences 'customer' makes

  Find out everything you need to know about the nuances that differentiate customer IAM from traditional IAM so that you can implement the CIAM system at your organization. Continue Reading

• How did Netflix phishing attacks use legitimate TLS certificates?

  Hackers can imitate the design and domain name of popular sites like Netflix to steal credentials. Expert Michael Cobb explains how these Netflix phishing attacks work. Continue Reading

• How to find the best privileged identity management tool

  To ensure IT security means first realizing that elevated privileges can also be an open door for hackers. Locking things down requires teamwork, good tools and more.Continue Reading

• Weighing privileged identity management tools' pros and cons

  Products that help security pros manage access privileges are essential to IT security. Learn how to evaluate market offerings and acquire the best for your company.Continue Reading

• FIDO authentication standard could signal the passing of passwords

  The FIDO authentication standard could eventually bypass passwords, or at least augment them, as government and industry turns to more effective authentication technologies.Continue Reading

• What new NIST password recommendations should enterprises adopt?

  NIST is coming up with new password recommendations for the U.S. government. Expert Michael Cobb covers the most important changes that enterprises should note.Continue Reading

• Keydnap malware: How does it steal Mac passwords?

  The Keydnap malware has the ability to steal passwords stored in the Keychain Access app on Mac systems. Expert Nick Lewis explains how to mitigate this issue.Continue Reading

• Risk & Repeat: Yahoo data breach details emerge

  In this Risk & Repeat podcast, SearchSecurity editors discuss new information on the Yahoo data breach, including how counterfeit cookies may have been used by attackers.Continue Reading

• Risk & Repeat: Yahoo breach response, security practices criticized

  In this Risk & Repeat podcast, SearchSecurity editors discuss the Yahoo breach and questions and criticism regarding the company's enterprise security practices.Continue Reading

• Making updates to your IAM framework

  This Security School examines how security professionals should consider updating and adapting their IAM framework to work with emerging technologies.Continue Reading

• IAM strategy: Update to work with new technologies

  Your organization needs to make decisions about its IAM strategy in order to keep up with the new technologies its deploying. Steps to take begin at the policy level.Continue Reading

• Expanding the IAM infrastructure to meet emerging challenges

  Your IAM infrastructure should cut through the 'access excess' that is plaguing most companies. Learn how to overcome the challenges posed by migration to cloud and mobility.Continue Reading

• Windows 10 Wi-Fi Sense for hotspot sharing: Is it safe?

  Microsoft's Windows 10 Wi-Fi Sense was designed to make hotspot sharing easy, but experts debate if the security risks are real and whether the new feature offers substantial benefits and relative safety.Continue Reading

• Can facial recognition authentication improve mobile security?

  MasterCard is testing a new facial recognition authentication system for mobile payments. Expert Michael Cobb explains how it works, and what it means for users.Continue Reading

• What does bimodal IAM mean for user credentials?

  Bimodal IAM may be a new term, but this new way to use user credentials should probably already be in practice among secure organizations.Continue Reading

• Why PCI non-compliance is a problem for many

  PCI DSS requirement 2 specifies companies must change vendor-supplied default passwords, but only 50% were in compliance. Expert Mike Chapple explains why.Continue Reading

• Why privileged account management is hard to scale

  Philip Lieberman of Lieberman Software discusses privileged accounts and how automated tools can help organizations monitor their use.Continue Reading

• Analysis: Enterprise password management tools have room to improve

  Explore the differences between consumer and enterprise password management products and learn pros and cons about the latest tools.Continue Reading

• LinkedIn password leak: Lessons to be learned from LinkedIn breach

  Breach at the professional networking site highlights password practices, storage procedures.Continue Reading

• Two-factor authentication, vigilance foil password theft

  Password stealing Trojans, keyloggers and other malware are reaping account credentials by the thousands forcing some to rethink password policies and develop new defenses.Continue Reading

• Best Identity and Access Management Products 2009

  Readers vote on the best identity and access management products, including user identity access privilege and authorization management, single sign-on, user identity provisioning, Web-based access control, federated identity, role-based access ...Continue Reading

• Privileged account management critical to data security

  Regulatory requirements and economic realities are pressuring enterprises to secure their privileged accounts.Continue Reading

• Mature SIMs do more than log aggregation and correlation

  They've come a long way from the early days of log aggregation and correlation; enterprises now glean value from SIMs for compliance, visualization, and even overall business intelligence.Continue Reading

• Ease the compliance burden with automation

  Manual compliance processes are error-prone and drain corporate IT resources. Automated tools make a difference if you apply them to a well-organized compliance program.Continue Reading

• Shared Identity Providers Could Soothe Password Chaos

  A security model that requires people to remember multiple passwords and logins has to change.Continue Reading

• What are the pros and cons of using stand-alone authentication that is not Active Directory-based?

  Password managment tools other than Active Directory are available, though they may not be the best access control coordinators.Continue Reading

• Viewpoint: Creative patch management workarounds

  Continue Reading

• Cyber-Ark Enterprise Password Vault 4.0 product review

  Product review of Cyber-Ark Enterprise Password Vault, a password management and security tool that manages passwords and controls privileged accounts.Continue Reading

• Three Pitfalls to Avoid

  SPECIAL Managing identity and access can be as easy as 1, 2, 3.
  3 strikes, you're outContinue Reading

• Reborn Identity

  IDENTITY MANAGEMENT GM's Jarrod Jasper drives a common user profile across all systems.Continue Reading

• Password Security

  Symark Software's PowerKeeper 1.4Continue Reading

• Amazing Access

  Finding a comprehensive identity and access management architecture requires leadership to navigate the technology and implementation labyrinth.Continue Reading

• Delivering SSO: Postal Service simplifies passwords

  Nobody likes passwords: not employees, and certainly not infosec teams. Not only are passwords often difficult to remember (leading to employees writing them down and possibly lose them -- a huge security risk), but they are also cumbersome due to ...Continue Reading

• SSO benefits: Security booster or improving end user experience?

  Enterprise single sign-on all about simplicity and improving end user experience, security is just a side benefit. Learn why this is true, as well as other technologies that both reduce complexity and improve security.Continue Reading

• Week 2: Passwords -- Updating, selecting and recording user and administrative passwords

  Shelley Bard, CISSP, offers insight on maintaining secure passwords.Continue Reading

• Review: Implementing Biometric Security

  David Bianco explains why Implementing Biometric Security is a useful but flawed book.Continue Reading

• Controlling Linux root privilege in a Linux environment

  If your enterprise has multiple sysadmins, giving them separate accounts is advisable. Su and Sudo can aid in keeping Linux root privilege rooted in safety.Continue Reading

• Password pain relief

  Passwords have long been the bane of both users' and IT's existence. They have been a nuisance for your employees to remember and your help desk to deal with. However, up-and-coming options are ready to help relieve you of the headache.
  
  In ...Continue Reading

• Building blocks of an identity management system

  Learn best practices for securing an identity management system for users inside and outside of the organization without reducing security effectiveness.Continue Reading

• Where's the business smart card explosion?

  The U.S. has been slow to migrate to the smart card, which Europe and Asia have already adopted. Yet its functionality is becoming more practical and attractive to enterprises.Continue Reading