Security Experts:

long dotted


Barclays Bank announced that it will commence rolling out voice security authentication to all customers, replacing the existing password-based method. [Read More]
A new proof of concept shows that the QR code login process is susceptible to relatively simple hijacking. [Read More]
LastPass quickly fixed a vulnerability in the Firefox add-on that could have been exploited to steal passwords [Read More]
Microsoft is launching new Microsoft Authenticator applications in popular mobile app stores to provide users with multi-factor authentication (MFA) functionality on the go. [Read More]
Microsoft's Azure Security Center is an holistic platform that can combine the customer's own controls with both Microsoft's own and those of its partners [Read More]
RSA announced a new RSA SecurID Suite, moving from two-factor authentication to a full identity and access management solution. [Read More]
Organizations are increasingly aware about the risk of unprotected privileged accounts, but they still fail to enforce best practices [Read More]
Researcher demonstrates how hackers could have stolen money from Google, Microsoft and Facebook by leveraging flaws in phone verification services [Read More]
Two-thirds of European consumers want to use biometrics to make payments easier and more secure, according to research commissioned by Visa. [Read More]
Microsoft announced a series of changes to the security capabilities of Windows 10, including expanded capabilities for Windows Hello, the end-to-end multi-factor authentication solution. [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Alastair Paterson's picture
While you may understand the risks that come from the use of social media, what options do you have to protect your organization against them?
Alan Cohen's picture
Micro-segmentation approaches play an important role in reducing the attack surface, the points of infiltration in the heart of the data center. By governing the traffic among servers, they reduce the risk of bad actors.
Travis Greene's picture
The investment in access certifications have reduced the workload on IT, but by treating all entitlements and users the same, we’ve put the burden on LOB managers to manage the risk of excessive access.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
The true value of identity is not in creating more defense in depth, which means that identity is not the new perimeter.
Travis Greene's picture
As much fun as it is to wake up to patches waiting to be unwrapped, we don’t want the regret of “exploit Wednesday”, which is far more embarrassing than becoming a victim of a zero-day exploit.
Travis Greene's picture
Can IT security find a way to coexist with wearables faster than the first BYOD war and avoid a second war?
Travis Greene's picture
No IT organization has a seemingly unlimited budget the way that Team Oracle did in the 2013 America’s Cup race. But look closer at why spending on America’s Cup racing seems so out of control and it starts to look a bit more familiar.
Travis Greene's picture
Security teams must bear equal, if not more responsibility, for reducing the risk of credential fatigue leading to inadvertent exposure.