Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Android phones can now be used to verify sign-ins on Apple iPads and iPhones. [Read More]
Microsoft wants to make its Windows platform passwordless and the latest Windows 10 release marks one step closer to that goal. [Read More]
macOS 10.15 Catalina brings several security-related improvements, including an enhanced Gatekeeper, a dedicated read-only volume for the OS, data protections, and support for Activation Lock. [Read More]
NLA feature of Windows Remote Desktop Services can allow a hacker to bypass the lockscreen on remote sessions and there is no patch from Microsoft, CERT/CC warns. [Read More]
Apple announces “Sign in with Apple,” a new authentication system advertised as fast, secure and privacy friendly, but some experts are skeptical. [Read More]
AttackIQ, a company that specializes in continuous security validation, raised $17.6 million in a Series B funding round, which brings the total raised by the firm to roughly $35 million. [Read More]
Financial services giant First American Financial exposed hundreds of millions of customer mortgage documents containing sensitive information. [Read More]
LinkedIn has once again put user data and privacy at risk by allowing a TLS certificate to expire. [Read More]
Identity-as-a-Service (IDaaS) company Auth0 closed a $103 million round of Series E funding led by Sapphire Ventures, at a valuation of more than $1 billion. [Read More]
Google is offering to replace Bluetooth Titan Security Keys for free after researchers at Microsoft discovered a misconfiguration that can be exploited to attack the devices. [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Torsten George's picture
Companies should consider moving to a Zero Trust approach, powered by additional security measures such as multi-factor authentication, to stay ahead of the security curve and leave passwords behind for good.
Jim Ducharme's picture
The ultimate goal for identity and access management (IAM) is not to find the unbreakable or “unhackable” code for authentication; rather, it’s to layer security to create a much stronger identity assurance posture.
David Holmes's picture
The debate about the deprecation of SMS as an authentication system is less about the agreed-upon insecurity of SMS and more about what can replace it. SMS survives because of its ubiquity, period.
Torsten George's picture
Shifting traditional perimeter-based enterprise security strategies to a Zero Trust approach provides more robust prevention, detection, and incident response capabilities to protect continuously expanding attack surfaces.
Torsten George's picture
The anatomy of a hack has been glorified and led to the common belief that data breaches typically exploit zero-day vulnerabilities and require a tremendous amount of code sophistication.
Erin O’Malley's picture
It’s important for IT security teams to understand the slight, but potentially significant difference between MFA and two-factor (2FA) authentication.
Torsten George's picture
Since multi-factor authentication requires several elements for identity verification, it’s one of the best ways to prevent unauthorized users from accessing sensitive data and moving laterally within the network.
Torsten George's picture
While implementing Zero Trust is a journey that cannot be achieved over night, it also doesn’t require a complete redesign of existing network architectures.
Torsten George's picture
With 2019 just around the corner, organizations should examine their overall cyber security and identity management strategies and align them to address the #1 cause of today’s data breach — privileged access abuse.
Travis Greene's picture
A Consumer Identity and Access Management (CIAM) approach can help your security organization gain a reputation as a business partner that drives heightened user experiences and business competitiveness.