October 01, 2012
This month, we are tackling identity management, network access control (NAC) and data leak prevention (DLP).
In a rare acquisition, Apple has acquired Melbourne, Fla.-based mobile and network security firm AuthenTec for $356 million.
December 13, 2011
Identity and access management programs are quite tricky to scale across an organization, but implementing a governance team can go a long way to effectively using the technology to meet compliance and manage user permissions.
Throughout the day, SC Magazine will be announcing the finalists from each of its 32 award categories, covering the Reader Trust, Professional and Excellence sections.
An Apple operating system flaw could allow any user to obtain stored password hash data through an openly readable directory.
September 01, 2011
A sound approach to identification and authentication is an elementary building block to security policy within most any organization, but management of these disciplines face fresh challenges.
Facebook is rolling out two-factor authentication to fight against the possibility of unauthorized account access.
A major U.S. energy supplier has found no evidence of breach despite claims by a former employee that he hacked into the company's New Mexico wind turbine facility as revenge for being fired.
The Obama administration released the final version of its National Strategy for Trusted Identities in Cyberspace, the goal of which is to create a so-called identity ecosystem where online transactions are more trustworthy.
A former network engineer at Gucci has been charged with hacking into the company's network, deleting data and shutting down servers and networks.
The European Telecommunications Standards Institute (ETSI), a nonprofit that produces standards for information and communications technologies, has completed a set of identity management specifications which outline how users can safely gain authorized access to data and services. The free specifications, which are aimed at network operators, internet service providers and systems designers, address access control issues related to third-parties and cloud environments. The specifications were created by ETSI's identity and access management for networks and services group, whose members include Nokia Siemens Networks, Alcatel Lucent, the University of Patras in Greece, and the University of Murcia in Spain.
December 22, 2010
Poor authentication standards encourage bad passwords and enable the data breach at Gawker to harm security across the web.
August 30, 2010
Continuing its cloud computing buying spree, IT management software provider CA Technologies announced Monday that it plans to acquire authentication solutions provider Arcot for $200 million.
July 07, 2010
A successful identity governance strategy requires a combination of transparency, analytics, automation and risk mitigation.
Critics of the White House's proposed national internet identity authentication plan, intended to improve online privacy and security, say the strategy may do just the opposite. Proponents, meanwhile, believe it represents a major step toward establishing online trust.
June 21, 2010
All it takes is a single employee or partner with improper access to bring an organization's network to its knees.
Drivers such as compliance and insider threats are helping to keep information security budgets at financial institutions alive and well, according to a new study.
Scott Charney, Microsoft's corporate vice president for trustworthy computing, addressed measures that can be taken to eliminate the widespread botnet scourge.
Information security budgets will get a boost at many organizations in 2010, according to a study released Tuesday by IT research company TheInfoPro. The study, based on interviews of 259 security decision makers at Fortune 1000 and mid-size organizations, found that 40 percent of enterprises are planning to increase their 2010 security budgets. Data leakage prevention topped the list of projects planned for 2010, followed by identity management and compliance initiatives. — AM
A bill under consideration in the New Hampshire Legislature, which would prohibit any government agency or private entity from using biometrics in ID cards, is pitting privacy against security.
PGP announced Tuesday that it has acquired TC TrustCenter and its U.S.-based parent, Chosen Security to extend its encryption capabilities to third-party applications and transactions. The deal enables PGP to now offer an "on-demand platform for managing trusted identities used for encryption, authentication and secure collaboration." The new division will be led by Rajiv Dholakia, the previous vice president of corporate development and strategy for PGP. Terms of the deal were not disclosed. — DK
A draft bill approved Wednesday by a U.S. House subcommittee would require the National Institute of Standards and Technology to coordinate government in the development of cybersecurity standards, a move to make the creation process more streamlined.
Microsoft confirmed Monday that the credentials of thousands of Microsoft Windows Live ID accounts were posted online late last week.
Using financial information purchased from crooked bank insiders, a ring of thieves stole millions of dollars.
May 27, 2009
To give businesses greater confidence in privilege management, we must define, implement, monitor and enforce processes for delegating administrative access.
The FTC has established a how-to guide for coping with new requirements aimed at deterring identity theft.
The majority of individuals laid off, fired or changing jobs in the last 12 months stole data from their former employer, according to a new survey from the Ponemon Institute and Symantec.
The cost of a data breach rose to a new record in 2008, according to the fourth annual Ponemon Institute study.
NIST this month released draft recommendations that federal agencies -- and their contractors -- should follow to protect the confidentially of personally identifiable information.
CA is the latest heavy hitter to acquire a data-loss prevention provider.
