Archive for 'Access Management' Category
The Four Basic Truths of System Security
By Dan Hadaway - Last updated: Sunday, January 1, 2023
System Security and Cybersecurity are not the same thing. . . Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Regarding “information security,” the last thirty years have seen an evolution of frameworks, laws, and assessment approaches which intimidate the management team with their complexity. […]
The Importance of Proper Multi-Factor Authentication (MFA) in 2022
By Steven Jakubin - Last updated: Monday, February 28, 2022
Not just because it is becoming an issue of compliance. . . We all know the plot of your typical heist movie – a group of robbers seeks out special bits of information, such as PIN numbers, keycards, FOBs, and even biometrics, all to relentlessly gain entry to a secured vault. These vaults use several […]
The AIO’s Impact on Technology Planning Movie
By Bryan Bonnell - Last updated: Monday, December 6, 2021
Dan is joined by a Panel to discuss the FFIEC’s New AIO Guidance and how it may impact Technology Planning in the future.
Zeroing in on VPN Security
By Tanvee Dhir - Last updated: Monday, November 1, 2021
Has the security effectiveness of VPNs passed? Another Technical Article by Tanvee Dhir! Why under scrutiny? VPNs (Virtual Private Networks) have been a cardinal piece for secure internet browsing for decades. They offer a secure and encrypted tunnel to transfer your data over the network whether in a home or an enterprise environment. Different vendors […]
An Overview of the FFIEC Architecture, Infrastructure, and Operations Booklet
By Adam Reynolds - Last updated: Monday, July 26, 2021
Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of IT Examination Handbooks. It is an update to their 2004 Operations booklet and, as the name implies, expands into the areas […]
Risk-Based Authentication Practices
By Dan Hadaway - Last updated: Monday, June 21, 2021
A follow-up on Dan’s 2008 Password Manifesto On the NIST Publication on Digital Identity Guidelines Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . In June 2017, NIST released a special publication on digital identity, NIST SP 800-63, that is starting to get the attention […]
‘Disrupted’ Employees: The New Insider Threat?
By Vigilize - Last updated: Monday, April 12, 2021
Employees working from home may find it more difficult to follow security policies… An article review. The surge in employees working from home during the pandemic created many headaches for IT departments around the world, many of whom had no telecommuting policies or procedures before the start… but what about the employees who had to […]
Reinventing Meeting Management Movie
By Vigilize - Last updated: Monday, January 18, 2021
A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]
Zoom Security: No longer an Oxymoron
By Reynolds | Hadaway - Last updated: Tuesday, July 14, 2020
Lessons Learned from Zoom’s Rise… The only constant is change. An illustration of impermanence in information security. Zoom’s popularity is in a large part thanks to its ease of use and low cost. How can you go wrong with an application that is popular, cost effective, and easy to use? Good question, easy answer: security. […]
20 Questions – A Pandemic Polling Discussion!
By Vigilize - Last updated: Monday, May 25, 2020
System Security and Cybersecurity are not the same thing. . . Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Regarding “information security,” the last thirty years have seen an evolution of frameworks, laws, and assessment approaches which intimidate the management team with their complexity. […]
Not just because it is becoming an issue of compliance. . . We all know the plot of your typical heist movie – a group of robbers seeks out special bits of information, such as PIN numbers, keycards, FOBs, and even biometrics, all to relentlessly gain entry to a secured vault. These vaults use several […]
The AIO’s Impact on Technology Planning Movie
By Bryan Bonnell - Last updated: Monday, December 6, 2021
Dan is joined by a Panel to discuss the FFIEC’s New AIO Guidance and how it may impact Technology Planning in the future.
Zeroing in on VPN Security
By Tanvee Dhir - Last updated: Monday, November 1, 2021
Has the security effectiveness of VPNs passed? Another Technical Article by Tanvee Dhir! Why under scrutiny? VPNs (Virtual Private Networks) have been a cardinal piece for secure internet browsing for decades. They offer a secure and encrypted tunnel to transfer your data over the network whether in a home or an enterprise environment. Different vendors […]
An Overview of the FFIEC Architecture, Infrastructure, and Operations Booklet
By Adam Reynolds - Last updated: Monday, July 26, 2021
Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of IT Examination Handbooks. It is an update to their 2004 Operations booklet and, as the name implies, expands into the areas […]
Risk-Based Authentication Practices
By Dan Hadaway - Last updated: Monday, June 21, 2021
A follow-up on Dan’s 2008 Password Manifesto On the NIST Publication on Digital Identity Guidelines Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . In June 2017, NIST released a special publication on digital identity, NIST SP 800-63, that is starting to get the attention […]
‘Disrupted’ Employees: The New Insider Threat?
By Vigilize - Last updated: Monday, April 12, 2021
Employees working from home may find it more difficult to follow security policies… An article review. The surge in employees working from home during the pandemic created many headaches for IT departments around the world, many of whom had no telecommuting policies or procedures before the start… but what about the employees who had to […]
Reinventing Meeting Management Movie
By Vigilize - Last updated: Monday, January 18, 2021
A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]
Zoom Security: No longer an Oxymoron
By Reynolds | Hadaway - Last updated: Tuesday, July 14, 2020
Lessons Learned from Zoom’s Rise… The only constant is change. An illustration of impermanence in information security. Zoom’s popularity is in a large part thanks to its ease of use and low cost. How can you go wrong with an application that is popular, cost effective, and easy to use? Good question, easy answer: security. […]
20 Questions – A Pandemic Polling Discussion!
By Vigilize - Last updated: Monday, May 25, 2020
Dan is joined by a Panel to discuss the FFIEC’s New AIO Guidance and how it may impact Technology Planning in the future.
Has the security effectiveness of VPNs passed? Another Technical Article by Tanvee Dhir! Why under scrutiny? VPNs (Virtual Private Networks) have been a cardinal piece for secure internet browsing for decades. They offer a secure and encrypted tunnel to transfer your data over the network whether in a home or an enterprise environment. Different vendors […]
An Overview of the FFIEC Architecture, Infrastructure, and Operations Booklet
By Adam Reynolds - Last updated: Monday, July 26, 2021
Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of IT Examination Handbooks. It is an update to their 2004 Operations booklet and, as the name implies, expands into the areas […]
Risk-Based Authentication Practices
By Dan Hadaway - Last updated: Monday, June 21, 2021
A follow-up on Dan’s 2008 Password Manifesto On the NIST Publication on Digital Identity Guidelines Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . In June 2017, NIST released a special publication on digital identity, NIST SP 800-63, that is starting to get the attention […]
‘Disrupted’ Employees: The New Insider Threat?
By Vigilize - Last updated: Monday, April 12, 2021
Employees working from home may find it more difficult to follow security policies… An article review. The surge in employees working from home during the pandemic created many headaches for IT departments around the world, many of whom had no telecommuting policies or procedures before the start… but what about the employees who had to […]
Reinventing Meeting Management Movie
By Vigilize - Last updated: Monday, January 18, 2021
A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]
Zoom Security: No longer an Oxymoron
By Reynolds | Hadaway - Last updated: Tuesday, July 14, 2020
Lessons Learned from Zoom’s Rise… The only constant is change. An illustration of impermanence in information security. Zoom’s popularity is in a large part thanks to its ease of use and low cost. How can you go wrong with an application that is popular, cost effective, and easy to use? Good question, easy answer: security. […]
20 Questions – A Pandemic Polling Discussion!
By Vigilize - Last updated: Monday, May 25, 2020
Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of IT Examination Handbooks. It is an update to their 2004 Operations booklet and, as the name implies, expands into the areas […]
A follow-up on Dan’s 2008 Password Manifesto On the NIST Publication on Digital Identity Guidelines Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . In June 2017, NIST released a special publication on digital identity, NIST SP 800-63, that is starting to get the attention […]
‘Disrupted’ Employees: The New Insider Threat?
By Vigilize - Last updated: Monday, April 12, 2021
Employees working from home may find it more difficult to follow security policies… An article review. The surge in employees working from home during the pandemic created many headaches for IT departments around the world, many of whom had no telecommuting policies or procedures before the start… but what about the employees who had to […]
Reinventing Meeting Management Movie
By Vigilize - Last updated: Monday, January 18, 2021
A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]
Zoom Security: No longer an Oxymoron
By Reynolds | Hadaway - Last updated: Tuesday, July 14, 2020
Lessons Learned from Zoom’s Rise… The only constant is change. An illustration of impermanence in information security. Zoom’s popularity is in a large part thanks to its ease of use and low cost. How can you go wrong with an application that is popular, cost effective, and easy to use? Good question, easy answer: security. […]
20 Questions – A Pandemic Polling Discussion!
By Vigilize - Last updated: Monday, May 25, 2020
Employees working from home may find it more difficult to follow security policies… An article review. The surge in employees working from home during the pandemic created many headaches for IT departments around the world, many of whom had no telecommuting policies or procedures before the start… but what about the employees who had to […]
A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]
Zoom Security: No longer an Oxymoron
By Reynolds | Hadaway - Last updated: Tuesday, July 14, 2020
Lessons Learned from Zoom’s Rise… The only constant is change. An illustration of impermanence in information security. Zoom’s popularity is in a large part thanks to its ease of use and low cost. How can you go wrong with an application that is popular, cost effective, and easy to use? Good question, easy answer: security. […]
20 Questions – A Pandemic Polling Discussion!
By Vigilize - Last updated: Monday, May 25, 2020
Lessons Learned from Zoom’s Rise… The only constant is change. An illustration of impermanence in information security. Zoom’s popularity is in a large part thanks to its ease of use and low cost. How can you go wrong with an application that is popular, cost effective, and easy to use? Good question, easy answer: security. […]
