Archive for 'Access Management' Category
The Importance of Proper Multi-Factor Authentication (MFA) in 2022
Not just because it is becoming an issue of compliance. . . We all know the plot of your typical heist movie – a group of robbers seeks out special bits of information, such as PIN numbers, keycards, FOBs, and even biometrics, all to relentlessly gain entry to a secured vault. These vaults use several […]
The AIO’s Impact on Technology Planning Movie
Dan is joined by a Panel to discuss the FFIEC’s New AIO Guidance and how it may impact Technology Planning in the future.
Zeroing in on VPN Security
Has the security effectiveness of VPNs passed? Another Technical Article by Tanvee Dhir! Why under scrutiny? VPNs (Virtual Private Networks) have been a cardinal piece for secure internet browsing for decades. They offer a secure and encrypted tunnel to transfer your data over the network whether in a home or an enterprise environment. Different vendors […]
An Overview of the FFIEC Architecture, Infrastructure, and Operations Booklet
Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of IT Examination Handbooks. It is an update to their 2004 Operations booklet and, as the name implies, expands into the areas […]
Risk-Based Authentication Practices
A follow-up on Dan’s 2008 Password Manifesto On the NIST Publication on Digital Identity Guidelines Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . In June 2017, NIST released a special publication on digital identity, NIST SP 800-63, that is starting to get the attention […]
‘Disrupted’ Employees: The New Insider Threat?
Employees working from home may find it more difficult to follow security policies… An article review. The surge in employees working from home during the pandemic created many headaches for IT departments around the world, many of whom had no telecommuting policies or procedures before the start… but what about the employees who had to […]
Reinventing Meeting Management Movie
A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]
Zoom Security: No longer an Oxymoron
Lessons Learned from Zoom’s Rise… The only constant is change. An illustration of impermanence in information security. Zoom’s popularity is in a large part thanks to its ease of use and low cost. How can you go wrong with an application that is popular, cost effective, and easy to use? Good question, easy answer: security. […]
20 Questions – A Pandemic Polling Discussion!
Experts Warn of Attacks on Telecommuters
As more offices rely on working remotely, hackers are working to take advantage… An article review. As concerns over the coronavirus continue to mount, more Americans than ever are working remotely from their homes…and hackers are looking to take advantage of the situation. That’s according to the Department of Homeland Security’s Cybersecurity and Infrastructure Security […]