About Us | Contact Us
View Cart
Archive for 'Access Management' Category

Temporary Passwords: A Potential Weak Link

By Vigilize - Last updated: Monday, April 16, 2018

Some small organizations continue to use customer data to generate initial passwords, despite the risks. An article review. When rolling out a new online banking platform organizations are often faced with the task of issuing new usernames and passwords to existing users, but how they choose to do that can have a big impact on […]


Firewall Log Retention: Beyond The Guidance

By Dan Hadaway - Last updated: Monday, March 26, 2018

In the absence of specific guidance, organizations are left to use their judgement in retaining logs… Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Not long ago a Client asked for my input on their firewall log policy, as they were collecting logs but […]


Object Access Limitations

By Matt Jolley - Last updated: Monday, March 5, 2018

Object Access Limitations. . . While offering some visibility, there are limitations to object access monitoring. If your organization has to comply with industry regulations such as GLBA, HIPAA, or Sarbanes Oxley, you know that maintaining data security and privacy are important, and one of the ways you can accomplish that is with object access […]


Cybersanity in the Incident Response Age

By Jolley | Hadaway - Last updated: Friday, November 3, 2017

Infotex is finally ready to say something about the Equifax Breach, the Ultimate Educational Moment. This Jolley | Hadaway article will explain why we’ve been silent, ’til now!


Forgotten But Not Gone: The Ex-Employee Risk

By Vigilize - Last updated: Friday, August 25, 2017

Failure to deprovision former employees presents a real risk to businesses. An article review. When terminating an employee you probably make sure that they turn in keys, access cards, and any other physical access credentials, but how sure are you that their electronic credentials have been revoked? A new study being highlighted by CIO Insight […]


Small Business Resource Page

By Dan Hadaway - Last updated: Friday, August 25, 2017

Dan has whittled all the noise to five resources a Small Business Owner should investigate (and utilize).


Former NIST Official Regrets Issuing Password Guidance

By Vigilize - Last updated: Monday, August 21, 2017

Bill Burr admits security advice actually created more vulnerable passwords. An article review. If you’ve ever angrily questioned some seemingly arbitrary rule when creating a new password, there is some vindication for you: the former government official whose password security suggestions became the basis for many organization’s own standards now says he regrets writing the […]


Nine Years Later, NIST Agrees With Dan!

By Vigilize - Last updated: Friday, May 19, 2017

For the sake of user comfort, new draft document calls for an end to mandatory password changes, and other requirements. An article review. Long-time readers may remember Dan’s Password Manifesto, originally published in the Hoosier Banker Magazine inĀ 2008, where he spoke out against the “conventional wisdom” requiring frequent password changes, advocating instead other mitigating factors […]


With Windows Hello, Users May Be Trading Security For Convenience

By Jolley | Hadaway - Last updated: Tuesday, September 13, 2016

Better think twice . . . or spring for the enterprise edition . . . before you use Windows Hello as a “stronger” authentication method.


Alarming Recurring Finding

By Dan Hadaway - Last updated: Tuesday, March 8, 2016

“Mal-Configured Secure E-MailĀ . . .” A new risk arises as Secure Messaging Enters the Late-Majority Adoption Phase! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . So we’re auditing a bank and they send us files using their shiny new “Secure E-Mail System” and guess […]