Identity 101: Thinking Beyond the Borders of the "Office"

Author: 
Mike Talon | @miketalonNYC

Thinking Beyond the Borders of the "Office"

Organizations exploring potential Identity Access and Management (IAM) solutions often begin by determining how best to control the login and other activities of users who are on their own internal networks and/or connected by Virtual Private Network (VPN). This is a great first step but poses several challenges to the modern enterprise that should not be overlooked. The sooner additional factors are considered, the better overall security the organization can deploy. 

Identity 101: What Are Geo-Location and Geo-Velocity?

Author: 
Mike Talon | @miketalonNYC

 

What Are Geo-Location and Geo-Velocity in Identity Authentication?

Geo-location and geo-velocity are just two of the pre-authentication risk checks included in SecureAuth’s adaptive access control solution. Geo-location and geo-velocity can both offer different levels of protection, and may be employed independently or in tandem; but what exactly are they and how do they work? 

Geo-Location

Identity 101: Creating a Secure Password

Author: 
Mike Talon | @miketalonync

 

We all hate passwords. Either you can't remember them, or you re-use the same one over and over to avoid forgetting it. Trying to come up with new passwords is a never-ending battle against human memory versus the potential for someone to guess the one you have. So how do you create secure passwords, and remember them? 

Security Answers in Plain English: Why Do I Have to Change my Password Every 30/60/90 Days?

Author: 
Mike Talon | @miketalonync

 

Why Do I Have to Change my Password Every 30/60/90 Days?

"My company makes me change my password every so often.  Why do they make me do this even if we haven't been breached or anything like that?"

The answer is simple, and there are two reasons why this policy is standard for most companies.  The first is protection against stuff that hasn't happened yet.  The second is protection against stuff that has happened - just not to your company.

Security Answers in Plain English: What is a Man-In-The-Middle Attack?

Author: 
Mike Talon | @miketalonync

 

"I heard on the news about how some sites and mobile apps are vulnerable to Man-in-the-Middle attacks.  What is a Man-In-The-Middle Attack, how does it work, and how can I protect myself?"

Man-in-the-Middle (MitM) attacks are basically one website stepping in-between you and a legitimate website so that whatever you do on the legitimate website can be seen and stolen by the attacker who owns the site in the middle.  There are two common ways this happens:

Customer Update on Spectre and Meltdown

Author: 
Chris Sullivan, CISO SecureAuth and Core Security

 

SecureAuth and Core Security have been monitoring the evolving situation with “Meltdown” (CVE-2017-5754) and “Spectre” (CVE-2017-5753 and CVE-2017-5715) – the recently disclosed processor (CPU) vulnerabilities. Our team has not detected any current impact to customer implementations at this time. We have already initiated our standard processes to test and apply patches in our hosting environments per vendor recommendations.

Turning Your Healthcare Portal Dreams into Reality

Author: 
Jim Wangler, VP of Healthcare

 

The healthcare industry is undergoing a fundamental transformation — from healthcare delivery organization to technology-driven health organization. To thrive, and indeed even to survive, healthcare providers and payers must leave behind old technologies and methodologies and embrace a new, more modern approach to improving consumer engagement, enhancing the customer experience, and reducing risk.

Connected Security Alliance: Stronger Together

Author: 
Christine Mikolajczak

Each year, organizations spend millions of dollars on network and endpoint security, yet breaches continue to happen. Across today’s security vendor landscape, there are hundreds of point products that protect against all points of penetration in the attack lifecycle.

While there is no silver bullet when it comes to infrastructure security, aren’t we stronger together? Shouldn’t security products work together to provide the best protection?

Machine Learning: A Primer

Author: 
David Ross, VP Research - SecureAuth

 

Hey, Siri. What is the capital of New York?” We all know what happens next — Siri provides the answer. How Siri knows the correct answer is not a mystery (we have the Internet to thank for that), but what is more interesting is the fact that Siri is able to understand the question at all.

Siri can understand and respond to human speech for the same reason Facebook knows which friend to tag in a photo before you even type their name. This “knowledge” is a technology called machine learning.

Pages