Identity & Access

Identity & Access news, information, and how-to advice

rsa moscone south
credit cards keyboard

7 keys

Key management is the biggest pain of encryption

Most IT professionals rate the pain of managing encryption keys as severe, according to a new global survey by the Ponemon Institute

rsa conf 2015

RSAC 2015: RSA Conference (Day 4)

All this week, Salted Hash is in San Francisco for the annual RSA Conference (RSAC). Each day we'll update the blog with breaking news and other details from the show. Today we're going to talk about passwords.

cloud government

Crypto gurus: The government's key escrow plan won't work

World renowned cryptographers highlighted various reasons why creating a master decryption key for the government to use is not practical

mitch mcconnell

Senate leader introduces bill to extend Patriot Act surveillance

The new legislation would extend the telephone records collection section of the law for five years

1 rsa opener

RSA Conference 2015: Criminals targeting gaps in user awareness training

Common Phishing techniques were less effective last year, so criminals changed their game in order to adapt

red white blue whistles

Whistleblowers at risk when using US government websites

More than two dozen U.S. government websites should be urgently upgraded to use encryption, as whistleblowers are potentially at risk, according to the American Civil Liberties Union.

windows phone biometrics security eye fingerprint

18-year-old SMB vulnerability resurfaces, dozens of vendors affected

SPEAR, the research team at Cylance, has discovered new attack vectors for an 18-year-old vulnerability in Windows Server Message Block (SMB). The updated attack vector, called Redirect to SMB, impacts products from Microsoft, Apple,...

att sign

AT&T's data breach settlement called a 'slap on the wrist'

The punishment AT&T received this week from the U.S. government for its sloppy protection of customer data is peanuts and won't scare other companies into taking stronger security measures, some cybersecurity experts said.

privacy please

Welcome to the Internet of Things. Please check your privacy at the door.

Several things can happen to your IoT data, and most of them are bad. Here are the biggest things you need to worry about.

Edward Snowden

Edward Snowden: Don't censor your d**k pics

HBO's John Oliver grilled Snowden during a sit-down interview in Russia

data cloud

Lost in the clouds: Your private data has been indexed by Google

Each day millions of people across the globe create backups of their files. These backups are supposed to offer a measure of assurance that their files are safe and easily recovered if needed. But that's not entirely true.

Lost in the clouds: 7 examples of compromised personal information

While having instant access to your information via the cloud is a major bonus to productivity and convenience, there's a risk that the security trade-off will be too high.

Internet privacy

Microsoft rolls back commitment to Do Not Track

Microsoft today rolled back its commitment to the nearly-dead "Do Not Track" standard, saying it would no longer automatically switch on the signal in its browsers.

ssl secure browser security lock

Wider use of HTTPS could have prevented attack against GitHub

The unique attack method used to disrupt the code-sharing site GitHub over the last week could have been prevented if more websites enabled encryption, the Electronic Frontier Foundation (EFF) said Wednesday.

nac 1

NAC is back. And better than ever

We review 5 of the leading network access control products.

faceless

Big data collection makes it hard for you to remain anonymous

One of the challenges of Big Data collection is maintaining personal privacy. One way to do that is with 'de-identification' - eliminating personally identifiable information. It can be done effectively if those doing the collection...

Hacked, unlocked, unsafe.

Slack boosts security after data breach

Slack, a popular start-up focused on collaboration in the workplace, said on Friday that a database storing user profile information was compromised in February. The incident lasted four days, but the company said that only a small...

032615 bulk

Tech companies call on US to end bulk collection of metadata

The provision in the Patriot Act that allows for the bulk collection of metadata expires in June.

Load More