Access Control
Access Control | News, how-tos, features, reviews, and videos
Sponsor Podcast in partnership with Microsoft
Episode 3: The Zero Trust Model
Episode 3: In this episode, we look at the steps organizations are taking toward Zero Trust and provide recommendations for making the most of a Zero Trust model to reduce risk while helping employees be more productive, regardless...
Cloudflare wants to be your corporate network backbone with centralized management and security
Magic WAN and Magic Firewall aim to simplify linking sites and datacenters while allowing organizations to better enforce security policies.
5 tips for a successful penetration testing program
Proper preparation is key to finding the real weaknesses and vulnerabilities in your network through a pentest. These are the five things you need to do before starting.
How to defend against OAuth-enabled cloud-based attacks
Use these settings in Microsoft Azure Active Directory to take control of user-requested OAuth access permissions.
FIDO explained: How this industry initiative aims to make passwords obsolete
The FIDO Alliance is an industry association that promotes the use of public-key cryptography to bring strong authentication to the Web.
Hashing explained: Why it's your best bet to protect stored passwords
Hashing is a cryptographic process that makes it harder for attackers to decrypt stored passwords, if used correctly.
Privacy, data protection regulations clamp down on biometrics use
The highly sensitive nature of biometric data and new regulations aimed to protect it are cause to rethink how it's used for authentication.
Inside Atlassian's zero trust implementation
Adrian Ludwig says Atlassian's zero-trust implementation was nearly complete when the pandemic hit. His advice: Define policies to cover all cases first.
7 best practices when selecting a PAM solution
The right PAM solution will enable security and compliance teams to define and enforce robust privileged account policies. So how do you pick the right PAM solution?
New US digital identity legislation promises more secure verification
COVID-19 has exposed the US’s lack of a comprehensive digital identity strategy. If passed, the Improving Digital Identity Act of 2020 will address this need through engagement among federal, state and local governments.
The five best Kubernetes security practices
Everyone is moving to containers for their programs, and to manage them, almost everyone is using Kubernetes. That leads to one big problem: How do you secure Kubernetes itself?
Is now the time to deploy passwordless options?
Viable options are now available to supplement or eliminate (almost) the need for password authentication. Here are reasons why passwordless might work for you.
What the use of open banking means for identity networks
By connecting identity data from multiple sources through APIs, the open banking concept can help verify identity more reliably and improve the customer experience.
What is a dictionary attack? And how you can easily stop them
A dictionary attack is a targeted form of brute force attack that runs through lists of common words, phrases, and leaked passwords to gain access to accounts.
8 steps to protecting login credentials
Follow this advice to help users and network admins to better protect login credentials to corporate systems.
Protect your Windows network from excessive administrator rights
Every developer or user on your network with administrative privileges adds risk of account compromise. Review privileges and take these steps to better manage Windows network access rights.
5 best practices to secure single sign-on systems
Don't assume that SSO is inherently secure. Follow these recommendations to prevent unauthorized access due to authentication flaws.
