Access Control

Access Control | News, how-tos, features, reviews, and videos

Microsoft Windows security  >  Windows laptop + logo with binary lock and key

6 minimum security practices to implement before working on best practices

Every Windows network admin can improve their security posture by focusing on these six basic areas.

Multifactor authentication  >  Mobile phone verification of a permission request for laptop login.

How to hack 2FA: 5 attack methods explained

As two-factor authentication becomes more widespread, criminals seek novel ways to subvert it. Here's what you need to know.

CSO > Invalidated cyber insurance

17 cyber insurance application questions you'll need to answer

Recent high-profile security incidents have tightened requirements to qualify for cyber insurance. These are the tougher questions insurance carriers are now asking.

Many keys, one lock  >  Brute-force credential stuffing.

Credential stuffing explained: How to prevent, detect, and defend against it

Credential stuffing is the automated use of collected usernames and passwords to gain fraudulent access to user accounts.

secure system / network security policy management

How to prepare for the demise of Windows NT LAN Manager

NTLM is a less secure protocol for authenticating Windows network access. Follow these steps to begin migration off it or to limit its use.

User ID + password / credentials / authentication

SSO explained: How single sign-on improves security and the user experience

Single sign-on (SSO) is a centralized session and user authentication service in which one set of login credentials can be used to access multiple applications.

One avatar is uniquely identified among others at the center of a bullseye in a digital environment.

8 top identity and access management tools

Identity is becoming the new perimeter, and these IAM tools have evolved to help secure assets as organizations rely less on traditional perimeter defenses and move to zero-trust environments.

network security / secure connections / integrated system of locks

5 things CISOs want to hear about zero trust at the RSA Conference

Security executives are interested in how ZT vendors will integrate with existing technologies, supplement ongoing projects, and support business processes.

New York City / digital technology framework / binary code

To better defend digital assets, follow physical security's playbook

It’s high time that the owners and managers of corporate networks take the same approach and sense of urgency to protecting corporate digital assets that their physical security counterparts have taken with building security.

CSO > Password elimination [conceptual password security lock in a trash bin]

The password hall of shame (and 10 tips for better password security)

Banish these common passwords now and employ these tips for better password security.

A large 'X' marks a conceptual image of a password amid encrypted data.

Tips to improve domain password security in Active Directory

Follow this advice to better secure domain passwords in a Microsoft environment.

Conceptual image of a password amid hexadecimal code.

How to reset Kerberos account passwords in an Active Directory environment

A regular reset of the KRBTGT account password will help prevent golden ticket attacks that allow wide unauthorized access to your network.

podcast 3x16 2
Sponsor Podcast Microsoft

Episode 3: The Zero Trust Model

Episode 3: In this episode, we look at the steps organizations are taking toward Zero Trust and provide recommendations for making the most of a Zero Trust model to reduce risk while helping employees be more productive, regardless...

cloud security expert casb binary cloud computing cloud security by metamorworks getty

Cloudflare wants to be your corporate network backbone with centralized management and security

Magic WAN and Magic Firewall aim to simplify linking sites and datacenters while allowing organizations to better enforce security policies.

CSO > breakthrough / penetration testing / sledgehammer breaking through a binary wall

5 tips for a successful penetration testing program

Proper preparation is key to finding the real weaknesses and vulnerabilities in your network through a pentest. These are the five things you need to do before starting.

Admission tickets in an digital network / access / admittance / authorization / authentication

How to defend against OAuth-enabled cloud-based attacks

Use these settings in Microsoft Azure Active Directory to take control of user-requested OAuth access permissions.

User ID + password / credentials / authentication

FIDO explained: How this industry initiative aims to make passwords obsolete

The FIDO Alliance is an industry association that promotes the use of public-key cryptography to bring strong authentication to the Web.

A large 'X' marks a conceptual image of a password amid encrypted data.

Hashing explained: Why it's your best bet to protect stored passwords

Hashing is a cryptographic process that makes it harder for attackers to decrypt stored passwords, if used correctly.

digital fingerprint / binary code

Privacy, data protection regulations clamp down on biometrics use

The highly sensitive nature of biometric data and new regulations aimed to protect it are cause to rethink how it's used for authentication.

adrian ludwig 1200x800px

Inside Atlassian's zero trust implementation

Adrian Ludwig says Atlassian's zero-trust implementation was nearly complete when the pandemic hit. His advice: Define policies to cover all cases first.

Load More
You Might Also Like