Two-Factor Authentication is one the most common security methods used by small organizations. But not every method is created equal. Although it may feel like your well secured by a traditional method, your company might be the titanic trying to avoid the iceberg, with no idea what costs are lurking below the...
Today, the rise in a cloud-connected, mobile and remote workforce has put the visibility and control of users and devices outside of the enterprise. Zero-trust creates a new identity perimeter. By laying on top of and supporting a hybrid environment without entirely replacing existing investments.
Improvements in behavioral biometrics and analytics are changing the way many financial services firms approach authentication. And more companies also are taking a "zero trust" approach to improve identity and access management, according to two security experts interviewed at RSA 2020.
In None We Trust
The Zero Trust model of information security has become a fixture in both the strategies of enterprise security teams and the roadmaps of security solution developers, and for good reason. Perimeter-focused security architectures that default to high trust levels on the internal network continue to...
Amazon's Ring is mandating the use of two-factor authentication for all users, a move designed to help stop creepy takeovers of the web-connected home security cameras. A passcode will be sent to a user's email address or by SMS.
Dell Technologies has agreed to sell its RSA security division to private equity firm Symphony Technology Group in an all cash deal worth more than $2 billion, the companies announced Tuesday. The news comes on the eve of the annual RSA Conference in San Francisco, which starts Monday.
As an IT and security professional at an SMB, you likely manage more responsibilities than ever. You may be juggling many competing priorities, from the helpdesk to network maintenance to managing user access and securing employee identities. But what exactly is an identity, and what do you need to know to maximize...
Managing today's hybrid work environment is challenging, but securing that environment is equally important - and difficult. Ultimately, you need to connect your users to the right technology at the right time, in a secure way. To know that you're giving the right people access, you first need to have a way to know...
This report analyzes the current state of password security, access, and authentication globally and steps companies are taking to increase their security scores. Organizations are making notable strides in password and access security - but there is still a lot of work to be done.
Download this report to learn:
Twitter says it has fixed an API problem that would have allowed someone to match phone numbers en masse to corresponding accounts, which could potentially unmask anonymous users. The flaw could have been found and exploited by state-sponsored actors, the social media firm warns.
Apple previously scuttled plans to add end-to-end encryption to iCloud backups, Reuters reports, noting that such a move would have complicated law enforcement investigations. But the apparent olive branch hasn't caused the U.S. government to stop vilifying strong encryption and the technology giants that provide it.
In light of rising tensions between the U.S. and Iran, the Association of Executives in Healthcare Information Security recently issued new data security guidance to help the healthcare sector prepare for potential nation-state attacks, says CISO Christopher Frenz, one of the document's authors.
Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises. Citrix says it's developing permanent patches but that enterprises should use its mitigation guidance. In the meantime, attackers are hunting for vulnerable machines.
Adopting the policies in NIST 800-171 brings multiple security-related benefits, including best practices for data access policies, reduced risk of data breaches and insider threats, and a scalable approach to protecting sensitive data.
An advanced persistent threat espionage campaign with suspected ties to the Chinese government quietly targeted businesses and governments in 10 countries for two years, bypassing two-factor authentication, according to a report by Fox-IT.