IdM

How to protect online transactions

Mon, 06 Feb 2012 11:49:34 EDT

New federal guidelines, which took effect last month, recommend multiple layers of security controls beyond the traditional username/password, particularly out-of-band authentication methods.

Resellers See IDM as Security Woes Solution

Mon, 06 Feb 2012 06:59:07 EDT

Identity management remains one of those heady security solutions only accessible by large enterprises because of its complexity and cost. However, the need for better security and the value in managing identity to control risks is finding its way deeper into the market, particularly through the channel, according to SafeNet.

Yubico and SSO Easy Make Single Sign-On With Two-Factor Authentication Easier

Mon, 06 Feb 2012 06:12:36 EDT

Strong two-factor authentication is vital for securing access to SAML-based single sign-on servers and mission-critical applications with sensitive information.

Hackers may be able to outwit online banking security devices

Mon, 06 Feb 2012 06:10:58 EDT

An investigation by BBC Click underlines possible shortcomings in the extra security provided by banking authentication devices such as PINSentry from Barclays and SecureKey from HSBC.

Yubico, CloudPassage partner for cloud server authentication

Fri, 03 Feb 2012 07:37:32 EDT

With YubiKey and Halo GhostPorts, systems administrators can temporarily open up a server management port for designated administrators.

Accessible Archives Announces Shibboleth Compliance

Tue, 17 Jan 2012 19:40:49 EDT

The Shibboleth System is a standards based, open source software package, rapidly growing in popularity. It provides web-based single sign-on across or within organizational boundaries.

Quest Software Announces Speakers for The Experts Conference 2012

Tue, 17 Jan 2012 19:34:22 EDT

The 11th annual technology conference, which is presented by Quest and Microsoft, will be held at the Marriott Marquis & Marina in San Diego, April 29-May 2. TEC offers world-class, 400-level training on Microsoft Identity and Access, Exchange Server, SharePoint, PowerShell, and Virtualization and User Workspace Management technologies for the most experienced IT pros in the world.

Optical transaction signing device limits ebanking fraud

Tue, 17 Jan 2012 10:23:42 EDT

The device uses an optical sensor to read financial transaction data from a Web browser, generating a unique electronic signature that validates each transaction, reducing threats such as Man-in-the-Browser (MitB) and Man-in-the-Middle (MitM), in which hackers hijack legitimate user identities during a transaction and redirect funds.

U.S. Rep outlines online security bill

Tue, 17 Jan 2012 07:03:43 EDT

House Bill H.R. 3523, called the Cyber Intelligence Sharing and Protection Act of 2011, would require the Director of National Intelligence to create a way for the government to share information about online threats with private companies.

YubiKey Supports Password Tote for Increased Identity Protection and Online Password Management

Tue, 17 Jan 2012 06:12:28 EDT

Password Tote is an online consumer password manager that assists in the storing of secure passwords. Password Tote eliminates the worry of losing or forgetting a login password for online services and all passwords are stored in one secure location.

MaxMind and TeleSign Partner to Provide Best-in-Class Multilayer Fraud Prevention

Tue, 17 Jan 2012 06:11:32 EDT

The combination of MaxMind's geolocation and minFraud fraud-risk scoring services and TeleSign Telephone Verification and PhoneID delivers a best-in-breed alliance for fighting against a wide variety of fraud.

Why Password Security Lives On

Tue, 17 Jan 2012 06:09:57 EDT

There appears to have been little research into why password security has remained so popular. It is. perhaps, hard to challenge the orthodoxy which is a replacement is just around the corner and soon users will no longer have to remember strings of letters, digits and symbols in order to access services.

Two-factor authentication isn't enough

Fri, 13 Jan 2012 12:34:13 EDT

As cyber attacks become more complex and intelligent, and as we move towards an increasingly mobile society, two-factor authentication is no longer enough because sophisticated fraud simply leverages the authentication process.

Jericho founder: Get involved in plan for protecting identity online

Fri, 13 Jan 2012 12:19:03 EDT

Paul Simmonds, a founding member of the Jericho Forum, which is now part of The Open Group, is calling for European organisations to get actively involved in providing input to the US-based National Strategy for Trusted Identities in Cyberspace (NSTIC), a project with the goal of protecting identity online.

Sykipot Malware Now Steals Smart-Card Credentials

Fri, 13 Jan 2012 06:23:56 EDT

New variant of malware used by advanced persistent threat (APT) actors out of China challenges DoD, other organizations' two-factor authentication