Blog Posts Tagged with "Authorization"

2419b9dc2aa15bd1efadeed440a28aad

Is Your “Father’s IAM” Putting You at Risk?

October 13, 2017 Added by:Jackson Shaw

Identity and access management (IAM) is all about ensuring that the right people have the right access to the right resources and that you can prove that all the access is right.

Comments  (0)

D36d0936f0c839be7bf2b20d59eaa76d

Managing Insider Threats in Today's Digital Age

April 05, 2016 Added by:Steve Durbin

Most research on the insider threat focuses on malicious behavior. However, insider negligence and insider accidents comprise a greater and growing proportion of information security incidents. Chief Information Security Officers (CISOs) who limit their thinking to malicious insiders may be gravely miscalculating the risk.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Call Centers and PCI Compliance

June 28, 2012 Added by:PCI Guru

In a call center environment where operators are taking orders over the phone and accepting credit/debit cards for payment, until the card transaction is either approved or declined, we are talking pre-authorization data. Only cardholder data after authorization or decline is covered by the PCI DSS...

Comments  (2)

B09c361cbdc6cf629affdc7db30a186d

Securing User Credentials On Mobile Devices

November 13, 2011 Added by:Steven Fox, CISSP, QSA

Your mobile device is an interface into systems that can store potentially sensitive information about you, your company or your employer. Given its ease of use and portability, one would expect to find unique, strong credentials to guard against unauthorized access to these resources...

Comments  (0)

637466d18cc35f545740244d707c0482

IBM AS400 (I-Series) Key Controls for User Accounts

November 09, 2011 Added by:Kevin Somppi

It is impossible to prove that a platform or program has no bugs; however, if you take the time to reasonably test and find the obvious vulnerabilities, and challenge the access which your user community has been granted, you stand a better chance of not being compromised...

Comments  (1)

7af56c65866a442699d6dd1dfb02b528

WikiLeaks Lessons for IT Security

January 03, 2011 Added by:Eli Talmor

Obviously Data Loss Prevention policies need to be implemented on endpoint workstations across the Globe: Every document needs to be classified (i.e. encrypted) at generation. The document encrypted should be also “fingerprinted” to prevent distribution in “un-encrypted” form...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Are You Protected From Zeus?

December 31, 2010 Added by:Robert Siciliano

Zeus is designed to steal bank account login credentials. It has traditionally targeted PCs, but has now been updated to attack cell phones as well, with one version of the malware intercepting SMS confirmations sent by banks to customers, and defeating the fund transfer authorization codes...

Comments  (0)