-
IT in Europe, Security Edition: Password security standards and trends
Passwords have long been a security problem. This IT in Europe: Security Edition looks at password trends and alternative forms of authentication. Learning Guide
-
Alternatives to passwords: Replacing the ubiquitous authenticator
As the relative security of passwords falters, are they destined for obscurity? Feature
-
IT in Europe: Information Security Edition e-zine
e-zine
-
2009 Royal Holloway University of London MSc thesis series
Read a group of information security articles -- from the highly technical to the basic -- authored by recent MSc graduates of Royal Holloway University of London (RHUL). Royal Holloway eBook Seri
-
Enhanced Identity and Access Management
From consolidating directories to automating provisioning and rolling out single sign-on, these sessions identify how leading organizations are strengthening authorization and enforcing access controls. Session Downloads
-
Risk-based authentication
The concept of risk-based authentication is becoming popular for some online business-to-consumer transactions, particularly those conducted with banks and other financial services firms. Information Security maga
-
Authenticating Windows
Three options for Windows authentication with eSSO clients. Information Security maga
-
Information Security Quizzes
Test your knowledge of everything security, from network security to regulatory compliance, with our collection of quizzes. Security Quiz
-
XML Security Learning Guide
Securing XML is an essential element in keeping Web services secure. This SearchSecurity.com Learning Guide is a compilation of resources that review different types of XML security standards and approaches for keeping your XML Web services secure. Learning Guide
-
RSA Conference 2006
Can't make it to RSA 2006? Check out our continuous coverage from the show floor. Conference Coverage
-
Jericho founder: Get involved in plan for protecting identity online
Respected identity expert Paul Simmonds says the NSTIC's identity project needs European involvement, or it may not meet Europe's needs. News | 13 Jan 2012
-
Is it the end of the line for antivirus signatures?
Traditional antimalware can't keep up with the threat landscape. Are antivirus signatures destined for the rubbish bin? News | 29 Dec 2011
-
Emerging 2012 security trends demand information security policy changes
2012 security trends involving cookies, fines, devices and threats will demand more skills -- and a little finesse -- from security professionals. News | 29 Dec 2011
-
Web inventor Tim Berners-Lee on vision for the future of IT security
Web inventor Tim Berners-Lee told RSA Europe attendees the future of IT security must include greater simplicity for users. News | 14 Oct 2011
-
RSA Europe Conference 2011: Nation state groups behind RSA attack
RSA revealed a “nation state” was behind the SecurID attack in March. Twitter and Facebook are still banned at RSA. News | 13 Oct 2011
-
Lost NHS medical records: Laptops had unused encryption software
The NHS has suffered another breach, this one compromising 18 million records. Worse yet: The laptops could have been encrypted with already purchased software. News | 16 Jun 2011
-
How West Midlands police collared identity and access management vendors
Streamlining access is extremely important for the 15,000-person unit, particularly when dealing with information as sensitive as that in police records. News | 07 Jun 2011
-
After breach at RSA, two-factor authentication options abound
Companies specialising in two-factor authentication hope to boost business following the breach of RSA's SecurID, and many plan to capitalise with new products at Infosecurity Europe. News | 08 Apr 2011
-
Cloud access control: Plug-in alters applications on a per-user basis
The new browser plug-in allows for per-user access controls with cloud application features, but at launch is limited only to Salesforce.com and Google Apps and browsers IE or Firefox. News | 30 Mar 2011
-
What is OpenID? How to use OpenID SSO in your organisation
An OpenID SSO system allows organisations to simplify website user authentication management. But is OpenID security an issue? Expert Michael Cobb explains. News | 22 Mar 2011
- See More: News on Secure User Authentication and Authorization
-
Assessing home offices for compliance with security teleworking policy
Get advice on how to assess employee's home offices for security and policy compliance. Tip
-
A pen tester’s perspective on creating a secure password
A pen tester explains the importance of creating a secure password Tip
-
How to prevent unauthorised personnel from hacking voicemail
Keeping attackers out of sensitive corporate voicemails can be as easy as updating PIN policies. Tip
-
RSA Europe 2011: IT security conference coverage
All the news from RSA Europe 2011. Read news, features, tips and blogs from the London based IT security conference. Tip
-
Website secure login: Alternatives to out-of-wallet questions
Learn about alternatives to static knowledge-based authentication and out-of-wallet questions for secure website logins in this tip. Tip
-
Online authentication methods: Personal information cards and Web SSO
Learn more about information cards authentication and how it can help lock down online authentication at your organisation. Tip
-
RFID projects: Implementation considerations, RFID security concerns
RFID projects can aid organisations in many ways, including improving physical security. Learn more in this tip from Michael Cobb. Tip
-
Virtual server access control: Tactics for IT segregation of duties
Ensuring virtual server administrators only access servers that they are authorised to view can be quite a challenge. Virtualisation security expert Ben Chai examines the problems, and the tools and tactics to help control virtual server access. Tip
-
SMS two-factor authentication for electronic identity verification
Tokens are no longer the only choice when it comes to OTPs and electronic identity verification. Learn about new two-factor authentication options involving SMS and mobile phones. Tip
-
How to configure IIS authorization and manager permissions
David Shackleford reviews authorization rules that will help you secure your IIS 7 Web server. Tip
- See More: Tips on Secure User Authentication and Authorization
-
How effective are password hack tools?
Richard Brain, our resident application and platform security expert, explains why strengthening a password is so important. Ask the Expert
-
Should PKI systems be used for laptop encryption?
In this expert reponse, Joel Dubin discusses the pros and cons of using PKI systems for laptop encryption. Ask the Expert
-
What type of protections should security question and answer authentication credentials have?
Identity management and access control expert Joel Dubin discusses how corporations can secure security question and answer authentication credentials. Ask the Expert
-
Traditional single sign-on (SSO) products versus federated identities
Identity management and access control expert Joel Dubin discusses the pros and cons of single sign-on products and federated identities. Ask the Expert
-
Best practices for deploying enterprise single sign-on (SSO)
In this expert response, Joel Dubin discusses some enterprise single sign-on (SSO) best practices and common obstacles. Ask the Expert
-
How do anonymous credentials and selective disclosure certificates affect enterprise IAM?
In this expert response, security pro Joel Dubin defines anonymous credentials and selective disclosure certificates, explains how they work and unveils how these two factors can affect enterprise IAM. Ask the Expert
-
Choosing from the top PKI products and vendors
In this expert response, security pro Joel Dubin discusses the best ways to compare PKI products and vendors for enterprise implementation of PKI. Ask the Expert
-
Does single sign-on (SSO) improve security?
In this expert response, security pro Joel Dubin discusses the impact that enterprise single sign-on (SSO) can have on a security program. Ask the Expert
-
What are the pros and cons of using keystroke dynamic-based authentication systems?
In this SearchSecurity.com Q&A, security pro Joel Dubin discusses the positive and negative aspects of using keystroke dynamic-based authentication systems. Ask the Expert
-
Can the symmetric encryption algorithm for S/MIME messages be changed?
Encryption algorithm requirements ensure a base level of interoperability among all S/MIME implementations. Email clients, however, can add additional algorithms, provided they correctly identify which algorithms a particular message uses. Expert Mic... Ask the Expert
- See More: Expert Advice on Secure User Authentication and Authorization
-
UK Identity Cards Act
The UK Identity Cards Act is a framework of enabling legislation for a British National Identity card passed in 2006. The Act has not yet gone into full-scale development or deployment... (Continued) Word
-
Chip and PIN
Chip and PIN is a UK government-backed initiative to implement the EMV (short for Europay, Mastercard and Visa) standard for smart payment cards... (Continued) Word
-
Jericho founder: Get involved in plan for protecting identity online
Respected identity expert Paul Simmonds says the NSTIC's identity project needs European involvement, or it may not meet Europe's needs. News
-
Assessing home offices for compliance with security teleworking policy
Get advice on how to assess employee's home offices for security and policy compliance. Tip
-
IT in Europe, Security Edition: Password security standards and trends
Passwords have long been a security problem. This IT in Europe: Security Edition looks at password trends and alternative forms of authentication. Learning Guide
-
Is it the end of the line for antivirus signatures?
Traditional antimalware can't keep up with the threat landscape. Are antivirus signatures destined for the rubbish bin? News
-
Emerging 2012 security trends demand information security policy changes
2012 security trends involving cookies, fines, devices and threats will demand more skills -- and a little finesse -- from security professionals. News
-
Alternatives to passwords: Replacing the ubiquitous authenticator
As the relative security of passwords falters, are they destined for obscurity? Feature
-
A pen tester’s perspective on creating a secure password
A pen tester explains the importance of creating a secure password Tip
-
How to prevent unauthorised personnel from hacking voicemail
Keeping attackers out of sensitive corporate voicemails can be as easy as updating PIN policies. Tip
-
IT in Europe: Information Security Edition e-zine
e-zine
-
RSA Europe 2011: IT security conference coverage
All the news from RSA Europe 2011. Read news, features, tips and blogs from the London based IT security conference. Tip
- See More: All on Secure User Authentication and Authorization
About Secure User Authentication and Authorization
Get information on how basic, multifactor and two-factor authentication can enhance access management. You will also receive advice and information on how to secure user authentication and authorization and how to implement Web, password and user authentication.