Tag Archive for: management

Continuous Authentication: The future of Identity and Access Management (IAM)

/in

Although vendor-written, this contributed piece does not promote a product or service and has been edited and approved by Network World editors.

Usernames and passwords act as a gateway. Insert another authentication step on top of these credentials and this gateway becomes harder to infiltrate. But once access is gained, how can the device or Web application be certain that the authenticated user is, in fact, the same person throughout the entire session?

For example, you may log in and walk away from your device, creating an opportunity for someone else to take over your session and thus, your identity. Or more commonly, you may hand the device to a colleague – a non-authenticated user – trusting they won’t do anything nonsensical or malicious. In fact, according to a survey by B2B International and Kaspersky Lab, 32% of respondents who share an Internet-enabled device with their relatives, colleagues or friends noted that they do not take any precautions in protecting their information. 

To read this article in full or to leave a comment, please click here

Network World Security

Intel Management Engine’s security through obscurity should scare the **** out of you

/in

For a long time there was a commonly held belief that open source products were inherently more secure because there was nothing hidden. The thought was that with the code for popular applications out in the open, there’d be scores of good guys looking at every line and bugs and flaws would be few and far between. 

Alas, this turned out to be a pipe dream because even the most examined code can still contain flaws so obscure and arcane, even highly skilled and incredibly talented coders can’t find them. Why? It’s usually because the good guys don’t have the time to play hacker as intensely as the real hackers do. For the bad guys, the rewards for finding exploitable flaws are tangible while for the good guys, the cost of not finding flaws far exceeds, by orders of magnitude, the value of the few flaws they do find because those flaws are the most easily found.

To read this article in full or to leave a comment, please click here

Network World Security

SplunkLive! makes for revealing IT management showcase

/in
SplunkLive Bob Brown/NetworkWorld

SplunkLive! in Boston

With a company and product name like Splunk, you’ve gotta hang a bit loose, as I found upon sitting in at the company’s SplunkLive! event in Boston this week. 

The first customer speaker of the day gave a frank assessment of his organization’s implementation (“the on-premises solution, we struggled with it…”) and his frustrations with the licensing model. You have to give Splunk credit for having enough confidence in its offerings to showcase such a kick-off case study.

To read this article in full or to leave a comment, please click here

Network World Security

Man who entombed Verizon worker gets probation, anger management

/in

Because no one was physically injured or worse, headline writers such as yours truly felt able to characterize the August 2013 incident thusly: “Verizon worker thankful 911 operator could hear him now.”

Today the 73-year-old Massachusetts man who perpetrated the criminal act against that Verizon worker must be equally thankful that a lenient judge has sentenced him to only a year of probation plus an apparently long-overdue anger management class.

From a story in the Worcester Telegram & Gazette:

To read this article in full or to leave a comment, please click here

Network World Paul McNamara