5 Myths Around Single Sign-On
There are many misperceptions around Single Sign-On (SSO) – all of which need addressing. 5 MYTHS AROUND SSO – BUSTED: 1. SSO is not secure because if a user’s master password is compromised, an attacker could have access to all user accounts. BUST: SSO actually enhances security by reducing the number of passwords a user must […]
What is the FTC Safeguards Rule? And Will it Affect You?
What is the FTC Safeguards Rule? In 1999, The Federal Trade Commission (FTC) initiated The FTC Gramm-Leach-Biley Act’s (GLBA) Safeguards Rule in an effort to safeguard consumers and protect personal information from getting into the wrong hands. FTC Summary: “The Safeguards Rule requires financial institutions under FTC jurisdiction to have measures in place to keep customer […]
Norton LifeLock and LastPass Breaches Raise Doubt about the Security of Password Managers
But are the Wrong Questions Being Asked? Recent news of cyber-attacks on two major security companies has many asking, “Are password managers secure enough to protect our data?” But perhaps there’s a more important question that needs to be addressed. This week, news came of a cyber-attack on Norton LifeLock. Several thousand customers were reportedly […]
Why MSPs are at Risk of Attack
And How MSPs Can Reduce Risk In a joint advisory issued this May, several International government agencies — the Cybersecurity and Infrastructure Security Agency (CISA), the UK’s National Cyber Security Centre (NCSC-UK), the Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NZ NCSC), US National Security […]
Why Experts Urge All Businesses to Strengthen Cybersecurity Now
Multi-Factor Authentication is Top Priority In light of current world events, experts are urging businesses of all sizes to bolster security, with Multi-Factor Authentication (MFA) as top priority for the protection of our digital assets. While conflict may seem far away for most of us, the reality is that cyberspace knows no borders – and […]
You can’t have Security without Privacy
Privacy vs. Security. Can you have both? While there’s a difference, we think the two belong together – especially when it comes to Identity. While data security has become increasingly important for companies of all sizes – with the risk and severity of cyberattack steadily rising – regulations like GDPR, CCPA mean companies are also having […]
What Is Face Verification and How Does It Optimize Passwordless MFA?
How do you secure identity and transactions—especially business, financial, government transactions—in a world that is becoming more and more digital and hyperconnected? It’s time to move on from old and increasingly vulnerable authentication methods, like ID cards and the username-and-password combo, to newer methods that pose a tougher challenge for cybercriminals to get past. Today’s […]
Let’s Discuss Account Takeover, or “ATO”.
What can we do to better protect ourselves and our companies from account takeover? Most of us today still believe we are “too small a fish” to have one of our digital accounts taken over. We think to ourselves that no one wants to read my email or post from my Twitter account or comment […]
BACK TO SCHOOL FOR CYBERCRIME
Schools are top targets for Cybercrime. It’s time to get educated and educate about the risks, and how to implement a Zero Trust framework for security. With students of all ages still in the early days of their academic year, cybersecurity experts issue stern warnings about cybercrime in schools. With the increased use of technology […]
What Are the Best Practices for User Provisioning and De-provisioning?
User provisioning is a standard component of onboarding and involves creating user accounts for a newly hired employee. It entails access to IT resources (including the directory) and to systems, networks, and applications that are vital to the employee’s performance of their job. The usual IT resources provided to a new employee include the […]
How Can You Optimize Passwordless Authentication?
Have you gone passwordless yet? Making the switch may be the best security move you can make today, because passwords are becoming even less secure, especially when you consider users’ tendency to have poor password security habits. For example, 52 percent of users reuse the same password for multiple accounts, and 59 percent of American […]
How Is Authentication Different from Authorization, and Why Should You Have Both?
How Is Authentication Different from Authorization, and Why Should You Have Both? Authentication is concerned with identity, while authorization is concerned with action. Authentication involves validating the identity of a registered user attempting to gain access to data resources such as an application, an API, or microservices. Authorization involves specifying what actions a registered user […]