Research, news and updates on threats and cybersecurity
Enable automated password policy enforcement with daily password auditing and customizable remediation. With compromised password detection, custom password dictionary, fuzzy matching with common character substitutions, and continuous ongoing monitoring; enterprises can easily adopt NIST password requirements and eliminate vulnerable passwords in Active Directory. Organizations can adopt NIST password standards to screen for weak, commonly-used, expected, and compromised passwords. Then they …
The US National Institute of Standards and Technology (NIST) just finalized new draft guidelines, completely reversing previous password security recommendations and upending many of the standards and best practices security professionals use when forming policies for their companies.
When planning an organization’s security architecture, there has commonly been a focus on traditional approaches like managing firewalls and ensuring systems are patched. While these are critical components of any organization’s best security practices, there have been several key areas of security planning that have been overlooked. One such area of planning is the issue of password hygiene and account …
Multi-factor authentication (MFA) requires several elements in order to function as real security for your data systems. Each factor in a multi-factor system must be appropriately protected because malicious actors can take advantage of a weak link to dismantle your protection. In part one of our series on the vulnerabilities of multi-factor authentication, we talked about the social engineering tactics …
Reports, op-eds, and documentaries point out that many 2020 pandemic-prompted changes are likely here to stay. From contactless takeout food delivery to the widespread adoption of virtual meetings, the disruption of COVID caused many technological and digital shifts for organizations. According to recent information from PWC, which surveyed businesses cross-industry, CEOs plan to make their companies more digital and virtual. …
Our digital world is reliant on passwords and will be for a long time. As the pandemic forced almost all aspects of life online, protecting privacy and staying safe on the web has become a time-sensitive and growing issue. Passwords have a terrible reputation as the weak link in our approach to cybersecurity in many areas. However, the reality is …
All Hands on Deck The average person is familiar with the idea of security systems at large organizations: key cards, security guards, and ID badges. Similarly, we have a grasp on some small-scale home security: motion-detecting lights, home cameras, and our physical locks and keys. What we haven’t come to terms with is that the digital landscape. It isn’t the …
Over the last few years, Multi-Factor Authentication (MFA) use has become more common across industries. Having MFA associated with your phone number feels comforting, but it’s also plagued by hackers looking for new methods of attack. If you are holding your phone, is it safe to get a text with a confirmation code sent to your device? Hackers have ways …
Many people are feeling hopeful in many areas about receiving their COVID vaccine. A welcome shift from the uncertainty and confusion of the last year. But there are now new challenges to be faced. Among them, the discussion of requiring a vaccine or immunity passport for individuals to take part in activities like international travel, as well as more minor …
We seem enamored with the idea of a ‘passwordless’ society. Not just because it would be an indicator of secure networks, but because trying to keep track of tens of unique, complex passwords is not ideal. There has been plenty of industry and media buzz around the concept of passwordless authentication strategies. Particular attention is paid to strategies like biometrics—which …
Each month that passes, the cybersecurity industry continues to struggle with new hacking techniques, rapidly evolving threats, and how to communicate the severity of the issues to organizations. One problem that can’t necessarily be solved by cybersecurity professionals is the broad category of ‘human error’. In his IT Toolbox article, Josh Horwitz (COO of Enzoic) discusses whether or not Artificial …
How School Districts can defend themselves from increased cyberattacks. While there are changes for each generation of students to experience, it’s safe to say that the impact of the pandemic on the scholastic world in 2020 was dramatic and immediate. The transition from in-person classes to web-based learning was startling for everyone, but especially K-12 students because of the rigid …
