passwords

Protecting PingFederate® Users with RSA SecurID® Access

It’s 10 o’clock. Do you know where your users are? Believe it or not, there was once a time when this question was easy to answer. If “Steve” was logged into the corporate network, there was a very high-level of certainty you would find him sitting in his cube, on the 4th floor of building…

Protecting VMware Workspace™ ONE™ Users with RSA SecurID® Access

While 1999 brought us the Breitling Orbiter 3, Warner Bros. sci-fi thriller “The Matrix,” and Britney Spears mega-hit “Baby One More Time,” it was also a banner year in cybersecurity. During the last twelve months of the millennium, we witnessed the advent of Microsoft’s Windows 98 release, the arrival of the American Express “Blue” card…

Chances are your account has been breached

When it comes to protecting personal data, there are three types of people in the world: Those who go to great lengths to protect their personal information, using unique passwords and trying to remain un-breached. Those who are ignorant or ambivalent to the impact of breaches and the personal security risk they entail. Those who…

New Survey: Consumers Increase Security Expectations in Wake of Password Breaches

Several years ago, I was talking to an organization which had recently deployed risk-based authentication on its online customer portal. Based on their business model, I was especially curious to learn why they had selected to add consumer authentication to their website.  The answer was simple, “It is a competitive advantage for us.” Fast forward…

Your Cell Phone has a dirty little secret it does not want to tell you

If you are a fan of the CBS Show 60 Minutes  you may have seen a couple of well-done episodes around the espionage and intrigue of spies hacking cell phones. The problem is that these episodes don’t go far enough informing the average user as to the extent of the vulnerabilities. Inter-telco communications leverages a protocol…

Act at the Speed of Fraud: Take the Challenge

How fast can you find fraud?  That is the challenge put forth by the RSA Fraud & Risk Intelligence team at RSA Conference 2017. Why the emphasis on speed? Simply put, the faster an organization can isolate the source of fraud, the faster they can respond. And based on RSA’s research, there is a gaping…

Credential Checking Services Soar in Popularity on Dark Web

If you’ve ever needed another reason to not recycle your passwords, I give you Sentry MBA. Although the tool has been around for a couple of years, it has recently been soaring in popularity among those in the fraud community which is no surprise with more than 1.5 billion consumer credentials breached so far this year. The…

The Perils of Consumer Single Sign-On

From social media to gaming sites, every headline of a new breach makes me groan, “Time to change my password.”  It’s a begrudging task, but I still have not been pwned.  Aside from the risks associated with the common problem of password recycling among consumers, there are far too many online websites that enable consumers…

Account Takeover Gains Full Visibility with Web Behavior Analytics

Interest in and adoption of web behavior analytics is surging because of its ability to interpret the navigation and intent of each visitor to the website and as one of the best ways to protect the business against the skyrocketing rates of website fraud.  Account takeover is one of the predominant threats plaguing organizations with…

Wearables leaking your passwords? We can solve that.

Recently, I wrote about  a newly published white-paper showing the power of wearable devices to help determine if users are who they claim to be, on a continuous basis. The paper describes a method, which in part relies on correlating a user’s gestures and movement on 2 devices in proximity of each other: The user’s…