Beyond mobile device and data security, what are the ID and access challenges facing security leaders - and how are cutting-edge organizations tackling them? CSOs Elayne Starkey and Malcolm Harkins share tips.
Business line managers are in better positions to control and monitor network and system access privileges than IT departments, since they know their employees and the privileges they should be provided, says Bill Evans of Dell Software.
Because managing identities is a global problem, it requires a global solution, says Paul Simmonds of the Jericho Forum. A new organization has been established to address global identity. Simmonds offers insight.
National Institute of Standards and Technology's Jeremy Grant says the government will fund pilot projects to accelerate progress toward the creation of improved, interoperable systems for secure, privacy-enhancing trusted online credentials.
Banking institutions have spent the last two years enhancing authentication to conform to regulatory mandates. Organizations in other sectors can learn important authentication lessons from the banking industry.
Absent a uniform method, the NIST interagency report investigates credential revocation, focusing on identifying missing requirements, and suggests a model for credential reliability and revocation services that addresses those missing requirements.
BYOD cannot be avoided - nor should it be. The benefits to organizations, including increased agility, efficiency and collaboration, are too valuable to ignore. At the same time, organizations must appropriately secure BYOD environments against threats such as malware, theft and malicious insiders.
Five pilot projects unveiled by the federal government, if successful, should build trust in online commerce, helping to boost the economy, says Jeremy Grant, head of the National Strategy for Trusted Identities in Cyberspace National Program office.
The new report aims to help access-control experts improve their evaluation of the highest security access-control systems by discussing the administration, enforcement, performance and support properties of mechanisms that are embedded in each system.
Whether by smart phone, tablet or laptop, mobile banking is where customers and their institutions are headed - and so are the fraudsters.
As banking institutions globally roll out more services through the mobile channel, security leaders are challenged to stay a step ahead of the evolving risks. But what are...