access control
The critical role of authorization in safeguarding financial institutions
According to a recent Cost of Data Breach report, the financial industry has the second highest average cost for a data breach, making the value well worth financial …
3 ways to strike the right balance with generative AI
To find the sweet spot where innovation doesn’t mean sacrificing your security posture, organizations should consider the following three best practices when leveraging AI. …
The power of passive OS fingerprinting for accurate IoT device identification
The number of IoT devices in enterprise networks and across the internet is projected to reach 29 billion by the year 2030. This exponential growth has inadvertently increased …
Adapting authentication to a cloud-centric landscape
In this Help Net Security interview, Florian Forster, CEO at Zitadel, discusses the challenges CISOs face in managing authentication across increasingly distributed and remote …
Google Workspace: New account security, DLP capabilities announced
New capabilities in Google Workspace will help enterprises improve account and data security, by making unauthorized takeover of admin and user accounts and exfiltration of …
Data privacy vault: Securing sensitive data while navigating regulatory demands
In this Help Net Security interview, Jean-Charles Chemin, CEO of Legapass, provides insight into the correlation between maintaining customer trust and protecting sensitive …
5 steps to building NSA-level access control for your app
Access control has become a main concern when it comes to developing secure web applications, and the NSA has a lot to say about it. Especially when it comes to the biggest …
A common user mistake can lead to compromised Okta login credentials
Logged failed logins into a company’s Okta domain could be used by threat actors to discover access credentials of valid accounts, Mitiga researchers have found. Those …
Vulnerabilities in Cisco Identity Services Engine require your attention (CVE-2022-20822, CVE-2022-20959)
Cisco has published a heads-up for admins of Cisco Identity Services Engine solutions, about two vulnerabilities (CVE-2022-20822, CVE-2022-20959) that could be exploited to …
Purpose-based access control: Putting data access requests into context
Access control is the heart of data protection. Striking the right balance between easy access and tight security isn’t easy, but getting it right is how you maintain business …
There is no secure critical infrastructure without identity-based access
Organizational security strategy has long been defined by an internal perimeter enclosing all a company’s information in a single secure location. Designed to keep external …
How complicated access management protocols have impacted cloud security
During AWS re:Inforce, Amazon executives emphasized how important access control is when it comes to cloud security and why IT leaders need to ask who has access to what and …