​​Jimmy Kimmel Sheds Light on Password Security

0

Ace comedian Jimmy Kimmel, who is known for tickling our funny bones through his television shows, tried a social engineering experiment last week. In the backdrop of high profile cyber-security incidents, he wanted to measure how safe people’s passwords are. The show has exposed the harsh truth that despite the ever-increasing threats to information security and data privacy, people attach the least importance to password security!

In the last few days, you might have noticed this viral video in social media. If you haven’t watched it yet, here is the link:

This video should serve as an eye-opener to all of us, especially to those in the IT community. While at the individual level, people tend to us…

Code Spaces AWS Security Breach: A Sad Reminder of the Importance of Cloud Environment Password Management

0
Code Spaces AWS Security Breach

cloud-security

In the recently concluded Black Hat USA, 2014, one of the topics that drew much attention was the session on the pitfalls in cloud environment security. Normally, such deliberations at security conferences are perceived as hypothetical or purely academic. However, it was different this year with security professionals becoming quite interested in this topic. The reason for this is quite obvious – just a while ago, CodeSpaces.com, a code-hosting and collaboration platform went out of business for a whole day because hackers gained access to their Amazon EC2 control panel and deleted data of hundreds of their customers.

According to Code Spaces, the worst security breach started off as …

Passwords, King of Authentication: Long Live the King!

1
King of Authentication

This post is a reproduction of an article I wrote that was originally published in Business Computing World.

King of Authentication

“When you play the Game of Thrones, you win or you die”. One thing that we have learnt from the popular TV show and books is that no one is safe on the throne for long before a younger, stronger, and more entitled claimant comes along to throw you off.

In the authentication battle, passwords have been ruling the kingdom for centuries with methods going back as far as 700 BC when the Spartan military used encrypted scytales to send sensitive missives during war. Despite the historical use of passwords, the overthrowing of this form of authentication has been predicted and heralded for some time now.

I…

Why MSPs Should Take Extra Care in Managing Client Passwords

0
Password Manager Pro for MSPs

Passwords on spreadsheets put client networks at risk, along with Managed IT service providers’ credibility and trustworthiness.

Password Manager Pro for MSPs

Managed IT Service Providers (MSPs) deliver a variety of IT and network management services to their clients. In particular, small and medium organizations are increasingly relying on MSPs to manage part or all of their IT services. Why? Because MSPs can help such organizations by saving costs, offering outside expertise, and meeting business demands quickly, among other critical points. Usually, tasks such as software development, network management, IT infrastructure management, customer support, and data center management are outsourced to MSPs.

MSPs t…

Fully Controlled and Closely Monitored Remote Access, a ​Critical Aspect of DCIM

0

Without proper data center remote access management, administrators invite security issues and waste time. 

remote-access

With more organizations adopting cloud computing and virtualization, data center operations have been proliferating across the globe. This trend creates multiple challenges for data center administrators in IT organizations. These admins need to ensure not only performance and resource utilization, but also data security.

Usually, data centers are located in strategic sites due to factors such as physical security, climatic conditions, environmental factors, and availability of telecommunications and networking facilities. Because keeping the IT workforce at the data centers…

​The Heartbleed Bug: How to Mitigate Risks with Better Password Management

0
Heartbleed

- – – – – – – – – – – – –  – – –  – – –  – – – – – – – – – – – – – – – – – – – – – – – – – – – – –  – – – – – – – – – – – – – – – – – –
As the dust begins to settle down on the Heartbleed bug, it is time to critically assess the password management practices in your organization. After all, pass…

Will passwords become obsolete soon?

0
passwords-are-dead

Will passwords soon become a thing of the past? Have they already become obsolete? This is perhaps one of the most prominent topics under discussion in the technical media these days.

passwords-are-dead

A couple of weeks ago, Forbes.com published a story about the probable public launch of U2F (Universal Second Factor) – a new form of authentication by Google in alliance with Yubico. Through U2F, Google wantsto help move the web towards easier and stronger authentication, where web users can own a single easy-to-use secure authentication device built on open standards, which works across the entire web. Media reports following the story have fuelled wild speculations that traditional passwords will soon …

PCI-DSS 3.0: The Stress on Password Protection & Security [Part-2]

0

[In the previous post, we briefly discussed the requirements proposed for PCI-DSS 3.0. In this post, we’ll discuss the requirements in depth.]

When a customer presents a payment card to a merchant at the point of sale, a chain of operations is triggered in the background. The request-approval process happens across software applications, wireless devices, firewalls, routers, switches, storage devices, telecommunication systems, and a host of other applications. Therefore, your data’s security is directly dependent upon the security of all these devices and applications.

Although several authentication mechanisms are emerging, passwords are still the most prominent mode of authenticatio…

PCI-DSS 3.0: The ‘Security Path’ to Compliance

0

Security and compliance are often used synonymously, even by techies. You can ensure compliance by remaining secure; but mere compliance with certain rules and regulations does not necessarily mean your network is ‘absolutely’ secure.

Many organizations, including some of the world’s prominent enterprises have faced IT security breaches and compromises despite remaining fully compliant with numerous regulations. As organizations embrace new technologies, new threats emerge as well. So, it’s obvious that security is an ongoing activity that requires constant attention.

PCI DSS 3.0

Among the various compliance regulations the Payment Card Industry (PCI) Data Security Standard (DSS), popu…