Subscribe
Blog / Podcast Readers
NEWSGATOR YAHOO
BLOGLINES ITUNES
DEL.ICIO.US DIRECT RSS

Topic: Access Policy

SMS or Not to SMS – Why Should I Care?

by Mischel Kwon on 1/22/2010
Topics: Access Policy | Authentication | Government Policy | Identity Protection | Man in The Middle | Mobile Devices

When you say M06-16 to any government IT or security professional they all know you’re talking about two-factor authentication for any remote access.

Continue Reading

VPN Man-in-the-Middle Attacks: Fact or Fiction?

by Mischel Kwon on 12/7/2009Comments [1]
Topics: Access Policy | Authentication | Government Policy | Identity Protection | Man in The Middle

It seems that just as we move forward in securing our networks, we take two steps back. Or do we?

In 2006, the Office of Management and Budget (OMB) required two-factor authentication and VPN technology through the M-06-16 memo. Departments and Agencies moved quickly to deploy both two-factor authentication as well as VPN technology.

Continue Reading

Speaking of Security Podcast #151

by Podcast Producers on 6/22/2009
Topics: Access Policy | Collaboration | Data Loss Prevention | E-Security | Insider Risk | Podcasts | Risk | Software Security

Click to Download/Listen

Roland Cloutier, VP and CSO of EMC joins us on this week's Speaking of Security podcast.

Continue Reading

Speaking of Security Podcast #147

by Podcast Producers on 5/11/2009
Topics: Access Policy | Government Policy | Podcasts | RSA Conference | Usability

Click to Download/Listen (14:00)

This week's Speaking of Security podcast presents a lively conversation with Shannon Kellogg, Director of Information Security Policy for EMC's Office of Government Relations on security related activity in Washington, DC.

Continue Reading

RSA Answers the Call To Arms

by Sam Curry on 4/27/2009
Topics: Access Policy | Data Loss Prevention | Encryption | Software Security

In Art’s keynote last week at RSA Conference, he made a clear call to the industry.  We have to be more organized, more coordinated and more collaborative than either the enemy or than the industry has a history of being.  Art had three calls to action:

  1. Integrate and Interoperate
  2. Create and Adopt Standards
  3. Share Technology

Continue Reading

Speaking of Security Podcast #129

by Podcast Producers on 11/17/2008
Topics: Access Policy | Identity Protection | Podcasts

Click to Download/Listen (08:34)

This week's Speaking of Security podcast features an on-the-scene report from the Gartner Identity and Access Management Summit, one of the key shows on the security event calendar. The Summit was held last week in Orlando, Florida.

Continue Reading

Password Expiration: Like Margarine and Water?

by Dr. Ari Juels on 5/29/2008Comments [2]
Topics: Access Policy | Authentication

We often swallow ideas that we needn't or shouldn't. Take the onetime urging of nutritionists to substitute margarine for butter in the cause of cardiovascular health. When this advice was first circulating, most margarines contained high quantities of trans fats, concoctions that have turned out to be so harmful - to the heart, among other things - that they are now banned in restaurants in NYC. Similar dogma applies to the advice to drink eight eight-ounce glasses of water a day for overall good health. Everyone knows the advice. But no one seems to know where the 8x8 rule comes from or if it is good or bad. So what pieces of conventional wisdom in computer security are like margarine and the 8x8 water doctrine? I'd hold forth password expiration as a prime candidate.

Continue Reading

RSA FraudAction Research Lab

Blog

Eric Baize: Software Security Assurance Blog

Blog

Sam Curry

Blog

Todd Graham: Deconstructing Governance, Risk and Compliance

Blog

Dr. Ari Juels

Blog

Shannon Kellogg

Blog

Mischel Kwon

Blog

Uri Rivner

Blog

Paul Stamp: Token Security Guy

Blog
Securing Virtualization Bloggers

Securing Virtualization Blog
Follow RSA on Twitter
BLOGS
Speaking of Security:
About|Contact|Disclaimer
Date:

Topics:

Access Policy : 7
Authentication : 43
Business Continuity : 12
Cloud Security : 15
Collaboration : 7
Compliance : 93
Data Loss Prevention : 26
E-Security : 79
Encryption : 35
Government Policy : 90
Healthcare : 4
Identity Management : 8
Identity Management : 5
Identity Protection : 107
Insider Risk : 12
Man in The Middle : 14
Mobile Devices : 8
Online Fraud, Fraudsters : 96
Other : 42
PCI : 41
Phishing : 42
Podcasts : 171
RFID : 11
Risk : 44
RSA Conference : 36
Securing Virtualization : 9
SharePoint : 2
SIEM : 26
Software Security : 36
Standards : 20
Strategy : 48
Usability : 5
Virtualization : 18
© 2010 RSA Security. All rights reserved | Privacy | Legal | Site Map

RSA, The Security Division of EMC, provides Secure Data, Compliance, SIM, SEM, SIEM, PCI, Consumer Identity, Two-Factor Authentication, Custom Applications, Consulting, Assessment, and other security solutions and services to over 90% of the Fortune 500.
 
Access Control |  Authentication and Identity Assurance |  Credential Management |  Data Loss Prevention |  Data Encryption and Key Management |  Fraud Prevention |  Security Information and Event Management |  Log Management |  IT Compliance |  ISO 27002 Compliance |  Information Risk Management for Financial Services |  Payment Card Industry Data Security Standard | 
 
RSA Access Manager
RSA BSAFE
RSA eFraudNetwork
 RSA Data Loss Prevention
RSA Consumer Solutions
RSA FraudAction
 RSA Digital Certificate Solutions
RSA Encryption/Key Management
RSA Enterprise Data Security
 RSA enVision
RSA SecurID
RSA Smart Cards

 RSA Federated Identity Manager
RSA Adaptive Authentication