Archive for the ‘security’ Category
A few weeks ago I attended a summit on advanced persistent threats (APTs)[1] run by on of the major security vendors. So that people could speak freely there it used Chatham House Rules, so sadly I can’t attribute the piece of insight that I’m going to share here. About five or six years ago I wrote a security monitoring […]
Filed under: security | 1 Comment
Tags: APT, cones, eye, eyeball, monitoring, MSSP, rods, security, SEM, SIEM, sim, SOC
It’s time for another one of those posts where the purpose is to save me from repeating myself, and also hopefully seed some ideas into the industry. I take inspiration from my recent purchase of some Vibram Five Fingers, which I hope to review here another day. It boils down to this – I see […]
Filed under: identity, security | 1 Comment
Tags: account, audit, break glass, entitlements, idm, portal, provisioning, review, self service, service, system, technical
The wrong sort of radio
This post is about the madness of corporate web filters in the age of ubiquitous consumer devices with Internet connectivity. I typically see three types of connectivity in any given corporate setting: The company network. Usually wired, but sometimes with a wireless adjunct, this network offers the same liberty as an oppressive Middle East regimes[1]. This […]
Filed under: security, technology | 5 Comments
Tags: 3G, data, filter, filtering, HR, mobile, policy, security, social, time, web, wifi
Social Documents
Document management sucks! There – I said it. I challenge you to prove me wrong. I haven’t yet found a document management system (DMS) that’s fit for purpose, and I think I know why. It’s not about the technology. Documentum might hark from the client server era, and Alfresco trumps that with its SOA, but […]
Filed under: e2.0, security | 4 Comments
Tags: annotation, attribute, bookmark, dms, document, document management system, DRM, e2.0, enterprise 2.0, file, folder, role, search, security, social, social object, tag, tagging, tags
3D (in)Secure
It’s not news that the 3D Secure system that gets branded as ‘Verified by Visa’ is a steaming pile of something that should be scraped off shoes rather than presented on screens. Ben Laurie was the first serious voice of dissent (that I noticed), but then along came Ross Anderson and Steven Murdoch to ensure […]
Filed under: could_do_better, security | 2 Comments
Tags: 3D Secure, additional cardholder, cardholder not present, CNP, credit, credit card, joint account, liability, payments, phishing, security, Verified by Visa
Digital 9/11
This post is probably going to get me into trouble, but this stuff needs saying. There’s been a sudden outburst of sanity today about this topic, so I feel obliged to throw in my 2¢. A few weeks back I heard somebody say that we hadn’t yet seen a ‘digital 9/11’. I think what they […]
Filed under: security | 2 Comments
Tags: 9/11, cyber, intelligence, movie plot, response, security, terrorist
The MAC hullabaloo
Kim Cameron has had lots of interesting things to say over the past few days about the security and privacy implications of harvesting MAC addresses in the wake of Google being somewhat caught out with their activities in this area. Today though he has a piece where I think he’s crossed over the Chicken Little line. In […]
Filed under: identity, security | Leave a Comment
Tags: cardspace, information card, Kim Cameron, MAC, MACs, privacy, security, streetview, wifi
A little while ago I put out a plea for stronger authentication for Google Apps, and it seems that my wish has been granted with Tricipher launching their myOneLogin for Google Apps[1]. I had tried myOneLogin before, and frankly wasn’t too impressed. This time things are different though, the issues I’d seen before with Chrome compatibility and […]
Filed under: identity, security | 2 Comments
Tags: authentication, google, identity, saas, security, strong authentication, tricipher, verisign, vip
Two wishes granted – an API for XACML, and OpenID from Google Apps. Wish three – strong(er) authentication for Google Apps to make SaaS more secure.
Filed under: identity, security | 1 Comment
Tags: directories, google, identity, idm, ldap, ldif, OpenID, saas, security, strong auth, strong authentication, twittergate, xacml
Something needs to be figured out so that users can’t pwn censorship rights over networks where the admins have been smart enough to choose a ‘better’ DNS service, but not smart enough to take active control over its management.
Filed under: security | 2 Comments
Tags: censorship, OpenDNS, pwnage
Chris Swan's Weblog 