Many people may have been surprised by the massive Sony Pictures hack that happened late 2014, but security experts saw it coming a long time ago. In 2005, Sony received an auditing report that they were Sarbanes-Oxley (SOX) incompliant.... Read More
Will you pass a HIPAA audit?
One of the most valuable types of data is online healthcare patient data. Multiple Health Insurance Portability and Accountability Act (HIPAA) breaches in the past showed that fraudsters obtained the records and filed false claims with insurers or bought... Read More
UK spy agency wants you to ditch pointless password policies
The UK intelligence agency, the Government Communications Headquarters (GCHQ), released new password guidance in a report titled “Password guidance: simplifying your approach.” The guidance acknowledges the “password overload” problem people face when remembering multiple passwords and the difficulty in... Read More
Press release: Specops Software enhances Specops uReset® with Multi-factor Authentication Weighted Identity
New Version of Specops uReset® helps end-users understand Flexible Multi Factor Authentication. Takeaways: Weighted Identity introduced Promotes understanding and adoption of self service password reset service Montgomery County Community College reduces helpdesk calls with Specops uReset Stockholm, November 11,... Read More
Social engineering warning: watch out for that password reset call
Fake password reset calls are the new hack Service desk staff are trained to help users with password related issues gain access to their account. This makes them popular targets for hackers. According to the 2018 Verizon Data Breach... Read More
Turn mobiles into high-trust devices
Passwords have well-known drawbacks for user authentication. They are hard to remember and easy to hack. Organizations are increasingly adopting two-factor or multi-factor authentication to strengthen passwords and safeguard online information. The high-trust device in your pocket It the... Read More
Who knows the answers to your security questions?
Security questions, also known as challenge questions or secret questions, are a way to help you recover access to accounts when you forget your passwords. Security questions are meant to protect your accounts but they can actually provide hackers... Read More
Claims-Based Identity: A Better Model for Authentication
Claims-based identity is a common method used by applications to obtain identity information about a user that another application has authenticated. Claims are pieces of information about a user that have been packaged and signed into security tokens and... Read More
Using claims-based identity to achieve multi-factor authentication
Claims-based identity in real life The claims-based identity model is a secure way to authenticate users for access but understanding how the trust relationship works is key. Instead of jumping into claims, security tokens and Identity Providers let’s talk... Read More
Press release: Specops Software launches Specops uReset to deliver flexible multi-factor authentication for password resets
Specops uReset eliminates the need for security questions Many identity services and admin enrollment options increase usage Mobile handsets can be used for high-trust authentication Stockholm, April 23, 2015 – Specops Software announced today the launch of the next... Read More