Filter By:

Recent Blogs & Podcasts



December 18, 2017 | Password Management
By Aaron Turner, IANS Faculty

 Choose an Effective Password Manager

Consumer-grade password management options abound, but can any of them be considered enterprise-grade? In this Ask-an Expert written response, IANS Faculty Aaron Turner says no password manager can replace an effective federated identity strategy, although they can help with certain enterprise use cases. 

Read More »

December 14, 2017 | Security Policies and Strategy
By Marcus Ranum, IANS Faculty

 Communicate Cybersecurity Vulnerabilities Effectively

Communicating cybersecurity vulnerabilities to customers can sometimes feel like more of an art than a science. In this Ask-an-Expert live interaction, IANS Faculty Marcus Ranum offers a clear blueprint for communicating effectively to ensure customers are protected and the organization does not face undue risk.

Read More »

December 13, 2017 | IT Asset Disposal (ITAD)
By Chris Gonsalves, IANS Director of Technology Research

 Trash Talk: Addressing the Security Menace Lurking in Old IT Assets

Every IT department has a dirty little secret: closets filled with old, unused gear that pose significant risk to the organization. In this webinar, Chris Gonsalves looks at the perils and security implications of improperly disposing end-of-life IT assets and discusses responsible, appropriate methods of equipment wiping, destroying, recycling and repurposing with an eye toward reducing risk and ensuring data confidentiality and integrity.

Read More »

December 13, 2017 | DevOps Organization and Strategy
By Shannon Lietz, IANS Faculty

 Secure DevOps Requires Focus on Components and Developer Responsibility

Determining where, when and how to scan for vulnerabilities within a DevOps environment isn't straightforward. In this Ask-an-Expert live interaction, IANS Faculty Shannon Lietz recommends focusing early in the process to create secure components, while also fostering a culture where developers take responsibility for the security of their own code.

Read More »

December 11, 2017 | Security Policies and Strategy
By Dave Shackleford, IANS Faculty

 Create a Practical, Scalable Cloud Policy

As organizations start moving quickly to the cloud, getting the right cloud governance structure in place becomes paramount. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford provides key considerations, sample language and optimal processes for ensuring your cloud policies will be workable both today and over the long term.

Read More »

December 7, 2017 | Big Data
By Josh More, IANS Faculty

 Unified Data Management (UDM): A Primer

Before deploying UDM, it's important to understand what it is - and what it isn't. In this Ask-an-Expert written response, IANS Faculty Josh More provides an overview of the UDM market, including top features to look for and the capabilities of newer as-a-service offerings. He also explains why having a good level of data control is a prerequisite for UDM success.

Read More »

December 5, 2017 | Authentication
By Rich Guida, IANS Faculty

 9 Options for Phone-Based Customer Authentication

With the Equifax breach, many organizations are rethinking their use of customer Social Security numbers as a means of authentication. In this Ask-an-Expert written response, IANS Faculty Rich Guida details nine different options for authenticating customers via the phone, but underscores that none are secure enough to be used in isolation.

Read More »

November 30, 2017 | Risk Management
By Mark Clancy, IANS Faculty

 GRC Alternatives: Evaluating the Vendor Landscape

Whether they focus on integrated risk management or security analytics and reporting, alternatives to more comprehensive GRC tools abound - but how well do they stack up? In this Ask-an-Expert written response, IANS Faculty Mark Clancy examines the broad vendor landscape and offers some tips for choosing the solution that best fits your needs.

Read More »