We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Statement.

Filter By:

Type

Topic

Recent Blogs & Podcasts

Insights Portal

\ Data Protection 



June 19, 2018 | Encryption, Digital Signatures, Certificates, Tokenization
By Aaron Turner, IANS Faculty

 Three Success Factors for SSH Key Management

Despite the fact that most enterprises use hundreds of thousands of SSH keys on a regular basis, few have the right pieces in place to manage them effectively. In this Ask-an-Expert written response, IANS Faculty Aaron Turner says successful SSH key management depends on three factors: strong configuration management, mature service management and effective policy management.

Read More »


May 31, 2018 | Encryption, Digital Signatures, Certificates, Tokenization
By Aaron Turner, IANS Faculty

 Consider Three Cloud-Ready Encryption Options

As organizations make the move to the cloud, many are realizing it's time to re-think their current encryption toolset. In this Ask-an-Expert written response, IANS Faculty Aaron Turner suggests three cloud-ready options: AWS KMS, Azure Key Vault and Gemalto.

Read More »


May 24, 2018 | Security Policies and Strategy
By Aaron Turner, IANS Faculty

 OTT Messaging Apps: Know the Risks

Over-the-top (OTT) messaging apps like WhatsApp and WeChat claim to offer top-notch privacy and security, but are they enterprise-ready? In this Ask-an-Expert written response, IANS Faculty Aaron Turner says that while such apps are actually more secure than email, they do have their downsides. He offers his recommendations, along with caveats around device, compliance and data retention.

Read More »


May 14, 2018 | Encryption, Digital Signatures, Certificates, Tokenization

 EFAIL Vulnerability Exposes Encrypted Email

On May 14, 2018, security researchers tweeted details and launched a website (efail.de) explaining how attackers could exploit “EFAIL” vulnerabilities to extract plain text from encrypted emails. The vulnerability impacts both the Pretty Good Privacy (PGP) and S/MIME methods of email encryption, which are commonly used in Microsoft Outlook. 

Read More »


April 30, 2018 | Fraud Detection
By Michael Pinch, IANS Faculty

 Use Benford’s Analysis to Ease Fraud Detection

Health insurance fraud detection is a bit outside most infosec professionals' comfort zones, but some simple analytics can help surface potential indicators. In this Ask-an-Expert written response, IANS Faculty Mike Pinch explains how to use Benford's law to surface anomalies in data sets and make uncovering potential fraud easier.

Read More »


April 26, 2018 | Fraud Detection
By Josh More, IANS Faculty

 Ensure Transactions Are Properly Vetted

While some transactions merit instant approval, others require a more stringent process to curtail fraud and keep customers secure. In this Ask-an-Expert written response, IANS Faculty Josh More explains how artificial intelligence-based tools are helping automate approvals in many cases, enabling financial institutions to reduce manual oversight while improving efficiency and security.

Read More »


April 5, 2018 | Encryption, Digital Signatures, Certificates, Tokenization
By Aaron Shi, IANS Director of Web Development & Security

 Ensure Your User IDs Are Encrypted

In the wake of the Equifax breach and other high-profile incidents, organizations are enforcing encryption across all PII and passwords, but what about user IDs? In this Ask-an-Expert written response, IANS Director of Web Development and Security Aaron Shi explains why user IDs are often left in the clear and offers a simple way to bring them into the encryption fold.

Read More »


February 14, 2018 | Authentication
By Andrew Carroll, IANS Faculty

 Understanding Blockchain’s Promise for Identity Management

While blockchains were developed to solve problems very different from identity management, some vendors (and enterprises) are beginning to explore how blockchains could be used to both secure and provide more granular control over digital identities. In this report, IANS Faculty Andrew Carroll explains the pros and cons of using blockchains for identity, and provides a practical overview of the vendors addressing the space.  

Read More »