Filter By:

Recent Blogs & Podcasts



March 29, 2017 | Encryption, Digital Signatures, Certificates, Tokenization
By Aaron Turner, IANS Faculty

 Choosing the Right MFA and PKI Solution for a Complex, High-Security Environment

Leveraging multi-factor authentication (MFA) and public key infrastructure (PKI) across a large organization with multiple domains and trust levels can get complicated fast. In this Ask-an-Expert written response, IANS Faculty Aaron Turner goes over all the options and offers advice for minimizing cost, effort, lifecycle management and security issues.

Read More »

March 28, 2017 | Mobile Access and Device Management
By Aaron Turner, IANS Faculty

 Geo-blocking Certain Mobile Device Functionality

Since high-capability mobile devices were first introduced, enterprises have wanted to deploy controls to limit the use of certain functions on these devices in sensitive locations. In this Ask-an-Expert written response, IANS Faculty Aaron Turner details the two major components of a comprehensive smartphone security control system and describes the process for implementing them. 

Read More »

March 27, 2017 | Certifications and Training
By David Kolb, IANS Faculty

 Get What You Need: Hints and Tips for Negotiation

Information security professionals are involved in negotiations every day, whether it's working with software developers to adopt safe coding practices or selling employees on mobile device management. In this report, IANS Faculty David Kolb and Chief Research Officer Stan Dolberg detail the process of negotiation and persuasion within an organization and offer specific examples to help infosec professionals understand the dynamics at play and get to a result that's beneficial to all parties. 

Read More »

March 24, 2017 | Directory Services
By Rich Guida, IANS Faculty

 Managing Terminated Active Directory Accounts

Managing AD accounts for terminated employees can become complex and confusing, especially as organizations evolve over time. In this Ask-an-Expert written response, IANS Faculty Rich Guida details best practices for managing terminated accounts to meet application, audit and regulatory requirements, and offers recommendations for easing the process.

Read More »

March 22, 2017 | Vendor and Partner Management
By Josh More, IANS Faculty

 Setting Requirements for Vendors Storing Sensitive Data

Vetting and managing vendors has become increasingly important for organizations in recent years, particularly for those that are storing, processing or transmitting sensitive data. In this Ask-an-Expert written response, IANS Faculty Josh More walks through a simplified approach to assessing, qualifying, classifying and verifying vendors to ensure they can be trusted to handle sensitive data. 

Read More »

March 22, 2017 | Mobile Access and Device Management
By Aaron Turner, IANS Faculty

 Enterprise Mobility: Defining a Security Strategy

Enterprises today are on their third generation of mobile technologies, and each iteration has had its own unique challenges. In this Ask-an-Expert written response, IANS Faculty Aaron Turner details some of the highest-impact risks organizations face in the mobility space today and offers some maturity-specific approaches companies can take to combat these risks. 

Read More »

March 20, 2017 | Vendor and Partner Management
By Kevin Beaver, IANS Faculty

 Beaver: Taking Responsibility for Vendor Product Security

At the end of the day, you can't blame poor security and the subsequent incidents and breaches on someone else. Rather than more finger-pointing, regulation and red tape, let's have the discipline to do what's right and take the proper steps to reasonably lock things down – even if it's someone else's product.

Read More »

March 16, 2017 | Embedded Systems and Internet of Things
By Aaron Turner, IANS Faculty

 Balancing Business Benefits with IoT Dangers

Some say IoT stands for Internet of Threats, but businesses and consumers are rushing headlong into the adoption of everything from wearables to smart buildings. In this report, IANS Faculty Aaron Turner examines the enterprise risks of IoT and explores defensive tactics to help build a short- and long-term strategy to effectively and securely employ IoT technology. 

Read More »

March 15, 2017 | Team Structure and Management
By Adam Ely, IANS Faculty

 Revamping the Security Organization

Every enterprise is different, as is the makeup of just about every security team. Are there any best practices for creating the ideal security organization? In this Ask-an-Expert live response, IANS Faculty Adam Ely offers some strategies for reworking the security organization to gain better alignment, agility and effectiveness.

Read More »