Filter By:

Recent Blogs & Podcasts



July 28, 2017 | Regulations & Legislation
By Mark Clancy, IANS Faculty

 Tackle the NYSDFS Cybersecurity Regulations

Many organizations in the banking, insurance and financial services sectors are in the process of complying with the New York State Department of Financial Services' new cybersecurity regulations. In this report, IANS Faculty Mark Clancy offers tips and key strategies for complying with the new requirements, particularly around authentication, audit logging, encryption and training/awareness. 

Read More »

July 27, 2017 | Application Development and Testing
By Davi Ottenheimer, IANS Faculty

 Standardize Docker Security

Containers remove barriers to productivity by offering a predictable infrastructure at the system level, but security details can go missing from typical container standards. In this Ask-an-Expert written response, IANS Faculty Davi Ottenheimer details three strategies for standardizing container security and offers tips for using technology to secure Docker. 

Read More »

July 26, 2017 | Password Management
By Rich Guida, IANS Faculty

 Implement a Strong Corporate Password Policy

Creating a corporate password policy can be a very complex challenge, particularly considering the fact that passwords bring with them some significant enterprise risks. In this Ask-an-Expert written response, IANS Faculty Rich Guida details the standard guidelines for password policies and offers tips for taking them to the next level. 

Read More »

July 25, 2017 | Application Development and Testing
By Josh More, IANS Faculty

 Manage the Risks of Offshore Development

Outsourcing development to offshore companies is a common consideration due to cost savings, but it can also increase risks. In this Ask-an-Expert written response, IANS Faculty Josh More outlines these risks and offers strategies for mitigating them with contractual requirements. 

Read More »

July 25, 2017 | Embedded Systems and Internet of Things
By Chris Poulin, IANS Faculty

 Poulin: You Mod it, You Own It?

If your toaster catches fire because of a design defect, you can sue the manufacturer. If your computer is compromised because of a software vulnerability, that’s your problem (remember that end-user license agreement you clicked through without reading?) The Internet of Things is the intersection of products and software, and the result is a muddied liability equation.

Read More »

July 24, 2017 | Certifications and Training
By Jason Gillam, IANS Faculty

 Tips for Acing the CISSP Exam

The key to acing the CISSP exam is good preparation. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains how the test is organized and scored, and offers tips on study guides, practice tests, answer strategies and more.

Read More »

July 21, 2017 | Mobile Access and Device Management
By Ken Van Wyk, IANS Faculty

 Van Wyk: Security Track Record for iPhone Not an Accident

It’s not just luck. Apple has managed to keep the iPhone (and its iOS brethren) safe from any major malware outbreak for 10 years. Building a multi-faceted security architecture that substantially raises the cost of successful attacks can be extremely effective. 

Read More »

July 21, 2017 | Encryption, Digital Signatures, Certificates, Tokenization
By Aaron Turner, IANS Faculty

 Full Disk Encryption: Some Keys to Success

Full disk encryption is the best way to protect data at rest, but not all implementations are equally secure. In this Ask-an-Expert written response, IANS Faculty Aaron Turner highlights key regulatory and technology issues to consider, and provides tips for getting the deployment right.

Read More »

July 20, 2017 | AppDev Frameworks
By Dave Shackleford, IANS Faculty

 Container Security Best Practices

Ensuring containers like Docker remain secure is critical, because any missed issues may end up propagating throughout an environment. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford offers some tips and best practices for deploying containers securely. 

Read More »