Filter By:

Recent Blogs & Podcasts

30 Results for: "Michael Pinch"

 



September 26, 2017 | Authentication
By Michael Pinch, IANS Faculty

 Determine the Best MFA Fit: Duo vs. Azure

When it comes to deploying effective multifactor authentication (MFA) across a large user enterprise, success depends on matching the MFA solution to your operational strategy. In this Ask-an-Expert written response, IANS Faculty Michael Pinch provides a functional comparison of both Duo and Microsoft Azure MFA in terms of security, channels, ease of use and ease of enrollment.

Read More »


September 8, 2017 | Data Classification
By Michael Pinch, IANS Faculty

 Data Classification: Design for the Human, Enforce with Technology

Data classification policies can be difficult for end users to interpret, leaving organizations open to data leakage issues and more. In this Ask-an-Expert live interaction, IANS Faculty Mike Pinch details the importance of creating human-friendly policies and ensuring employee awareness but also backstopping the process with layered technology solutions such as DLP and DRM. 

Read More »


August 16, 2017 | Security Awareness, Phishing, Social Engineering
By IANS Faculty, IANS Faculty

 Poll: Does Tagging External Email Promote Awareness?

With phishing and email spoofing attacks on the rise, many organizations are considering tagging all external emails to raise user awareness and bolster their defenses - but is it a good idea? In this report, IANS Faculty James Tarala, Mike Pinch, Dave Kennedy and Mike Saurbaugh weigh in on the practice and offer tips for ensuring success. 

Read More »


June 8, 2017 | Enterprise and IT Compliance Management
By Michael Pinch, IANS Faculty

 5 Tips for Migrating to a New Security Framework

Changing an organization's security program alignment is never an easy task. In this Ask-an-Expert written response, IANS Faculty Mike Pinch offers five key steps to take when migrating to a new security program, with specific guidance for switching to the NIST Cybersecurity Framework. 

Read More »


May 30, 2017 | Malware and Advanced Threats
By Michael Pinch, IANS Faculty

 Top 5 Infosec Risks in Health Care and What to Do About Them

The top priorities for health care organizations today are uptime and free access to data, which means companies in this space face a number of security challenges. In this Expert Briefing, IANS Faculty Mike Pinch details the major security risks the health care industry is dealing with today - from ransomware to the Internet of Things - and offers strategies for tackling these challenges.

Read More »


March 31, 2017 | DevOps Organization and Strategy
By Michael Pinch, IANS Faculty

 Making Threat Modeling an Integral Part of the Development Process

Threat modeling is a critical part of the mature software delivery process, especially in DevOps environments, but ensuring it's integrated effectively and seamlessly can be tricky. In this Ask-an-Expert written response, IANS Faculty Mike Pinch offers some tips for inserting threat modeling into the development process, along with some key tools to consider.

Read More »


February 1, 2017 | Authentication
By Michael Pinch, IANS Faculty

 Authenticating Customers via Fingerprint Biometrics

A security team is considering using fingerprint-based biometrics to authenticate customers at its company's retail stores, but what are the pros/cons? In this Ask-an-Expert live interaction, IANS Faculty Mike Pinch details the current state of fingerprint biometrics and offers some advice for safe, cost-effective implementation.

Read More »


November 3, 2016 | Vulnerability Assessment and Management
By Michael Pinch, IANS Faculty

 Vulnerability Patching Policy Best Practices

Patching and vulnerability management can be a highly variable process depending on a number of factors, but there are some basic best practices that organizations can adhere to. In this Ask-an-Expert written response, IANS Faculty Mike Pinch details these best practices for vulnerability scanning and management, including for servers, endpoints and at the application level.

Read More »