In an effort to get back on a regular writing schedule, I am planning to post a quick recap on one thing I learn each week. Based on the fire hose of information coming out of my SANS training, finding something new should be easy - making the time to write about it will be … Continue reading Weekly Recap #1
Active Directory Passwords – Who is Right?
This was originally posted as an INSIGHT for Wolf & Company, P.C. here. Background Cybersecurity breaches are making the news on what seems like a weekly basis. Many of these incidents involve unauthorized access to systems and data as a result of compromised user credentials. These credentials are compromised through improper storage, weak password criteria, and … Continue reading Active Directory Passwords – Who is Right?
New PCI MFA Guidance
On February 9, 2017 the PCI SSC released a new Information Supplement Multi-Factor Authentication with the intent to aid Organizations in meeting Requirement 8.3. One interesting quote in the document’s Overview: While PCI DSS Requirement 8.3 does not currently require organizations to validate their MFA implementation to all the principles described in this guidance document, these principles may … Continue reading New PCI MFA Guidance