For Security & Risk Professionals

Case Study: Baker Tilly Virchow Krause Builds Trust With Strong Authentication

Customer Data Is Accessible Yet Safe Whether Users Are Connected Or Not

by Bill Nagel, November 16, 2009

Matt Jennings at Baker Tilly Virchow Krause needed to overhaul the accounting and advisory firm's security processes and technologies to ensure ongoing regulatory compliance and customer confidence. Replacing the company's use of a single password as . . .

For Security & Risk Professionals

Case Study: The Smart Card Is King At Deloitte Ireland

A Multifunctional Authentication Credential Is Now Integral To Employees' Daily Lives

by Bill Nagel, July 23, 2009

John Gray at Deloitte Ireland had a vision for a multifunctional second-factor authentication credential that would not only address the company's need to better protect its data, network, and facilities but also become a positive aspect of the firm's . . .

For Security & Risk Professionals

Best Practices: Implementing Strong Authentication In Your Enterprise

Kill Two Birds With One Token

by Bill Nagel, July 23, 2009

The adoption of strong multifactor authentication (MFA) is on the rise. It's often the first port of call on the journey to a fuller identity and access management implementation; MFA directly addresses the password problem, which is a well-known and . . .

For Security & Risk Professionals

IT Security's Critical Role During Layoffs

How To Safeguard Company Data In Difficult Times

by Andrew Jaquith, July 2, 2009

The Gateway Recession of 2009 has brought the prospect of slowing sales and profits — and job losses. Although layoffs are never desirable, they are often necessary. Much of the responsibility for keeping company data safe during layoffs falls to security . . .

For Security & Risk Professionals

Identity And Access Management Adoption In Europe: 2008

by Bill Nagel, April 16, 2009

Interest in and adoption of identity and access management (IAM) technologies has been growing steadily over the past few years, fueled both by the desire to streamline processes relating to employee, contractor, partner, and customer access to company . . .

For B2B Market Research Professionals

Healthcare Identity And Access Management  (398 KB PPT)

by Eric G. Brown, March 31, 2009

Earlier in the decade, HIPAA compliance was driving security and identity access management. The current drivers are now coming directly from the business goals to improve operations and enable clinical access.

For Security & Risk Professionals

Case Study: Unisys Takes Its Own Authentication Medicine

Systems Integrator Chooses An Integrated Credential To Solve Global Physical And Logical Access Challenges

by Bill Nagel, October 21, 2008

Unisys is a large and diversified systems integrator with operations worldwide. In recent years, the firm has seen its global workforce become increasingly mobile. At the same time, techniques to defeat passwords have become more sophisticated, eroding . . .

For Security & Risk Professionals

A US National ID Begins To Take Root

WHTI, EDL, And REAL ID

by Geoffrey Turner, July 21, 2008

In the aftermath of the Al Qaeda attacks on 9/11, the US government realized that the lack of effective identity credentials for use in domestic air travel was a contributing factor in the attacks' effectiveness. Several initiatives have since been launched . . .

For Security & Risk Professionals

Market Overview: Strong Authentication For Enterprises In 2008

Securing The Doors To Your IT Environment

by Bill Nagel, July 16, 2008

Security professionals have long known that passwords are no longer sufficient to act as the sole means of gatekeeping access to enterprise network and data resources. Increasingly, they're putting that knowledge into action: More than half of the enterprises . . .

For Security & Risk Professionals

Biometrics: State Of The Art And Future Implications

by Geoffrey Turner, May 12, 2008

Biometrics has matured to the point where several technologies have been internationally standardized and incorporated into major international and national identity verification implementations across both the public and private sectors. Because these . . .

For Security & Risk Professionals

Topic Overview: Identity And Access Management

by Andras Cser, April 14, 2008

Identity and access management (IAM) is the entire aspect of maintaining a person's complete set of information, spanning multiple identities and establishing the relationship among these various identities with the goal of improving data consistency, . . .

For Security & Risk Professionals

Extending Mobile Identity Beyond Authentication

Banks, Mobile Operators, And Vendors Team Up For SIM Card-Based Security

by Bill Nagel, April 11, 2008

With mobile phones reaching saturation levels in many countries, banks and other service providers are taking a second look at providing financial and commercial services over the mobile channel. Mobile banking and PKI both flamed out spectacularly in . . .

For Security & Risk Professionals

Government eID Projects Need Private Sector Initiative And Support For Broader Success

A Look At Europe's Experience With PKI-Enabled National ID Cards

by Bill Nagel, April 7, 2008

To date, at least 12 European countries have either developed or rolled out national electronic citizen IDs (eIDs) based on a government-created and -managed public key infrastructure (PKI) or are in the process of doing so. National governments intended . . .

For Security & Risk Professionals

Case Study: 1 Million Strong For Absa

Rapid Response, Decisive Action, And Forward Thinking Add Up To Mobile Authentication Success

by Bill Nagel, January 31, 2008

In 2003, the South African bank Absa Group faced a big obstacle: It was the victim of one of the first major phishing attacks on Internet banking that the country had seen. Up to that point, account numbers and PINs had sufficed to safeguard customers' . . .

For Security & Risk Professionals

Mobile Authentication Marries Security With Convenience

A Token-Killing Form Factor For Secure Consumer Online Banking

by Bill Nagel, November 16, 2007

Financial institutions seeking to expand their online and mobile banking offerings to their entire customer base face the age-old challenge of balancing security with usability. Many banks feel trapped: Fail to implement strong authentication and incur . . .

For eBusiness & Channel Strategy Professionals

Online Banking Holdouts Still Want Security Guarantees

European Net Users Want Security Guarantees And Incentives To Bank Online

by Benjamin Ensor, June 21, 2007

Some 84 million European Net users who could bank online don't do so. Only one-third of these online banking holdouts say that nothing would persuade them to adopt online banking. The remainder say that a mix of security guarantees and financial incentives . . .

Do You "Remember Me"?

Improving Automatic Sign-In Enhances Convenience

by Zayera Khan, December 26, 2006

Consumers sign into Web sites using usernames and passwords on a daily basis. Many sites have enhanced the sign-in process with "remember me" functionality. But with consumers using multiple computers regularly, this function introduces privacy and security . . .

For Security & Risk Professionals

Retail Security Priorities In 2006: It's A Jungle Out There  (555 KB PPT)

by Laura Koetzle, July 6, 2006

Sophisticated gangs of identity thieves victimize consumers in much of the Americas, as well as in the UK and Australia. For example, US citizens reported more than 250,000 cases of identity theft in 2005. All of this has resulted in a bewildering patchwork . . .

The State Of FFIEC Compliance: Indecision And Worry

But Consolidation Will Bring Clarity To The Industry's Ultimate Direction

by Jonathan Penn, May 5, 2006

At the half-way point toward the deadline for FFIEC compliance, most banks have not yet acted on selecting, much less implementing, solutions to strengthen online authentication. When it comes to picking a technology to improve online security, banks . . .

VeriSign Goes VIP

A Good Alternative, But Not The Consumer Authentication Panacea

by Thomas Raschke, April 7, 2006

VeriSign recently introduced its VIP service, which includes both a shared two-factor authentication service and a fraud detection service. While the concept is not new, its non-proprietary approach nevertheless holds the potential to provide simple, . . .

Trends 2006: Online Banking Retail Customer Authentication In Europe

by Martha Bennett, March 6, 2006

European banks are continually reviewing the way they authenticate their retail online banking customers and the transactions they make, and many of them are seeking to strengthen existing mechanisms. The approaches banks are taking vary widely, and reflect . . .

RSA Broadens Positioning With Cyota Acquisition

by Jonathan Penn, January 27, 2006

With the purchase of Cyota, RSA Security will be able to capitalize on the efforts of banks — especially those within the US — to enhance online security. Cyota's lightweight customer authentication solution will also help RSA broaden its positioning . . .

Online Banking Security: Give Customers More Control And Reassurance

by Martha Bennett, January 4, 2006

In their approach to security, many banks fail to take into account one key ingredient that is required for online banking to be successful: the customer. Most current online banking environments miss critical elements that serve to reassure the customer . . .

FFIEC Tells Banks To Formally Assess Fraud Risk

No Specific Requirement That Banks Adopt Strong Authentication

by Jonathan Penn, October 25, 2005

The Federal Financial Institutions Examination Council (FFIEC) issued new guidelines on online authentication, acknowledging that passwords are insufficient as the sole means of security. The new guidelines do not mandate any specific technology, but . . .

Pharma Won't Meet ePedigree Deadlines

RFID Delays Point Pharma To Authentication Stepping Stone

by Laura Ramos, September 21, 2005

Manufacturers, distributors, and life sciences technology providers are struggling to overhaul their drug tracking practices before regulators mandate more expensive and unwanted solutions starting in mid-2006. However, Forrester's research also shows . . .