Access Control

Access Control news, information, and how-to advice

SDS still young, but very much on the rise

Offering increased protection and a simplified approach, software-defined security is shaping up to be the next big thing in IT security


Fear the golden ticket attack!

Be afraid of the golden ticket attack -- if malicious hackers can create the tickets, they can wreak whatever havoc they please

IBM buys access control and identity management firm CrossIdeas

With CrossIdeas, IBM is gaining auditing tools for policing segregation-of-duties violations across disparate systems

The 12 biggest, baddest, boldest software backdoors of all time

These 12 historically insidious backdoors will have you wondering what's in your software -- and who can control it

You want to know who has access to what? Good luck

Access control sounds simple, until you try to tease out rights and permissions for every user in your environment

How to benefit from the identity data explosion

Everyone wants to avoid being the next Target. Brian Milas, CTO at Courion, explains how to use the rich data generated by identity and access control solutions to reduce risk

Target attack shows danger of remotely accessible HVAC systems

Qualys says about 55,000 Internet-connected heating systems, including one at the Sochi Olympic arena, lack adequate security

Book smart, security stupid: Rogue professors flunk Security 101

Two academics betray highly ill-advised security practices when using the university's computer network

EMC's Syncplicity service tightens controls on shared files

Data now can be made unavailable even when it's stored offline, EMC says

Alcatel-Lucent challenges Cisco, Brocade unified access

Alcatel-Lucent offers enterprises free switch upgrade that converges wired Ethernet networks with wireless BYOD management from Aruba

'Jump boxes' improve security, if you set them up right

It's a good idea to set up an ultrasecure computer as a bridge to log on to other PCs, but serious protections must be in place

Cisco patches vulnerabilities in some security appliances, switches, and routers

If left unpatched, the vulnerabilities could enable denial-of-service, command execution, or authentication bypass attacks

Cisco fixes critical remote command execution vulnerability in Secure Access Control Server

The vulnerability could allow remote, unauthenticated attackers to take control of the underlying operating system, the company said

Those 'invisible' servers could open your network to hackers

Slew of vulnerabilities in IPMI standard for disaster-recovery access leaves unpatched implementations at severe risk

Should you create a separate, supersecure network?

A safe deposit box protects your valuables -- so why not shield your critical data in an ultrasecure network? It's not that simple

Why Sun's NIS will never die

Although 28 years old and insecure, Sun's old Network Information Service lives on in networks across the globe

Too many admins spoil your security

Never give users more access rights than needed. If you hand out admin privileges like candy, it'll come back to haunt you

5 hot security defenses that don't deliver

We'd all love to have a magic bullet to stop hackers, but these five defenses won't do the trick, despite what you've been told

What you can do about Chinese APT attacks

Have your defenses been breached by Chinese hackers? If you have attractive intellectual property, it's quite possible. Here's how to detect and defend

Load More