Search This Blog

Tuesday, April 28, 2009

Guide to enterprise password management drafted

NIST needs your comments on password-management guide
Network World logo

Security Strategies Alert

NetworkWorld.com | Security Research Center | Update Your Profile


Sponsored by Alcatel-Lucent
rule

Cure Laptop Insecurity
Of course laptops feel insecure. They work with... you. But armed with Alcatel Lucent's OmniAccess 3500 Nonstop Laptop Guardian, they don't have to be afraid of becoming a victim - being lost, stolen or violated - anymore. Lock your laptops remotely, deliver patches and update overnight, and more. Visit

rule

Spotlight Story
Guide to enterprise password management drafted

M. E. Kabay By M. E. Kabay
I hate passwords. I think passwords are a dreadful way of authenticating identity: they cost a lot, they change too often (and so users write them down), the rules for preventing dictionary and brute-force attacks are generally easy for users to circumvent, there are too many of them (and so users write them... oh never mind), and nothing can stop users from writing them down (and sticking them in their wallets, under their keyboards, behind their screens, in their desk drawers...). And yet we constantly hear non-technical managers resisting smart-token-based authentication or proximity cards because they are supposedly too expensive. Read full story

M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services. CV online.

Related News:

Editor's note: We will be changing how we send out Network World newsletters over the next few weeks. To ensure future delivery of your newsletters, please add nww_newsletters@newsletters.networkworld.com to your e-mail address book or 66.186.127.216 to your white-list file. Thank you.

Seven burning security questions There's no shortage of burning questions about IT security these days, some sparked by nasty threats, others by economic concerns and some by growing use of social networking and cloud computing.
Read more:
Can you no longer avoid closely monitoring employees?
Should you choose a strategic security vendor or shoot for best-in-breed?
Can security processes finally be automated?
How scared should you be about security statistics?
Are security issues delaying adoption of cloud computing?
Is mobile computing the Achilles' heel in your organization?
How can you handle risks that come with social networking?

Password management: Facing the problem In my last two columns, I've been looking at the pervasive problems we have in the security field in overcoming natural human tendencies to misjudge risk. In particular, I've pointed out that the well-known and ...

Why passwords are pass I have long argued that passwords are a terrible way of authenticating identity.

The way we frame risks influences perception In my previous column, I introduced the issue of the frustrating tendency of normal computer or network users to choose bad passwords (among other irritating habits) and pointed to a study showing that at least a third ...

How not to manage lost passwords I am writing to you formally in your capacity as CEO of Metaphoronic Corp., makers of the bioport that I had installed in my lower spinal column last year for direct neural connectivity to my Windows 2010 operating ...

Hidden costs of passwords Many users who focus on their individual experience and needs rather than on corporate security management think that passwords are free. Indeed, password functions come with our operating systems and much of our ...

April giveaways galore
Cisco Subnet
and Microsoft Subnet are giving away training courses from Global Knowledge, valued at $2,995 and $3,495, and have copies of three hot books up for grabs: CCVP CIPT2 Quick Reference by Anthony Sequeira, Microsoft Voice Unified Communications by Joe Schurman and Microsoft Office 2007 On Demand by Steve Johnson. Deadline for entries April 30.

Network World on Twitter Get our tweets and stay plugged in to networking news.


Evolution of Ethernet
Evolution of Ethernet From 3Mbps over shared coax to 40/100Gbps over fiber…and beyond.

Apple iPhoneys: The 4G edition
Apple iPhoneys: The 4G editioniPhone enthusiasts from around the Web offer their visions for the next-gen iPhone.

Sponsored by Alcatel-Lucent
rule

Cure Laptop Insecurity
Of course laptops feel insecure. They work with... you. But armed with Alcatel Lucent's OmniAccess 3500 Nonstop Laptop Guardian, they don't have to be afraid of becoming a victim - being lost, stolen or violated - anymore. Lock your laptops remotely, deliver patches and update overnight, and more. Visit

rule

Cut Campus Network TCO by 50%.
Learn how to reduce your campus networks' TCO by up to 50% without compromising high performance, security or reliability. Juniper Networks shows you how to achieve unparalleled consistency, flexibility and efficiency for the lowest possible TCO.
Click here to register for this Live April 30 Webcast.


Metzler: 2009 Handbook of Application Delivery
Successful IT organizations must know how to make the right application delivery decisions in these tough economic times. This handbook authored by WAN expert Jim Metzler will help guide you.
Download now

 

04/28/09

Today's most-read stories:

  1. Some IT skills see pay hikes during downturn
  2. Seven burning security questions
  3. The downfall of Sun
  4. The legal risks of ethical hacking
  5. Conficker.E to self-destruct on May 5th?
  6. Researchers show how to take control of Windows 7
  7. Einstein systems to inspect U.S. government's Internet traffic
  8. The evolution of Ethernet
  9. The biggest losers in the Oracle, Sun deal
  10. Intel CPU cache poisoning: dangerously easy on Linux
  11. Notebook replaces trackpad with LCD panel


Network World on Twitter: Get our tweets and stay plugged in to networking news


DNS news and tips
DNS is not secure and is extremely vulnerable. DNS is at the core of every connection we make on the Internet. While some servers are indeed vulnerable, because of inadequate management or knowledge, the real threat is from the protocol itself and how data is easily subverted or faked as it moves around the internet.
Receive the latest DNS news and tips



IT Buyers guide

 


This email was sent to security.world@gmail.com

Complimentary Subscriptions Available
for newsletter subscribers. Receive 50 issues
of Network World Magazines, in print or
electronic format, free of charge, Apply here.

Terms of Service/Privacy

 

Subscription Services Update your profile
To subscribe or unsubscribe to any Network
World newsletter, change your e-mail
address or contact us, click here.

Unsubscribe

Network World, Inc., 492 Old Connecticut Path, Framingham, MA 01701
Copyright Network World, Inc., 2009

www.networkworld.com

 

 



1 comment:

Anonymous said...

Mу brotheг recοmmended I might like this blog.
He wаѕ totallу rіght.
This post tгuly mаԁe my daу.
You can not imаginе just hoω much timе I had spent foг
this info! Thanks!

Herе iѕ my webpаge :: payday loans