Collaborate Disseminate
The single sign-on market leader’s Security Center, now generally available, uses Okta Customer Identity Cloud for insights into authentication activity for insights into anomalies, threats and security friction.
The post Okta’s Security Center opens w… Continue reading Okta’s Security Center opens window to customer insights, including threats and friction
The worst of LastPass’s year-long battle with an attacker occurred through a personal device, on a home network, putting BYOD back in the spotlight. And for the past three months, most boards, CIOs, and CISOs I know are taking the opportunity to reeval… Continue reading Lynyrd Skynyrd Answers “Who Should Create an Org’s BYOD Policy?”
Ten years ago, I wrote an essay: "Security in 2020." Well, it’s finally 2020. I think I did pretty well. Here’s what I said back then: There’s really no such thing as security in the abstract. Security can only be defined in relation to somethi… Continue reading Security in 2020: Revisited
Ten years ago, I wrote an essay: "Security in 2020." Well, it’s finally 2020. I think I did pretty well. Here’s what I said back then: There’s really no such thing as security in the abstract. Security can only be defined in relation to something else. You’re secure from something or against something. In the next 10 years, the traditional… Continue reading Security in 2020: Revisited
To comply with California’s new data privacy law, companies that collect information on consumers and users are forced to be more transparent about it. Sometimes the results are creepy. Here’s an article about Ralphs, a California supermarket chain owned by Kroger: …the form proceeds to state that, as part of signing up for a rewards card, Ralphs "may collect" information… Continue reading Customer Tracking at Ralphs Grocery Store
The Department of Justice wants access to encrypted consumer devices but promises not to infiltrate business products or affect critical infrastructure. Yet that’s not possible, because there is no longer any difference between those categories of devi… Continue reading The Myth of Consumer-Grade Security
The Department of Justice wants access to encrypted consumer devices but promises not to infiltrate business products or affect critical infrastructure. Yet that’s not possible, because there is no longer any difference between those categories of devices. Consumer devices are critical infrastructure. They affect national security. And it would be foolish to weaken them, even at the request of law… Continue reading The Myth of Consumer-Grade Security
The Norwegian Consumer Council just published an excellent report on the deceptive practices tech companies use to trick people into giving up their privacy. From the executive summary: Facebook and Google have privacy intrusive defaults, where users who want the privacy friendly option have to go through a significantly longer process. They even obscure some of these settings so that… Continue reading Manipulative Social Media Practices
The US Consumer Product Safety Commission is holding hearings on IoT risks: The U.S. Consumer Product Safety Commission (CPSC, Commission, or we) will conduct a public hearing to receive information from all interested parties about potential safety issues and hazards associated with internet-connected consumer products. The information received from the public hearing will be used to inform future Commission risk… Continue reading Public Hearing on IoT Risks