261 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
Backyard SSO Hero
Mon, Oct 20th 2014 15
How to Make an Authentication Cocktail
Fri, Oct 17th 2014 12
Breach Fatigue: Don’t Be a Victim
Tue, Oct 7th 2014 19
UPS Hacked!
Wed, Sep 17th 2014 9
The IT Professional vs. The Deadly Data Breach
Mon, Sep 15th 2014 9
You Have a Case of Identity Theft!
Mon, Aug 25th 2014 12
PayPal for Mobile: How Secure is Your PayPal Account?
Mon, Jul 21st 2014 210
Top 10
PayPal for Mobile: How Secure is Your PayPal Account?
Mon, Jul 21st 2014 210
Breach Fatigue: Don’t Be a Victim
Tue, Oct 7th 2014 19
From Hacktivist to Cybersleuth
Fri, Jun 20th 2014 17
Backyard SSO Hero
Mon, Oct 20th 2014 15
Press Release: Get the Level of Identity Management Your Campus NEEDS for Office 365
Fri, Jun 27th 2014 12
You Have a Case of Identity Theft!
Mon, Aug 25th 2014 12
How to Make an Authentication Cocktail
Fri, Oct 17th 2014 12
Data Breach on Campus: Over 300,000 Exposed at University of Maryland
Fri, Feb 21st 2014 11
Violated Database: Montana Department of Public Health and Human Services
Wed, Jul 16th 2014 9
The IT Professional vs. The Deadly Data Breach
Mon, Sep 15th 2014 9


Kimberly Johnson
Blog Title PistolStar's Authentication Blog
Blog Description Usability. Security. Auditing. Compliance.
Blog URL http://blog.pistolstar.us/blog
RSS Feed http://blog.pistolstar.us/blog/?feed=rss
Validate Feed feedvalidator.org or validator.w3.org
Feed Last Checked Jan 26, 2015 5:40:01 PM EST. Realtime Update:
Location Amherst, NH, USA


Recent Blog Posts
15
Backyard SSO Hero
Mon, Oct 20th 2014 8:13a   Larry Conroy
So, my neighbor, Penny, peaks her head over the fence and asks me what I think about this SSO stuff.  What makes her think I even want to chat in the first place . . . the game is on and I’m stuck out here?  Can’t she see all these leaves taunting me because the leaf blower won’t start?  A more appropriate discourse would have been something like, “Hey, my kids are looking for something to do. Can they rake your leaves for you?” But never the less, as I reluctantly get off my knees
12
How to Make an Authentication Cocktail
Fri, Oct 17th 2014 7:12a   Rob Bellefeuille
Who doesn’t enjoy a good cocktail? James Bond liked his “shaken, not stirred” and most like them “on the rocks.” All this talk of cocktails is making me thirsty! However, today we are not here to talk about drinking a delicious drink; we are here to talk about an authentication cocktail. What is an “authentication cocktail?” An authentication cocktail is the pairing of two separate two-factor authentication (2FA) one-time password (OTP) delivery methods to make a full-bodied authen
19
Breach Fatigue: Don’t Be a Victim
Tue, Oct 7th 2014 2:11p   Amber Ciarcia
In recent weeks, the largest bank in the United States, JP Morgan Chase & Co., has fallen victim to cybercriminals. Last Thursday, JP Morgan unveiled that hackers obtained stolen information from their customers.  This included personal information such as names, addresses, phone numbers, and e-mail addresses from over 76 million households and 7 million small businesses. Scary, right? One would think. According to a recent article from The Washington Post “Data breach fatigue follows two
9
UPS Hacked!
Wed, Sep 17th 2014 7:12a   Liana Lichtenwalner
“It was the best of times, it was the worst of times.” This famous quote from Charles Dickens’ classic novel, A Tale of Two Cities, gives insight into how two forces, like good and evil, are equal rivals contending for survival. The same goes for the world of cyber security. We have a world of information, convenience, and entertainment at our fingertips, and yet, in that world, there are dangers and possibilities to have valuable information stolen. In Alex Roger’s time.com article,
9
The IT Professional vs. The Deadly Data Breach
Mon, Sep 15th 2014 8:12a   Liana Lichtenwalner
The Deadly Data Breach We know it well, the Deadly Data Breach! So many people have felt the effects of a data breach, and so many companies are scrambling to protect the personal information they have on file. I am sure data breaches are on the minds of every IT professional that has kept up with the most recent breaches. No one goes unscathed by The Deadly Breach: P.F. Changs, Goodwill, Home Depot, and numerous schools. Home Depot’s recent data breach reaches all the way back to April first
12
You Have a Case of Identity Theft!
Mon, Aug 25th 2014 10:11a   Liana Lichtenwalner
It’s the hot topic in the news, blogs, books, and more, identity theft and security! We are all susceptible to identity theft from the individual user to the largest corporation. Author Steve Weisman has been speaking on Identity Security for years, including his blog Scamicide and in his books The Truth About Avoiding Scams and Identity Theft Alert: 10 Rules You Must Follow. The most recent breach, the Community Heath System, is one that Weisman covers in his blog entry Community Health Sys
210
PayPal for Mobile: How Secure is Your PayPal Account?
Mon, Jul 21st 2014 4:12p   Liana Lichtenwalner
How secure is PayPal? Secure until you start using your mobile device. According to Kelly Higgin’s article, PayPal Two-Factor Authentication Broken, Dan Saltman, an independent researcher, “reported to PayPal that he had discovered a way to bypass two-factor authentication in Apple iOS, but after getting no response from PayPal, Saltman in April went to friends at mobile security firm Duo Security.” From there, Duo Security confirmed Saltman’s finding and helped him reach PayPal. Duo Sec
2
More Compromised Students and Faculty
Thu, Jul 17th 2014 7:12a   Liana Lichtenwalner
Recently, there was yet another security breach at a college campus. This time the victim was Butler University, where a hacker accessed over 160,000 records for current, past students and faculty. The information stolen was the typical pertinent information that is stolen in this type of breach. Names, Social Security numbers, date of birth, and bank account information. The announcement of this breach comes due to an identity theft investigation that came from California law enforcement. The p
9
Violated Database: Montana Department of Public Health and Human Services
Wed, Jul 16th 2014 2:11p   Liana Lichtenwalner
Your car has been broken into, yet nothing was stolen. Nothing was stolen, so no big deal, right? WRONG! You would still feel violated, creeped out, and concerned about it happening again. The Montana Health Department has experienced a similar data breach. On May 15th, Montana’s Department of Public Health and Human Services (DPHHS) officials noticed out of the ordinary activity. After further investigation, DPHHS confirmed that a server had been breached by hackers, and according to Alison
7
Young Hacker Infiltrates High School Database
Wed, Jul 2nd 2014 11:12a   Liana Lichtenwalner
We live in a world with multiple cyber threats, many coming from alias names from countries we have never been to. Within the United States, we have our fair share of hackers that cause major problems and confiscate sensitive data. It is sad and eye opening when it happens on the high school level. Recently, a 16-year-old boy gained access to a school database that held personal information like grades and attendance. By gaining access to this database, the student was able to change multiple
12
Press Release: Get the Level of Identity Management Your Campus NEEDS for Office 365
Fri, Jun 27th 2014 4:11p   Liana Lichtenwalner
BEDFORD, NH– (Marketwire – June 25, 2014) – Today, PistolStar, Inc. announced the integration of its PortalGuard product with Office 365. This integration will give administrators the power to choose the level of convenience and security they desire for their students and faculty while accessing Office 365, including: -Self Service Password Reset (SSPR) -Single Sign-on (SSO) -Two-factor Authentication With PortalGuard integrated with Office 365, schools now get the level of ide
17
From Hacktivist to Cybersleuth
Fri, Jun 20th 2014 8:11a   Liana Lichtenwalner
It’s just like something from out of the movies: criminal mastermind gets caught, turns from his wicked ways, and eventual unveils a piece of the criminal mastermind world to help out the good guys. There is something intriguing in being able to see into the criminal mastermind and get a behind the scenes look at the secret life of these hacktivist. In the hacktivists’ world, there is a network of secret groups and ominous aliases that threaten to breach and expose a multitude of private and
3
Press Release: Strengthening Web Authentication, Without Overcorrecting
Thu, Jun 5th 2014 3:11p   Liana Lichtenwalner
CLICK to View Video BEDFORD, NH–(Marketwired – Jun 3, 2014) – Today, PistolStar, Inc. announced immediate availability of PortalGuard’s newest solution, PassiveKey. PortalGuard’s PassiveKey is a customer driven response to deliver the latest in innovative identity solutions. PassiveKey transparently enables two-factor authentication while allowing the user to login with the familiar username/password approach. This simultaneously strengthens authentication and elimi
1
Honesty is the Best Policy: Passwords, IT Security Professionals, and Llamas!
Tue, Jun 3rd 2014 8:14a   Liana Lichtenwalner
Well, the truth is that many organizations are just not enforcing the basics of Password Best Policies (PBP), never mind investing and enforcing stronger identity security. With much emphasis on ROI, the truth is IT Security Professionals make the dangerous decision to purchase the minimal authentication solution just to have “something” in place. And the truth about Llamas is never tick-off a Llama; they spit when provoked or threatened! Passwords are precious things and have lost their i
4
Google Removes Ad Scanning for Education Apps in Education for Good
Tue, May 6th 2014 12:11p   Rob Bellefeuille
Recently, Google made an announcement via their blog stating they will be permanently removing any form of ad scanning for applications associated with education users. Google was quick to point out that they never intended to collect data in education based Apps, and in the past, an Admin on campus would have had to enable the ad scanning. However, even if the admin had enabled ad scan, it will no longer be enabled within their environment. To give you a brief overview of the ad scan, it is a b
2
Alarmingly Low Rate of Employees Receive Security Awareness Training
Wed, Apr 23rd 2014 11:11a   Rob Bellefeuille
With the state of the economy, it is not too shocking that only 43% of employees receive security awareness training. Many companies have been faced with reducing their workforce and running “leaner and meaner,” thus devoting all hours of the workday to improving the companies bottom-line. It is hard to believe that such an important element has gone the way of the Dodo bird. One would think that more time would be dedicated to security training given the recent and highly publicized securit
2
How to Mend a Broken Heart: The Heartbleed Bug and what you need to know to protect yourself
Fri, Apr 11th 2014 9:12a   Rob Bellefeuille
The news broke this week that the Heartbleed Bug had attacked an undetermined amount of websites and their users worldwide. At this time it would seem that a large number of people are affected, however, the magnitude of this Bug may not be made clear for some time. Last year, the Adobe breach  numbers grew drastically as time moved forward. So what is the Heartbleed Bug? The researchers who uncovered the problem describe the Bug as a serious flaw within OpenSSL. “The Heartbleed Bug is a seri
3
Are You Only a Hacktivists Away from Chaos?
Wed, Apr 2nd 2014 2:11p   Liana Lichtenwalner
Data security is a hot topic right now with Target, Michaels, and other large companies reporting data breaches. After all the time, money, and publicity from the breaches, I am sure they wish they could turn back time and deploy a stronger authentication to guard against the black market hacktivists that caused the chaos. In Cameron Shilling’s article “Is Your Business a Data Breach Away from Disaster?,” Shilling states, “data security breaches are not just perpetrated by Internet hac
1
Ransomed Beauty: Is Your Identity Being Held for Ransom?
Thu, Mar 27th 2014 4:11p   Liana Lichtenwalner
As a woman, I know all too well how much time and money we spend on beauty supplies. Whether buying the “next best thing” in the cosmetic department or trying the newest home remedy from your favorite blog, it all requires you to spend some cash or use a credit/debit card. But how much are you willing to pay: ten, twenty, fifty dollars? What about your identity? With the growing number of businesses reporting breaches in their databases, it is no surprise that Sally Beauty became a target to
4
Two More Colleges Exposed: Indiana University and North Dakota University
Fri, Mar 7th 2014 2:12p   Rob Bellefeuille
There seems to be a rise lately in the number of campuses that are being subject to data breaches. Today it was brought to light that North Dakota University’s database was compromised exposing around 300K current and former student’s information along with some of their staff as well. Last week, Indiana University informed nearly 146,000 recent graduates and students that their seven-campus data system had accidentally exposed. This news comes on the heels of the recent University of Maryla
2
Price vs Cost: One Man’s Opinion
Mon, Mar 3rd 2014 3:14p   Rob Bellefeuille
With the economic state of the country, you always hear folks talking about the price of an item or how much it cost them. Being in the security industry and a home owner, I can identify with the struggles that come with sticking to a budget and finding a solution. However, with security it can truly be a gamble that all too often plays out in a negative way. One comparison we threw around a lot here in the office is a home security system. You constantly see on the news or hear from others sto
2
Hackstorm
Wed, Feb 26th 2014 10:15a   Liana Lichtenwalner
Hailstorms are a threatening phenomenon that can sometimes turn fatal. Hailstones can range from a ¼ of an inch to 7 inches in size, causing severe damage to anything in their path. Attacking hackers, in many ways, are like hailstorms when there is a breach in security, leaving extensive damage. Lately, Cyber security has been on the minds of many people, and with many security breaches at major companies placing personal data at risk, it is no wonder. A recent study done by the Ponemon Insti
11
Data Breach on Campus: Over 300,000 Exposed at University of Maryland
Fri, Feb 21st 2014 12:14p   Rob Bellefeuille
This week the University of Maryland came forth with an announcement that their campus data base had been breached, exposing sensitive information for over 300,000 students and faculty.  The data breach comes on the heels of many other similar data breaches at retailers across the US including Target, Neaman Marcus, and Michaels Craft Stores. According to a letter from University of Maryland President, Wallace D. Loh on February 19, 2014; “A specific database of records maintained by our IT D
3
Government Surveillance, Time to Reform?
Mon, Feb 17th 2014 11:11a   Chief Content Writer
There has been a recent push back against the government claiming that they are impeding on the privacy rights of users. Eight companies, including AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter, and Yahoo, co-authored a letter to President Obama stating their concerns. In this letter, the major companies broached the issue of the global interference with users’ internet accounts and discussed the fact that governments do indeed need to protect their citizens but not at the cost of
1
To E-File or Not to E-File
Mon, Feb 10th 2014 1:11p   Liana Lichtenwalner
While Shakespeare is better known as an excellent playwright, vivacious actor, and sublime constructor of the English language, he also has a not-so-well-known, historical record for tax evasion, hoarding, and the selling of grain at atrocious prices during years of famine. Although we are not here to discuss the moral ethics of Shakespeare, we should ask ourselves “to e-file or not to e-file.”  As the season for filing your taxes approaches and with many already waiting for their returns,
4
Bugged- A Glitch in Google Voice Recognition
Fri, Jan 31st 2014 9:11a   Liana Lichtenwalner
Bugged and tapped conversations have been used throughout history by all kinds of people from allies to enemies, heroes to villains, and detectives to outlaws. History would tell quite a different story if bugged conversations did not exist, but what about your own conversations? Could your computer microphone be the bug in your home or office? Unauthorized sites could be using a glitch in Google Chrome’s voice command to record your private conversations right from your own computer, compromi
3
World’s Largest Beverage Company Compromised
Thu, Jan 30th 2014 12:11p   Rob Bellefeuille
The importance of encrypting data has become more prevalent with recent data breeches at retail stores and social networking sites. The latest company to join the list of offenders or victims, depending on how you look at it, is Coca-Cola. Last week the Wall Street Journal (WSJ) reported that Coca-Cola had exposed a security breech from within their own company, compromising the personal information of about 74,000 North American employees and contractors. The breech was due to a few laptops bei




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition