Browse by Tags

• biometrics
• configuration
• email
• identity
• IPsec
• NAP
• passwords
• protection
• risk mitigation
• security policies
• security science
• threats
• wireless

What do YOU need out of two-factor authentication?

Two-factor authentication continues to grow in popularity and emerge as a security requirement for many people I meet with. At Microsoft, we use smartcards internally for VPN access right now; soon we'll be requiring smartcards for domain logon, too. Read More...

Posted 20 April 06 03:37 by Steve Riley | 43 Comments   
Filed under authentication, email, identity, risk mitigation, security policies, passwords, biometrics, access technologies

How to secure your wireless network

I'm now a contributing editor for TechNet Magazine . Everyone with a TechNet subscription automatically receives it; if you don't have one, you can still get the magazine free . The magazine's published three issues so far: Winter 2005 , Spring 2005 , Read More...

Posted 11 November 05 11:43 by Steve Riley | 3 Comments   
Filed under authentication, protection, threats, wireless, access technologies

August article: 802.1X on wired networks considered harmful

Several months ago I learned from Svyatoslav Pidgorny, Microsoft MVP for security, about a problem in 802.1X that makes it essentially useless for protecting wired networks from rogue machines. Initially I was a bit skeptical, but the attack he described Read More...

Posted 11 August 05 10:55 by Steve Riley | 16 Comments   
Filed under NAP, authentication, protection, risk mitigation, security science, threats, wireless, access technologies

New column -- Using IPsec for network protection

I'm now writing semi-regular articles for TechNet. These are part of the security management series, and they're also linked from the security newsletter. The first column is a two-parter about IPsec. Part 1 describes the technology: how it operates, Read More...

Posted 10 February 05 09:59 by Steve Riley | 6 Comments   
Filed under authentication, configuration, identity, protection, IPsec, access technologies

Search

This Blog

• Home
• About
• Email

Tags

• access control
• access technologies
• Active Directory
• advertising
• authentication
• aviation security
• biometrics
• BitLocker
• blogging
• conferences and seminars
• configuration
• email
• encryption
• false claims
• group policy
• home and family security
• identity
• IPsec
• ISA Server
• malware
• music
• my book
• NAP
• networking
• passwords
• patch management
• physical security
• protection
• public policy
• risk mitigation
• RMS
• security myths
• security policies
• security science
• security theater
• spam
• SSL/HTTPS
• TechEd
• Terminal Server
• the trade press
• things that make me angry
• things that make me laugh
• things that make me worried
• threats
• VPN
• Windows Vista
• wireless

Archives

• June 2008 (2)
• April 2008 (1)
• February 2008 (7)
• January 2008 (1)
• November 2007 (1)
• October 2007 (3)
• September 2007 (5)
• August 2007 (2)
• July 2007 (4)
• May 2007 (2)
• April 2007 (1)
• February 2007 (1)
• January 2007 (3)
• December 2006 (2)
• November 2006 (3)
• October 2006 (2)
• September 2006 (6)
• August 2006 (1)
• July 2006 (3)
• June 2006 (1)
• May 2006 (2)
• April 2006 (2)
• March 2006 (5)
• February 2006 (2)
• January 2006 (3)
• November 2005 (5)
• September 2005 (4)
• August 2005 (2)
• July 2005 (5)
• June 2005 (5)
• April 2005 (3)
• March 2005 (2)
• February 2005 (2)
• January 2005 (1)

Syndication

• RSS 2.0
• Atom 1.0