Browse by Tags

• access technologies
• biometrics
• configuration
• email
• IPsec
• passwords
• protection
• risk mitigation
• security myths
• security policies
• security science
• security theater
• things that make me laugh

Mythbusters beat "unbreakable" fingerprint door lock

My good friend Jamie Sharp sent me this link today. It's amazing: watch how Adam and Jamie easily defeat a fingerprint lock the manufacturer claims has never been broken. As if to snub the claims, they break it three times! Supposedly it monitors pulse, Read More...

Posted 20 September 06 10:15 by Steve Riley | 13 Comments   
Filed under authentication, identity, security theater, things that make me laugh, biometrics

Security myths and passwords

I like this a lot. http://www.cerias.purdue.edu/weblogs/spaf/general/post-30/ In the practice of security we have accumulated a number of “rules of thumb” that many people accept without careful consideration. Some of these get included in policies, and Read More...

Posted 30 April 06 09:07 by Steve Riley | 3 Comments   
Filed under authentication, identity, passwords, security myths, security policies

What do YOU need out of two-factor authentication?

Two-factor authentication continues to grow in popularity and emerge as a security requirement for many people I meet with. At Microsoft, we use smartcards internally for VPN access right now; soon we'll be requiring smartcards for domain logon, too. Read More...

Posted 20 April 06 03:37 by Steve Riley | 43 Comments   
Filed under access technologies, authentication, identity, passwords, security policies, biometrics, risk mitigation, email

It's me, and here's my proof: why identity and authentication must remain distinct

My February Security Management column is posted: http://www.microsoft.com/technet/community/columns/secmgmt/sm0206.mspx No matter what kinds of technological or procedural advancements occur, certain principles of computer science will remain -- especially Read More...

Posted 16 February 06 09:41 by Steve Riley | 7 Comments   
Filed under authentication, identity, passwords, security policies, security science, biometrics, risk mitigation

New column -- Using IPsec for network protection

I'm now writing semi-regular articles for TechNet. These are part of the security management series, and they're also linked from the security newsletter. The first column is a two-parter about IPsec. Part 1 describes the technology: how it operates, Read More...

Posted 10 February 05 09:59 by Steve Riley | 6 Comments   
Filed under access technologies, authentication, configuration, identity, protection, IPsec

Search

This Blog

• Home
• About
• Email

Tags

• access control
• access technologies
• Active Directory
• advertising
• authentication
• aviation security
• biometrics
• BitLocker
• blogging
• conferences and seminars
• configuration
• email
• encryption
• false claims
• group policy
• home and family security
• identity
• IPsec
• ISA Server
• malware
• music
• my book
• NAP
• networking
• passwords
• patch management
• physical security
• protection
• public policy
• risk mitigation
• RMS
• security myths
• security policies
• security science
• security theater
• spam
• SSL/HTTPS
• TechEd
• Terminal Server
• the trade press
• things that make me angry
• things that make me laugh
• things that make me worried
• threats
• VPN
• Windows Vista
• wireless

Archives

• June 2008 (2)
• April 2008 (1)
• February 2008 (7)
• January 2008 (1)
• November 2007 (1)
• October 2007 (3)
• September 2007 (5)
• August 2007 (2)
• July 2007 (4)
• May 2007 (2)
• April 2007 (1)
• February 2007 (1)
• January 2007 (3)
• December 2006 (2)
• November 2006 (3)
• October 2006 (2)
• September 2006 (6)
• August 2006 (1)
• July 2006 (3)
• June 2006 (1)
• May 2006 (2)
• April 2006 (2)
• March 2006 (5)
• February 2006 (2)
• January 2006 (3)
• November 2005 (5)
• September 2005 (4)
• August 2005 (2)
• July 2005 (5)
• June 2005 (5)
• April 2005 (3)
• March 2005 (2)
• February 2005 (2)
• January 2005 (1)

Syndication

• RSS 2.0
• Atom 1.0