Browse by Tags

• authentication
• biometrics
• configuration
• email
• identity
• NAP
• passwords
• protection
• security policies
• security science
• threats
• wireless

Did you know that you ALREADY have an e-mail policy?

An email access policy can be expressed in one of two ways: E-mail is mission critical to our business. Therefore, we permit employees to read and compose e-mail from any location in the world where employees can access the Internet, using either company-issued Read More...

Posted 10 September 06 05:34 by Steve Riley | 7 Comments   
Filed under access technologies, protection, security policies, risk mitigation, email

Configure your router to block DOS attempts

Some time ago I had a discussion with a friend. He disagreed with my recommendations on how to configure a border router and the firewall behind it. I claimed that in the border router between you and your ISP, configure the six rules to block most denial Read More...

Posted 10 July 06 01:27 by Steve Riley | 13 Comments   
Filed under access technologies, configuration, protection, security policies, threats, risk mitigation

What do YOU need out of two-factor authentication?

Two-factor authentication continues to grow in popularity and emerge as a security requirement for many people I meet with. At Microsoft, we use smartcards internally for VPN access right now; soon we'll be requiring smartcards for domain logon, too. Read More...

Posted 20 April 06 03:37 by Steve Riley | 43 Comments   
Filed under access technologies, authentication, identity, passwords, security policies, biometrics, risk mitigation, email

August article: 802.1X on wired networks considered harmful

Several months ago I learned from Svyatoslav Pidgorny, Microsoft MVP for security, about a problem in 802.1X that makes it essentially useless for protecting wired networks from rogue machines. Initially I was a bit skeptical, but the attack he described Read More...

Posted 11 August 05 10:55 by Steve Riley | 16 Comments   
Filed under access technologies, authentication, protection, security science, threats, NAP, wireless, risk mitigation

Search

This Blog

• Home
• About
• Email

Tags

• access control
• access technologies
• Active Directory
• advertising
• authentication
• aviation security
• biometrics
• BitLocker
• blogging
• conferences and seminars
• configuration
• email
• encryption
• false claims
• group policy
• home and family security
• identity
• IPsec
• ISA Server
• malware
• music
• my book
• NAP
• networking
• passwords
• patch management
• physical security
• protection
• public policy
• risk mitigation
• RMS
• security myths
• security policies
• security science
• security theater
• spam
• SSL/HTTPS
• TechEd
• Terminal Server
• the trade press
• things that make me angry
• things that make me laugh
• things that make me worried
• threats
• VPN
• Windows Vista
• wireless

Archives

• June 2008 (2)
• April 2008 (1)
• February 2008 (7)
• January 2008 (1)
• November 2007 (1)
• October 2007 (3)
• September 2007 (5)
• August 2007 (2)
• July 2007 (4)
• May 2007 (2)
• April 2007 (1)
• February 2007 (1)
• January 2007 (3)
• December 2006 (2)
• November 2006 (3)
• October 2006 (2)
• September 2006 (6)
• August 2006 (1)
• July 2006 (3)
• June 2006 (1)
• May 2006 (2)
• April 2006 (2)
• March 2006 (5)
• February 2006 (2)
• January 2006 (3)
• November 2005 (5)
• September 2005 (4)
• August 2005 (2)
• July 2005 (5)
• June 2005 (5)
• April 2005 (3)
• March 2005 (2)
• February 2005 (2)
• January 2005 (1)

Syndication

• RSS 2.0
• Atom 1.0