The technique that uses both contextual and historical user information along with data supplied during an internet transaction to assess the probability of whether a user interaction is authentic or not is called risk based authentication. Traditional username and password along with information such as who the user is, from where the user is logging… Continue reading Risk Based Authentication
Category: Risk Management
Security Management Practices
Security Must Haves in a SaaS Provider
The past year was a learning curve on Cloud Computing, especially on SaaS providers. More and more ASPs are coming back rebranded as SaaS provider. As a security practitioner, it would be good to have a must have check list that we need to use to assess them. I prepared the following must have check… Continue reading Security Must Haves in a SaaS Provider
Saas as a Strategy
Should we adopt SaaS as a Strategy? A discussion.
Critical Security Controls
What are the Critical Security Controls per US federal organizations? Important points and thoughts.
Protect Medical Records
Do we trust our medical history with our physicians and hospitals? Such information need to be encrypted or obfuscated.