Month: June 2011

FFIEC Updates Their Guidance. And The Winner Is…

In my last post, I mentioned that the FFIEC was preparing an update to their 2005 guidance on internet banking authentication. Well, that update is out, and Anil John couldn’t wait to let me know about it (:)). The update, entitled ‘Supplement to Authentication in an Internet Banking Environment‘ recognizes both the growth in online

So What Does Constitute “Reasonable” Security?

A couple of weeks ago, I tweeted about what I called a must-read article by Brian Krebs. Fellow identirati Anil John lamented yesterday that we hadn’t discussed this more in the community, and on second glance I can see why. The article covers a court case where the magistrate was basically asked to decide what

The Difference between Twitter as Utility and Twitter as IdP

The buzz, and confusion, around the Twitter-iOS integration is incredible, especially among the identirati. It’s created some very interesting twitter discussions, and some huge claims about what this means for Twitter, Apple and the social landscape in general. I’ve now seen a number of articles that equated the WWDC announcement as confirming that “Twitter is

Quick Thoughts on the Twitter-iOS Integration

One of the big announcements at yesterdays WWDC conference was the integration of Twitter into iOS 5 (those screenshots are nice!). Twitter fanatics are going gaga about this, talking about how this is a game-changer and even conjecturing on what the apparent Facebook snub means. However, what I want to know is – what does

Deploy Multi-Layered Security to Combat Insider Threats

Insider threats are back in the news in a big way. Bank of America revealed that an employee allegedly leaked a lot of accountholder information to a ring of criminals, which led to account hijacking and check fraud. And the goal of the RSA breach seemed to be emerging rather scarily with news of what