The growth of IT services across the enterprise makes identifying users complex, but three government efforts aim to standardize and simplify access control.
As government pilots work out the details cross-platform authentication, ID systems by Google and Microsoft offer a preview of how they would work.
After a September 2011 data breach, FCC rushed to enhance security, but ignored security management practices and created unnecessary risks in its IT systems, GAO says.
Pen-testing, or red-teaming, can be an indispensable tool for discovering and correcting network security weaknesses, but if not done right, things can go terribly wrong.
NIST proposes a model for maintaining and revoking user identities in an increasingly complex online world.
Cyberattack traffic originating in China took a sharp jump in late 2012, according to the latest analysis of activity on Akamai’s global content delivery network.
The Postal Service has been tapped to build a pilot identity credential hub that would simplify secure access for citizens to online government services.
DNS' openness leaves it vulnerable to a variety of denial of service techniques, from brute-force floods to sophisticated recursive attacks.
Most experts agree that you can't do it all by yourself, but there are practical measures agencies can take to shore up their networks against denial of service attacks.
Treating DOS attacks like a man-made disaster can help agencies determine the proper communication and technical response.
Denial of service attacks on the Domain Name System are becoming common, but an effective defense will require a few rule changes.
Brute-force denial of service attacks against networks are still the most common, but hackers are increasingly moving toward more efficient attacks on applications.