Research describing a more successful attack on the new Secure Hash Algorithm will be published later this month, but SHA-3 remains much more powerful than the best attacks yet discovered.
The company has added NIST-certified encryption to its USB and module bay self-encrypting drives.
Testing by NSS Labs shows that not only do antivirus products miss known exploits, they often are blind to the same ones, opening windows of opportunity for attackers -- particularly against legacy agency systems.
The group has brought the Trusted Platform Module in line with government requirements, but security standards must keep pace with mobile computing and rapidly changing threat environments.
The explosive growth in information generated by security tools is putting a premium on the ability to analyze large volumes of data, say experts, who also call for active defense.
An incomplete transition to a new IT security framework has left weaknesses in some systems holding sensitive census information, according to a GAO report.
Mobile devices can be a risk to secure environments. A CACI exec says one approach to security has been to alter the hardware of Apple iPads.
Project would use public-private partnerships to create easier, more secure authentication that would support online government services and commercial transactions.
After 16 years of plans, strategies and regulation, federal IT security is one of 30 program areas designated by government auditors as high risk.
Security is a natural concern for agencies building mobile applications. Here are a few important points to keep in mind.
The Fast Identity Online Alliance will release a protocol to make secure log-in more user friendly, making it easy to replace passwords with stronger authentication.
Some cloud providers struggle to meet requirements such as multi-factor authentication, FIPS 140-2 compliance and providing a complete boundary definition, GSA's Kathy Conrad says.