Some cloud providers struggle to meet requirements such as multi-factor authentication, FIPS 140-2 compliance and providing a complete boundary definition, GSA's Kathy Conrad says.
The growing use of remote devices to access government resources spurs NIST to revise its guide on how to select the right authentication technology for groups of users.
Paraben's Device Seizure 6 can break passwords, track where a phone has been and map the complete file system, including deleted data.
NIST's updated catalog of security controls addresses new threats and lets agencies adapt baseline controls to meet their specific needs.
The growth of IT services across the enterprise makes identifying users complex, but three government efforts aim to standardize and simplify access control.
As government pilots work out the details cross-platform authentication, ID systems by Google and Microsoft offer a preview of how they would work.
After a September 2011 data breach, FCC rushed to enhance security, but ignored security management practices and created unnecessary risks in its IT systems, GAO says.
Pen-testing, or red-teaming, can be an indispensable tool for discovering and correcting network security weaknesses, but if not done right, things can go terribly wrong.
NIST proposes a model for maintaining and revoking user identities in an increasingly complex online world.
Cyberattack traffic originating in China took a sharp jump in late 2012, according to the latest analysis of activity on Akamai’s global content delivery network.
The Postal Service has been tapped to build a pilot identity credential hub that would simplify secure access for citizens to online government services.
DNS' openness leaves it vulnerable to a variety of denial of service techniques, from brute-force floods to sophisticated recursive attacks.