If employees use their same password at work and in their personal lives, another company's breach may weaken your own security. Five steps to mitigate the risk.
Home
elcome to the ISSA Connecticut! The Connecticut ISSA chapteris a leading movement devoted to improving information security. Through its membership, ISSA CT helps security professionals learn of information security issues and trends, which promote education, dialog, and leadership. Network. Collaborate. Learn. Excel at the all new ISSA Connectportal. Join us at our own ISSA Connect-icut community (members only).
With the rapid growth of mobile internet and smart phones, security short comings of mobile software and mobile data communication have shifted the focus on strong authentication.The existing user-id/password methodology, while tolerable for desktop/laptop, is inadequate for mobile use due to difficulty of data entry on a small form factor device and higher risk of the device getting in the hands of unauthorized users.While usage scenarios for both physical and logical access in health industry are at play, the current demand is dominated by logical access needs of many industries such as healthcare, financial services and enterprise content access applications.Existing solutions for strong authentication involve the usage of different tokens such as "RSA tokens", specialized hardware or software that generates an authentication code at fixed intervals.However, these are vulnerable to theft or physical loss of the device. The biggest drawback is that these token-based strong authentication methods don’t provide the non-reputability which is important in many enterprise applications.Often a single modality biometric authentication suffers from accuracy, universal coverage and robustness issues (e.g., due to noisy environment, changes in speaker's voice).Unacceptable rate of false accepts and false rejects lead to lack of trust and/or usability challenges to the end user. The combination of different unique biometrics signatures generated through multiple information/sensor channels available in a Smartphone can reduce the false accept/false reject rates significantly and thus address fraudulent use.In addition, his combination offers a great potential to design flexible and easy to use authentication flows from the usability perspective. he proposed Multi-factor biometric authentication solution will extend the existing mobile authentication solutions to a trusted strong authentication solution that would be seamless and continuous, thus achieving maximum security and at the same time a high level of usability and efficiency.
15:00 – 16:00Access GovernanceDan Peterson
Access Governance: One Company’s Story
Join us as we explore one enterprise's successful implementation of an Access Governance solution.Starting with a process that required 5 full-time people over 36 weeks (with poor results), they were able to successfully move to a 9-week cycle requiring only 1.5 people, with stellar results.In addition to explaining the project, the presenter will also provide a product demonstration, showing some of the scenarios put in place by this customer.
