Posted by:
admin
13 years, 7 months ago
Dark Reading is reporting that Best Buy has suffered a second loss of customer data - e-mail addresses - through another vendor (not Epsilon).
I feel for these email service providers because their situation is complex. They have a lot of customers and users; some users have multiple accounts (they probably work with marketing agencies that manage multiple clients on a single service); their customers and users may not want any additional security.
Fortunately for email marketers at least 2 factor authentication is getting easier and less expensive. You can get started with WiKID for just $240 per year plus hardware/hosting costs. Your expenses would only grow with new users.
The tricky part can be working with agencies that handle multiple accounts. I know of one situation where a user at an agency was compromised, resulting in the loss of data at an email marketing firm for multiple companies.
If your application supports this type of authorization, then great. If not, what do you do? WiKID can help here too. Our use of asymmetric encryption allows the WiKID token to basically perform federation at the token level. This means that the agency power-user can have multiple identities on one token.
It should be abundantly clear that outsourcing services will need to upgrade their security. 2-factor authentication will indubitably be a 'check-box' requirement to be an out-source option for large companies.
Share on Twitter Share on FacebookRecent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)