Skip to main content

The WiKID Blog

Viewing posts tagged pci

Updated OpenVPN & Two-factor authentication tutorial

We recently updated the tutorial on how to add two-factor authentication to OpenVPN AS over on HowToForge.   It's quite easy.

PCI compliance in the local news

The Atlanta-area transit authority was forced to accept only cash due to software errors it blamed on their efforts to meet PCI compliance.

ViTM - The Vendor in the Middle

Enterprise security architects are traditionally very wary of systems that rely on 3rd parties for access, uptime or security. Ironically, many of these same architects deployed RSA SecurID systems not considering (or heavily discounting) the fact that RSA kept copies of the seeds for licensing purposes.

PCI news & updates

According to this article on InformationWeek:

Security Missteps Made in the Name of Compliance

In the Five Security Missteps made in the Name of Compliance, Bill Brenner lists "How to Botch Multi-factor Authentication" first.  The point is that if you open holes for users that have forgotten their hardware tokens, you have circumvented your own security, eliminating the value of two-factor authentication.

Recent Posts

Archive

2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom