Michael Mongold
Michael Mongold's Technology Security

The Case for Hybrid Identity-as-a-Service (IDaaS) Part II

The Case for Hybrid Identity-as-a-Service (IDaaS) Part II

| | access, advanced, Authentication, biometrics, certificate, dilemma, hybrid, IDaaS, identity, management, Michael, Mongold, OTP, Password, security, service, sso, strong, technology
In Part II of a four part series, Michael Mongold, Director of Enterprise Technology for PasswordBank, describes the challenges facing end users as they are faced with more locations where they must authenticate to, while using more (non-Windows) devices to access those locations ... Read More
Michael Mongold's Technology Security
The Case for Hybrid Identity-as-a-Service

The Case for Hybrid Identity-as-a-Service

| | Cloud, ESSO, hybrid, IDaaS, identity, Michael, Mongold, PasswordBank, PCI, Problem, security, solution, sso, web, Web/Tech
Hybrid Identity-as-a-Service (IDaaS) provides a clear path to reducing the dangers associated with cloud-adoption ... Read More
Michael Mongold's Technology Security
Bank accounts hacked for over 1 million dollars

Bank accounts hacked for over 1 million dollars

| | bank, blended threat, British, Command And Control, criminal, Eleonore, Exploit, malicious code, Michael Mongold, money mule, phoenix, sophos, trend micromicro, trojan, Yahoo, zeus v3
Last month, a British bank and its customers were hit by a coordinated and targeted attack by criminals that launched their efforts from Eastern Eu rope. In an impressive display of a blended threat, the crooks created advertising with malicious ... Read More
Michael Mongold's Technology Security
Researchers hack your vehicle (again)

Researchers hack your vehicle (again)

| | Attack, automaker, ECU, Hack, Michael Mongold, Rutgers, TPMS, USENIX, vehicle, Web/Tech
A few months ago, researchers with the University of Washington and UC San Diego released a paper detailing their "Experimental Security Analysis of a Modern Automobile". It presented a dark story where the electronic components of a vehicle, given the ... Read More
Michael Mongold's Technology Security
Intelligence Analyst poking around gets the shaft

Intelligence Analyst poking around gets the shaft

| | 902nd Military Intelligence Battalion, Brian Keith Montgomery, Fort Mead, Intelligence Analyst, Michael Mongold, National Geospatial-Intelligence Agency, NGIA
If you’re going to have security clearance at the National Geospatial-Intelligence Agency, then you should know that anytime you step out of your designated dataset, someone is going to know. That’s why it is hard to believe that Brian Keith ... Read More
Michael Mongold's Technology Security

US Government moves towards OpenID

| | AOL, Chief Information Officer, CIO Council, Department of Interior, E-Authentication, Equifax, Federal Identity Credentialing Committee, Federal Public Key Infrastructure Policy Authority, google, Gov 2.0 Summit, HSPD 12, Michael Mongold, National Institute of Health, O'Reilly, OpenID, Paypal, Technweb, Vivek Kundra, Yahoo
Jason Miller reports for Federal News Radio about the US government’s attempts to consolidate logins and potentially integrate current PIV card holders into a unified authentication and identity repository for accessing government services. It will be interesting to see where ... Read More
Michael Mongold's Technology Security

Implementing Identity Management? What to ask

| | identity management, Michael Mongold
This is a nice primer for those who don’t know where to start when contemplating an identity management solution. As with most things in technology security, knowing the right questions at the beginning and formulating the right policies is 90% ... Read More
Michael Mongold's Technology Security
Legal Hazards of Federated Identity

Legal Hazards of Federated Identity

| | Federated Identity, Federation, Identification Process, identity, liability, Michael Mongold, personal information, Scope of Assertion, Use of Assertion
Beyond the technical complexities of Identity Federation, Thomas Smedinghoff explains what is truly holding back wider-spread adoption of federated identification models. “’Who are you?’ is a fundamental question for all online business activities. Whether a company wants to allow employees, ... Read More
Michael Mongold's Technology Security

The breadth and complexities of identity management

| | Burton Group, CA, Enterprise Strategy Group, entitlement management, Federation, Forrester Research, Gartner, GCN, HSPD 12, IBM, Identity and Privacy Strategies, identity audit, identity management, metadirectories, Michael Mongold, Microsoft, Multi-Factor Authentication, Novell, OpenCard, OpenID, Oracle, password management, Peoplesoft EmpowHR, piv, privileged user, role management, Science Applications International Corp., Shibboleth System, SIAC, single sign on, Sun, User Provisioning, user-centric identity, virtual directories, web access management
From multi-factor authentication to single sign-on to user provisioning: identity management can be an incredibly broad and complex endeavor. In a great article, Drew Robb writing for GCN gives a high level example of why this industry is so nebulous ... Read More
Michael Mongold's Technology Security

Bio-Key wins with FBI

|
After shedding their law enforcement division last month, it looks like Bio-Key's focus on straight biometrics is proving fruitful. From Bio-key: BIO-key Biometric Technology Selected as Part of the Next Generation FBI AFIS System “FBI Next Generation Identification Automated Finger ... Read More
Michael Mongold's Technology Security