Categories
Supply chain risk Best practices

The Anti-Checklist Manifesto: Spreadsheets and 3PR

Note: I spoke on this topic in September, 2021 at 44CON and you can watch the video here.

Categories
Authentication Access control Supply chain risk Best practices

Zero Factor Authentication

Are you asking the right questions to determine how well your vendors will protect your data?

Categories
Authentication Access control Sso Best practices

Stop Rotating Your Passwords

I’ve been arguing for years that we in information security aren’t doing anyone any favors when we demand that people use for passwords something impossible to remember, then we demand that they remember it, and then we insist that, for God’s sake, they never write it down.