Every two weeks we deliver a curated digest of Identity Management and Cybersecurity News to security leaders, IT professionals, and CISO/CSOs. Based on subscriber feedback, we’ve selected the most popular articles to highlight here.
BitLocker encryption can be defeated with trivial Windows authentication bypass
In its own documentation, Microsoft admits that preboot authentication is “unacceptable in the modern IT world, where users expect their devices to turn on instantly and IT requires PCs to be constantly connected to the network.”
If you use BitLocker encryption, you need to install the latest Windows patch immediately. In this article, Lucian Constantin walks us through the simple authentication bypass a hacker can use to access any data on BitLocker-encrypted drive. Read more >>
What you need to know about Dell’s root certificate security debacle
In addition to stealing information, including log-in credentials, from encrypted traffic, man-in-the-middle attackers can also modify that traffic on the fly. This means someone receiving an email from an affected Dell computer or a website receiving a request on behalf of a Dell user can’t be sure of its authenticity.
An attempt to streamline remote support went horribly wrong and exposed users’ encrypted communications to potential spying. The issue makes corporate users high value targets for Man-in-the-Middle (MitM) attacks, and affects more than just Dell machines. Read more >>
12 Books Every Identity Management Professional Should Read
For those information security professionals trying to push their organization into the modern era of IAM, it can be difficult to know where to start. IT workers, CIOs and CISOs looking for new IAM, Identity Governance Administration (IGA) or Identity Management as a service (IDaaS) solutions need a comprehensive overview in order to correctly plan, assess and deploy the right solutions for their organization.
This was the most-clicked link in our newsletter and includes a great selection of Identity Management books. While there are plenty of IAM downloads and resources online, its hard to match the detail and depth of a good book. How many of these have you read? Read more >>
10 Tips to Avoid an Identity Management Disaster
A newly inked contract may help ease the immediate pressure to get something done, but a failed project doesn’t make good financial sense and could mean you’ll have to make some undesirable career adjustments down the road.
This has been our most popular article on social media. More than half of all IDM projects fail the first time, yet all too often companies quickly select a technology and begin implementation. Don’t end up with an Identity Management disaster on your hands. Read more >>
If you enjoyed these articles, signup to receive the full bi-weekly Identity Management & Cybersecurity digest.
Have an article we should include? Leave it in the comments below.
Photo Credit: EFF Photos