Security firm UpGuard found that a misconfigured Amazon S3 bucket belonging to the Democratic Senatorial Campaign Committee left the email addresses of more than 6 million U.S. citizens exposed to the internet. The bucket has since been secured.
Monzo, a U.K. mobile-only bank that plans to expand into the U.S., alerted about 480,000 customers to change their PINs this week after the company's security team found that a software bug meant some numbers were stored unencrypted in plaintext.
DirectTrust's new effort to develop a standard for instant messaging in healthcare could potentially help providers securely communicate in real time over multiple platforms, says Scott Stuewe, the nonprofit alliance's president and CEO.
Mergers and acquisitions, along with cloud adoption, are rapidly changing the pharmaceutical industry. Sandy Dalal of Allergan talks about how Okta identity and access management brings security stability and supports a zero trust framework.
A medical center and a children's hospital in Puerto Rico are victims of a recent ransomware attack impacting a total of more than a half million individuals. The combined incident is the largest ransomware breach reported to federal regulators so far in 2019. How is this threat evolving?
Many organizations use Active Directory as their domain network management tool of choice. But security experts warn that without locking down and regularly auditing AD, the ease of use that it provides to network administrators can also be tapped by hackers. Start here for essential defenses.
Warning: Attackers are abusing poorly secured and managed implementations of Microsoft Windows Active Directory to hack organizations and distribute ransomware. Fewer old operating systems and greater Active Directory security knowledge are helping mitigate the threat. But experts say more must be done.
Given the massive impact of the Equifax data breach, is the recently announced proposed settlement fair? One consumer advocate calls the money to be paid out by the consumer reporting agency the equivalent of a "parking ticket." Here's an analysis of the settlement's terms.
A major misconception about cloud IAM is that it's easy to implement, says Mark Perry, CTO for APAC at Ping Identity. Implementation poses challenges, and cloud IAM must be carefully integrated with other systems, he says.
Misconfigured file storage technologies and a lack of basic security controls are the root causes for the inadvertent online exposure of 2.3 billion files worldwide that contain personal information, including sensitive medical data, says Harrison Van Riper, a security researcher at Digital Shadows.
Enterprises today have many digital ways of interacting with their customers - and therefore just as many ways for authenticating those users and transactions. Sesh Venkataraman of CA Technologies explains the business value of omnichannel authentication solutions.
Flat-out, traditional IAM practices are insufficient to secure a modern enterprise that relies on such diverse endpoints and connected devices. But API management can play a strong complementary role, says Jay Thorne of CA Technologies, a Broadcom company.