Dave Cullinane
Recent articles by Dave Cullinane
Second-factor authentication
Three or four years ago Howard Schmidt commented that we should have moved away from username and password as an authentication mechanism years before. I recall nodding in agreement with his statement. So I was hardly surprised when the The Federal Financial Institutions Examination Council (FFIEC) issued its guidance calling for the use of second-factor authentication in online banking. In the view of many vendors, this guidance — after an earlier FDIC advisory on internet banking security — “represents a definitive step toward eliminating single-factor authentication by financial institutions.” There are alternative views.
Feb 7 2006 7:46PM
Efficiency and effectiveness
I had the pleasure of attending a session with a "guturist" recently — a gentleman by the name of Michael Tchong. He spends much of his time analyzing trends and patterns in technology, human behavior and other areas and uses that information to forecast future trends and directions. While his technology and business predictions were fascinating, one of the comments he made struck me as particularly appropriate to those of us in information security:
"If you can't do it for the same cost or lower — outsource it."
Jan 11 2006 10:26PM
Law is nothing without enforcement
There is a great deal of legislation being proposed that could have a big impact on information security, most of it the result of concerns over ID theft.
Jul 21 2005 5:27PM
