In March, Google launched the latest salvo of their public feud with Symantec over risk management of HTTPS credentials. Google Chrome developers announced plans to stop recognizing all extended validation status certificates issued by Symantec-owned Certificate Authorities (CA). This mass…

Wi-Fi is a technology for wireless local area networking using radio wave transmission and based on the IEEE 802.11 standard. Wi-Fi is used widely in private homes as a convenient and inexpensive method of networking. Many businesses and public places provide Wi-Fi as an amenity for both…

Every security engineer is no doubt familiar with the critical principles of security, namely the CIA Triad:  Confidentiality, Integrity and Availability (or, AIC Triad). [1]  If the Gartner Group has its way, there soon will be a fourth pillar to the CIA Triad:  Safety. …

Data Provenance (DPROV) in the health Information Technology (IT) context refers to the creation of health IT data and the tracking of its permutations throughout its life cycle.  As the demand for data exchange increases, the need for confidence in the “authenticity, trustworthiness and…

Until passwords are extinct, we must manage them. After passwords are extinct, we must manage their replacements.

For those familiar with the Federal Information Security Management Act (FISMA) evaluations, the concept of Authenticator Management should be familiar from the…

Technologies in the healthcare IT industry are converging with time and are far out pacing the legacy systems used by hospitals and healthcare providers. Cloud technology offers a replacement for these legacy systems  with easier and faster access to this data as defined by the way it is…