, 2005-10-18
People who lived through the Second World War, like my grandparents, had a very different view of money than those of us who grew up in the Information Age. Many of us still remember being told how foolish it is to keep one's life savings under a bed mattress, because the banks were known as trusted entities that will always do a better job of looking after your money. Even my grandparents, albeit reluctantly, came to realize that putting trust in financial institutions was the only way to go.
Expand all |
Post comment
Two-factor banking
2005-10-19
Todd Knarr (2 replies)
Todd Knarr (2 replies)
Re: Two-factor banking
2005-10-19
Anonymous (1 replies)
Anonymous (1 replies)
Re: Re: Two-factor banking
2005-10-19
Todd Knarr (1 replies)
Todd Knarr (1 replies)
Two-factor banking
2005-10-19
Anonymous (1 replies)
Anonymous (1 replies)
The regulation does not require two-factor authentication
2005-10-20
Anonymous (2 replies)
Anonymous (2 replies)
Two-factor banking
2005-10-20
Anonymous (3 replies)
Anonymous (3 replies)
What we have found is that auditors don't generally understand networking very well. Here's a good example.
During an OTS audit, the auditors got all wound up comparing the firewalls for two separate networks we've got. One was fronted by a Watchguard Firebox. The other had an OpenBSD box running a PF firewall. The Firebox was a fairly standard configuration. Essentially, nothing in everything out. The OpenBSD box was being used for a test network. At the time of the audit it only allowed HTTP and HTTPS out. Still nothing in.
They kept trying to tell us that we needed to swap out OpenBSD box and replace it with another appliance similar to the Firebox because a hardware-based appliance will always be more secure than a *nix-based box.
?
So while we are certainly going to implement certificates on both sides, we know the requirement to start using some piece of hardware is coming.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/363/32603#32603