Home / Tag Archives: multifactor authentication

Tag Archives: multifactor authentication

Defense Innovation Board Issues White Paper on Zero Trust Architecture

The Defense Innovation Board approved at its quarterly meeting in Silicon Valley a white paper calling for the Pentagon to implement zero trust architecture to counter cybersecurity threats, Fedscoop reported Wednesday. The document titled “The Road to Zero Trust (Security)” notes that ZTA can help the Department of Defense track and block threat actors and manage rules of access for devices and users across the department to facilitate secure data sharing.

Read More »

Jose Arrieta: HHS Eyes Blockchain Tech Partnership With DISA for Identity Verification

Jose Arrieta, chief information officer at the Department of Health and Human Services, said HHS plans to team up with the Defense Information Systems Agency (DISA) to leverage the HHS Accelerate blockchain procurement system in identity management, Federal News Network reported Thursday. Arrieta said he plans to meet with DISA officials to discuss a pilot project to link the blockchain tool to a user’s mobile phone or wearable device to better track behavioral data for identity verification.

Read More »

Michael Duffy on Agencies’ Compliance With DHS Directive on DNS Tampering Campaign

Michael Duffy of the Department of Homeland Security said there are only “a handful” of agencies that still need to comply with the requirements of an emergency directive that DHS released in January to address Domain Name System tampering activities, FCW reported Friday. Duffy, acting deputy director of DHS’ federal network resilience division, said during a Thursday meeting of the Information Security and Privacy Advisory Board that those agencies deal with "external dependencies" on DNS providers that make the process challenging to adopt multifactor authentication.

Read More »

DHS’ Christopher Krebs Issues Directive to Address Domain Name System Tampering Campaign

The Department of Homeland Security has released an emergency directive to guide federal agencies how to address Domain Name System tampering activities. Attackers compromise DNS by targeting user credentials, altering DNS records and accessing valid encryption certificates that allow them to decrypt the redirected traffic, Christopher Krebs, director of DHS’ Cybersecurity and Infrastructure Security Agency, wrote in the directive released Tuesday.

Read More »

GSA Unveils Changes to SAM.gov User Info Verification, Login Procedures

The General Services Administration has established new controls for its online registration platform for government contractors and federal assistance requests in an effort to build on measures implemented earlier this year to address alleged fraudulent activity. GSA said it will no longer require entities creating or updating their registration in the System …

Read More »

Inspector General: DOI Must Update Logical Access Controls to Protect Sensitive Data

The Interior Department‘s Office of Inspector General has recommended that DOI update its logical access control policies in order to meet current sensitive data protection requirements established by the National Institute of Standards and Technology. DOI OIG said in an Aug.8 audit report it reviewed the department’s security policies and procedures that apply to its computer …

Read More »