NIST 800-63-3

Authentication Token Cybersecurity and NIST 800-63-3

Posted on Posted in Authentication, Cyber Security, identity and access management, mobile security

In June 2017, the National Institute of Standards and Technology (NIST) released its updated Digital Identity Guidelines in Special Publication 800-63-3.  The draft of this publication gained a lot of press in 2016 for highlighting the cybersecurity risks when using SMS for multi-factor authentication.  While the final version has not had as much focus, the […]

Assured Identity – Giving Apps the Finger

Posted on Posted in Authentication, Cyber Security

I recently returned from the AFCEA Defensive Cyber Operations Symposium where one of the main topics was Assured Identity, particularly as it pertains to Mobility.  The DoD’s Public Key Infrastructure (PKI) is well established as is the use of two-factor authentication via a Common Access Card (CAC).  However, with the proliferation of mobile devices, CAC […]