Uncategorized

Innovating Security Compliance Through Open Standards

I’ve been fortunate enough to have been involved with open standards and open source communities for most of my career, and I couldn’t be more excited to continue that tradition with Easy Dynamics. I’d like to give a little bit of background on my journey thus far, then give my take on our recent announcement around the Open Security Controls Assessment…

Read More

Four Things We Love About the Executive Order on Improving the Nation’s Cybersecurity

The security of the federal systems we support is our top priority at Easy Dynamics. So we were thrilled to see the recent Executive Order (EO) on Improving the Nation’s Cybersecurity capture some of the key security themes that we regularly promote, like information sharing, zero trust architecture, secure software development, and response capabilities. Given the recent string of high-profile…

Read More

Presentation Attacks: From Mission Impossible To The New Normal

It’s a staple of the Mission Impossible franchise – Tom Cruise and his crew use advanced latex 3D face masks to impersonate someone else and enter a building, vault, or other restricted areas. This used to appear so futuristic and truly only the stuff of Hollywood movies.  Tom and his crew were giving us all a glimpse at what an impersonation attack…

Read More

Stimulus Bill: How An Investment Of $300M In Digital Identity Could Help Americans

The ability of individuals to recognize and trust each other plays a fundamental role in our economic and social interactions. Prior to the digital age, identification systems relied on physical documents and face-to-face interactions, a system that came with a high level of assurance. However, the proliferation of internet-enabled devices has made it substantially easier for malicious actors to disguise,…

Read More

Three ways the Digital Identity Legislation can improve the identity status quo

When I recently applied for a new credit card, the issuing bank sent me a letter to verify my identity first. The options were to either visit one of their branches to show my ID, mail in a copy of my ID, or provide a recent utility statement. Not wanting to take time out of my day to visit a…

Read More

Key Considerations for Organizational Privacy 

As summer turns to fall, our world is settling into the rhythms of life under COVID-19, preparing for another season of sweatpants, existential dread, and peanut butter cups for lunch. The drumbeat of COVID life also involves skyrocketing rates of digital interaction, with all the privacy implications that go along with it. As an enterprise information security professional, you can’t…

Read More

Do You Really Need A Blockchain?

Blockchain is (still!) all the rage at identity and cybersecurity conferences. Blockchain sounds new and exciting, looks slick on marketing materials, screams “innovation!,” powers cryptocurrencies like Bitcoin, and has been billed as a cure-all for a variety of use cases. The US Federal Government faces so many technical challenges that it’s no wonder there’s interest in a magical cure! I…

Read More

10 Things We Love About The NIST Privacy Framework

As cybersecurity and identity professionals, you might think we nerd out all day long talking about authentication, identity proofing, and federation – and you’d be mostly right. We are passionate about cybersecurity and identity but, for the record, we’ve been longtime privacy superfans. Frankly, we think good privacy enables good identity, not the other way around. Given NIST’s recent release…

Read More

10 Things We Love About The Updated Federal Identity Guidance 

On May 21, 2019, OMB issued a new cybersecurity memorandum, M-19-17 – Enabling Mission Delivery through Improved Identity, Credential, and Access Management, setting forth a modernized policy for the federal government’s approach to Identity, Credential, and Access Management (ICAM). This long-awaited memo represents a major overhaul of federal identity policy and strategically points agencies to the risk-based approach detailed in…

Read More

Supporting Multiple Environments in a single TeamCity Build Config

Having multiple build configs can clutter up the TeamCity dashboard and make maintenance bothersome. The use of inheritance and build templates can help with maintenance, but that doesn’t solve the issue of having a build config for each environment (DEV, TEST, PROD, etc). Using TeamCity service messages and the TeamCity REST API can help solve this problem and keep all…

Read More