One of our fellow CTOs asked us a question recently, “Say you’re using a 3rd party Identity Provider for User Account Management and there are operations that require a SUDO/God mode with elevated permissions assertions (maybe via SMS verification or some other form of assertion such as re-entering the password). How do you do it?” This is a very good … Read More
Why you should get rid of home-grown password systems immediately
While Application Security is a complicated issue and deserves a playbook of its own, software development companies and developers alike should start taking the first steps in the forefront of application security, and that involves, getting RID of homegrown password systems.
The Case for Decentralized Blockchain Identity
What does Identity mean to you? Hint: It depends on the context you are looking at the identity in. Different people have different meanings for identity. For a Bank, Identity might be your Account Number and your Social Security Number. For the SEC, it might be anything that validates KYC. For Hospitals, it is your Healthcare record For you favorite … Read More