The Bedel Security Blog

Information security expertise exclusively for you.

Sign Up Today

Access & Authentication

1 min read

Is Your M365 Conditional Access Unconditional?

Brian Petzold: Sep 1, 2023

As attackers are finding new ways to get around multifactor authentication in Microsoft 365, conditional access is becoming more important....

Policy Remote Access Banks Access Access & Authentication Access Reviews
Read More

2 min read

“Banking” on Zero Trust: An Essential Shift in Cybersecurity

Tony Bushong: Jul 7, 2023

Ever heard Rick Howard's analogy of networks being like M&M candies? Imagine a hard exterior shell but with a soft, less secure core. Traditional...

Threats MFA Banks Access Access & Authentication Access Reviews Zero Trust
Read More

1 min read

Cloud Security Challenges

Vance Monical: Jun 30, 2023

As financial institutions increasingly embrace the benefits of cloud computing, the importance of cloud security cannot be understated. While the...

Cloud Access Banks Access Access & Authentication
Read More

2 min read

Addressing the MOVEit Vulnerability: Actions for Financial Institutions

Trisha Durkin: Jun 23, 2023

Financial institutions rely on numerous third-party providers to support their operations and deliver essential services. However, these partnerships...

Risk Threats Banks Access Access & Authentication 3rd party Third-Party
Read More

3 min read

5 Steps to Utilizing Key Controls

Chris Bedel: May 26, 2023

Recently we’ve received a number of requests for “Key Controls” from auditors or examiners for the financial institutions we work with. Fortunately,...

CySPOT Controls Risk Assessment Access & Authentication Key Control
Read More

2 min read

5 Things I Learned at a Bank IT Conference

Chris Bedel: Apr 28, 2023

I recently had the opportunity to attend, and speak at, the Southeast Community Bank I.T. Rightsourcing Conference in Georgia. It was a great 1-day...

Culture Access & Authentication IT Core
Read More

2 min read

Corporate Account Takeovers

Vance Monical: Apr 7, 2023

I want to talk about something that’s been on my mind a lot lately: corporate account takeover (CATO). As someone who has worked in the cybersecurity...

Threats MFA Banks Access & Authentication CATO Corporate Account Takeover
Read More

2 min read

The FDIC InTREX Gets Audited

Brian Petzold: Feb 10, 2023

While the FFIEC has released three major guidance updates since July 2019, the FDIC has not updated its examination program to include the newer...

Policy Controls Governance FFIEC Access & Authentication Audit Exam GLBA
Read More

1 min read

The What, Why, and How of Complementary User Entity Controls

Trisha Durkin: Jan 13, 2023

Reviewing Complementary User Entity Controls (CUECs) is an important part of any financial institution’s third-party management program. However, we...

Controls Access Access & Authentication 3rd party Third-Party Passwords Access Reviews
Read More

3 min read

Discussions Triggered from the LastPass Breach

Brian Petzold: Jan 6, 2023

Over the past month, many have written about the latest LastPass breach. If you have not kept up with the breach, you can see the disclosure from...

Risk Threats Controls Cloud Access MFA Access & Authentication Passwords
Read More
1 2 Next