Microsoft’s Security Study & How Regulations Can Hinder Security Advances | Sword & Shield Enterprise Security, Inc.

To what extent are you able to make live easier for your users, or to innovate in your security policies, before you run up against regulations?

Cormac Herley, a principal researcher for Microsoft, published a study last year that, among other things, finds that changing passwords adds no real value from a risk or security standpoint. Herley focuses heavily on the cost-benefit trade-off of regularly changing passwords (and its negative effect on productivity) versus the cost associated with password compromises.

Herley’s study gives some much-needed attention to an opinion many of us in the security industry have been expressing for years: much of the old security advice that has been handed down for 20 or 30 years is either no longer relevant, or was never effective to begin with.

via Microsoft’s Security Study & How Regulations Can Hinder Security Advances | Sword & Shield Enterprise Security, Inc..

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s