Not All Background Checks Are Created Equal

Get Control of SSL/TLS Certificate Security

Web Application Authorization and Authentication Explained

Security for Embedded Applications: Authorization

In this video, we cover the second “A”: authorization, which refers to defining and enforcing privileges and permissions for a user. There are two common methods for authorizing users: role-based access control (RBAC) and the access control list (ACL). In the first, a user is defined as a member of group -- say finance administration -- and the group as a whole is assigned permissions. Another group in finance -- finance accounts payable -- could be assigned a different level of permissions. ACLs provide a finer-grained level of control. For embedding purposes, users, groups, and roles should be defined by the parent application. Read More

Security for Embedded Applications: Auditing

This video explains the importance of auditing to the security environment for embedded applications. Especially in highly regulated industries like healthcare and financial services, it’s not enough to correctly configure authentication and authorization. You have to be able to prove it that you’ve done it. External regulators and internal auditors will want to review a record -- an audit trail -- of user activities within the application. To provide that, the parent application logs user activities. The embedded application should support centralized logging so it can use the parent application’s logging environment. Read More