Re-remembering AllowOverride

Apache’s AllowOverride option, which determines the control allowed via an htaccess file in a directory, can be an irritating little setting when you forget about it. This time around it caught me because I thought I had set it correctly and couldn’t...

Congress Considering Cybersecurity Law

Congress is continuing debate on changes to cybersecurity law(s). This would be the first major update since 2002 (the Federal Information Security Management Act of 2002, aka FISMA). We’re in the process of reviewing some of the drafts and looking at the...

Security Considerations – Single Sign On

Yesterday we had a conversation about single sign on and the potential for increased exposure because of the single security control. It’s an interesting challenge, minimizing the number of passwords people need to remember and use while maintaining layers of...