security Archives | Perficient Digital
Posts Tagged with security

Azure Active Directory Setup with Multi-Factor Authentication

I was recently asked to setup an eCommerce Windows site environment that can be managed from a centralized location and comply with the Payment Card Industry Data Security Standard (PCI DSS). Active Directory is the solution from where Windows servers can be controlled and managed using Domain Users and Group Policies. However, an additional layer […]

Read more

Mastering AEM Dispatcher Part 7: Securing the Dispatcher

We’re locking down the AEM Dispatcher as we continue in the series, Mastering the AEM Dispatcher. In this post, we’ll discuss gotchas with Sling Servlets and the AEM Dispatcher and a tool to scan your Dispatcher for common security issues. The AEM Dispatcher is not just a caching engine and load balancer is the first […]

Read more

Fortifying your eCommerce Servers with a Bastion Host

Ensuring the security of business-critical servers hosting e-commerce websites is a challenge in itself. And with the internet becoming an increasingly hostile environment, with threats of all kinds lurking around and ready to exploit, one needs to be a step ahead and increase the perimeter of their security. A bastion host, as the name itself […]

Read more

Get Ready for New Closed User Group in AEM 6.3

Adobe Experience Manager (AEM) 6.3 ships out with new Closed User Group (CUG) implementation. The new implementation is based on Apache Jackrabbit OAK module named oak-authorization-cug. The new implementation provides authorization to view content for specific principals with read access to the target node and its subtree, without interfering with other access control lists’ (ACL) […]

Read more

Sitecore Security Settings Involving the Home Item

Usually the Home Item in a Sitecore site infrastructure is a key item since all other pages of the site are descendants of this one item so if the wrong thing happens to this item, the site can go down.  So this particular item tends to get protected from a security stand point. A short […]

Read more

Security and Compliance in the Adobe Cloud Products

Whenever an organization considers moving systems to the “cloud”, the first question that comes up is: “What about security?”  This is an extremely important question and is almost always a showstopper for people new to the cloud.  If you move data to the cloud and don’t consider the consequences of not complying with industry and […]

Read more

Google Search for Work 101: Guide to Security

Well, I am probably going to kick myself for trying to do this, but I have finally decided to write an overview of Google Search Appliance security.  I realize this is a bit like trying to write an article on how the Internet works – the topic is broad, it has been covered by many people […]

Read more

My Top 7 Google Security Tips for Users and Admins

I.  Create Safe and Secure Passwords – By far the easiest way to access your mail account for nefarious activity is by using a stolen password. Google Apps User Make sure you create safe and unique passwords for all your important accounts Make sure you store your passwords in a secure way Try using a password generator […]

Read more

Is your Google Search Appliance platform secure?

If you have read Google’s product literature, you know that the Google Search Appliance is a very secure device.  The bright yellow appliance runs a hardened version of CentOS, and the inner-workings are safely hidden behind root login. So, assuming we are dealing with an appliance with Fort Knox-level protection, what risks remain?  Below are several potential […]

Read more
Protect your GSA against an OpenSSL Vulnerability

Protect your GSA against an OpenSSL Vulnerability

You may have read recent media coverage about the SSL/TLS MITM vulnerability (CVE-2014-0224).  OpenSSL.org describes this vulnerability as follows: An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic […]

Read more