Author Archives: joshjlambertco

Implementing Zero-Trust Azure DevOps Environment for Secure Code Deployment

At a previous job, where I was a senior sysadmin, I put together a proposal for a zero-trust approach to building a shipping code for both customer-facing apps and IaC work. I don’t know if it’s been adopted, but my current company is discussing something similar. Here’s a general outline, i’d be interested to getContinue reading “Implementing Zero-Trust Azure DevOps Environment for Secure Code Deployment”

What sort of magic is fingerprint authentication?

All biometric identification forms broadly contain four qualities: everyone has it, everyone’s is unique, the characteristic remains stable over time, and it should be easy to collect. Fingerprints, unlike some other forms, like facial scans, generally require the cooperation of the individual being enrolled in biometric authentication; when the characteristics of their fingerprint will beContinue reading “What sort of magic is fingerprint authentication?”

BIOS Malware? Scary, but preventable.

There are different types of BIOS out there, though mostly in computing we encounter 16-bit conventional BIOS, or BIOS firmware based on UEFI specifications. Despite their differences, in many cases the two terms are both referred to as BIOS, though there is an important distinction when it comes to security settings like Secure Boot, orContinue reading “BIOS Malware? Scary, but preventable.”

How do MFA Tokens work, anyway?

So you’re curious about the backend processes for tokens that generate one-time-passwords (OTPs) such as the RSA token, or something like an authenticator app? First, it’s important to note, that there’s a distinction between something like a Duo challenge and response and a code generator, like Microsoft authenticator and similar apps. An app like Duo, whenContinue reading “How do MFA Tokens work, anyway?”