So I came across this interesting article about an insurance company that paid for the cost of a breach is now suing to get the money back from the insured company because of poor security practices. This potentially has huge consequences for organizations of any size.

Now not all insurance will cover the cost of a breach, but here we have at least one insurance company saying they will only cover breaches when the company at least makes some level of effort to follow best practices. They specifically note things like installing patches within 30 days of release, needing to change the default settings for access control and auditing their systems for detection of issues.

This seems to be a good push for forcing organizations to at least follow industry best practices, and strong authentication is a foundation of all security measures. For organizations needing to strengthen their security under tight constraints, solutions based on open source technology layered with easy to manage interfaces, such as GreenRADIUS, will become fundamental components for IT.