BPM’s David Trepp and Joshua Schmidt Write in ISACA Journal


The most common IT technical attack method is defeating passwords, credentials and authentication mechanisms. And with a set of stolen credentials or bypassed authentication, a validated user on the system can sidestep many security safeguards.

So how can business leaders protect themselves, their teams and their data in an era where some of the biggest businesses have failed?

BPM’s David Trepp and Joshua Schmidt from the Firm’s Information Security Assessment Services team take a deep dive into the topic of password management and provide tips for companies constantly playing defense against a sea of unseen hackers.

Read their article on The Gentle Art of Password Management in a recent edition of the ISACA Journal.

About David Trepp  

An avid technologist since he discovered programmable HP calculators in the 1970s, David has been a technology entrepreneur for over 30 years.  David’s led thousands of information security penetration test engagements for satisfied customers across all major industries throughout the United States and abroad. He has given dozens of presentations to audiences nationwide, on a variety of information security topics. David has worked in information security with commercial, healthcare, government, financial, utility, law enforcement and nonprofit organizations since 1998. 

About BPM’s Information Security Assessment Services  

The value of information security is often only recognized after a breach or incident has impacted a business and its bottom line. Without specific regulatory guidance, businesses are often unsure of the risk mitigation measures that are appropriate for their industry and threat environment. BPM understands how to balance information security and business needs. Our Comprehensive Penetration Testing service will identify vulnerabilities in your IT infrastructure, allowing you to make well-educated decisions on where to best allocate your resources. Learn more at

Related Insights