Articles about Identity

Today, almost every organization and most individuals are using or experimenting with Artificial Intelligence (AI). There are plenty of examples of how it is changing businesses for the better, from marketing and HR to IT teams. What was once computationally impossible, or prohibitively expensive to do, is now within reach with the use of AI.

According to Gartner, approximately 80 percent of enterprises will have used generative AI (GenAI) APIs or models by 2026. As AI drives value for organizations, it is fueling further demand and adoption.

Continue reading →

The average organization has roughly 1,400 permissions for every employee, according to a new report from Veza.

The findings also show that identity teams face a daunting number of groups and roles to manage. With organizations averaging nearly 700 groups for every 1,000 users, it is difficult for admins to choose the least-privilege groups and roles that will meet the needs of any given employee, contractor, or service account.

Continue reading →

As we move away from passwords to other forms of authentication, there's increasing reliance being placed on technologies like biometrics.

But there's growing evidence that this technology could be flawed, with facial recognition exhibiting higher error rates for those with darker skin for example. We spoke to Dr. Mohamed Lazzouni, CTO of Aware, to discuss the ethical issue of bias in biometrics and what needs to be done to prevent it.

Continue reading →

A new report reveals that 67 percent of businesses routinely synchronize most of their users’ passwords from their on-premises directories to their cloud counterparts. This poses substantial security risks by creating a gateway for attackers to hack these environments from on-prem settings.

The report from Silverfort shows that in the rush to the cloud security gaps stemming from legacy infrastructure, misconfigurations, and insecure built-in features create pathways for attackers to access the cloud, significantly weakening a company's resilience to identity threats.

Continue reading →

A new report from IBM X-Force Threat Intelligence highlights an emerging global identity crisis as cybercriminals double down on exploiting user identities to compromise enterprises worldwide.

The 2024 X-Force Threat Intelligence Index report records a 71 percent spike in cyberattacks caused by exploiting identity as using valid accounts has become the path of least resistance for cybercriminals, with billions of compromised credentials accessible on the Dark Web.

Continue reading →

As organizations continue to embrace digital transformation to gain access to the cloud’s many benefits, this means that computing environments are evolving into borderless IT ecosystems. Digital identities are also evolving at pace and identity security is now a crucial aspect of cybersecurity. 

As we continue to digitally transform organizations, so the importance of secure and reliable digital identities has grown. 2024 is poised to usher in a multitude of innovations and trends in this area, ranging from advanced biometrics to the integration of artificial intelligence and machine learning to meet the changing needs of businesses, individuals, and governments.

Continue reading →

Most successful cyberattacks rely on compromised identity or social engineering. Yet this can be a major blindspot for enterprises with basic awareness of the problem lacking and a growing number of personal devices used for work.

We spoke to Jim Taylor, chief product officer of identity platform RSA, -- which recently published a report on the issue -- to learn more about the problem and how it can be addressed.

Continue reading →

Despite moves towards other means of authentication passwords are still widely used, making protecting digital identities a problem.

But identity affects other areas too, such as being able to verify content and devices, things which are likely to come more more into focus as we approach significant elections in the US and UK. Here are some expert views on the identity landscape for 2024.

Continue reading →

When we want to secure something highly valuable, say, a bag of ancient Spanish coins worth millions, we think of locking it behind as many layers as possible. For example, you might put it in a safe deposit box in a bank vault, nestled safely inside the institution that is itself blanketed with redundant physical security controls.

As organizations have become increasingly complex, so too have their associated layers of security around application access. Enterprises have tremendous amounts of applications and data, as well as users and devices with differing levels of permissions trying to access that data. To provide a consistent, IT-vetted method of creating, managing, storing, and authenticating the complexity of application access, we have arrived at Identity Provider (IdP) tools. IdPs are (typically) cloud-hosted services that store unique information used to identify users, organizations, and devices ("digital identities"), authenticate access requests, add/remove users, and provide security around these functions. Popular examples of solutions often used for IdP functionality include Okta, Microsoft Azure AD, and Duo.

Continue reading →

From letting hotels keep copies of our passports to handing over IDs for car hire or air travel, we seldom think twice about the implications of physically sharing our identity documents. By now, we’ve gotten accustomed to exchanging personal information in return for a product or service we value -- but we need to be more vigilant at a time when identity fraud is jumping as much as 37 percent.

Proof of a person’s identity is the key to accessing goods, services, financial accounts, and opportunities -- which makes identity a valuable target, motivating fraudsters to try to gain our trust to trick us into disclosing our personal information so they can impersonate us. They also hack into identity databases that store personal information of millions of consumers. As a result, the frequency of data breaches has increased exponentially. In fact in 2022 alone, identity theft reached a staggering $42 billion in the US.

Continue reading →

A new survey of 500 financial executives in the US shows a 17 percent increase in 'synthetic' identity fraud cases over the past two years, with more than a third of professionals reporting a significant surge of 20 to 50 percent.

The study by Wakefield Research for Deduce finds that despite the industry investing in fraud prevention, 52 percent of experts believe that fraudsters are adapting faster than defenses can keep up.

Continue reading →

A new study of IT and security leaders at 567 US-based enterprises finds over over 95 percent of respondents say they are gravely concerned about identity-related threats.

The report from Omada shows 72 percent say their organization's users have unnecessary access and overly permissive accounts.

Continue reading →

It’s no secret that Americans are becoming increasingly concerned about their digital identities.

Take the recent case in Louisiana, where a whopping 6 million public records were exposed as part of a global attack on third-party file transfer app MOVEit. The attack made users more wary of trusting their data to often-obscure third parties. A recent survey, conducted across 1,000 U.S. consumers by Thales found that 44 percent are afraid their identity will be stolen in a cyberattack, and a quarter have no confidence in the protection of their personal data.

Continue reading →

Back in May, when World Password Day was once again in the news, we asked whether the days of the password were numbered.

Rishi Bhargava, co-founder of Descope, agrees that passwords belong to the past. We spoke to him to discover more and find out how new technologies like passkeys are driving the change.

Continue reading →

An organization's identity data today is its linchpin. This invaluable asset binds an enterprise together, orchestrating access rights, establishing a unified and accurate view of users across various channels, and empowering informed security decisions.

However, the identity infrastructure is continuously becoming more complex as businesses expand their digital landscape, bringing more users, devices, and applications within their IT environment. With this increasing complexity, poor data management can engender substantial financial losses and jeopardize sensitive user and customer data.

Continue reading →