In today’s mobile and cloud-first world, zero trust has become a key requirement for organizations looking to secure the digital infrastructures where their applications, data, users and devices reside.

There’s little doubt that COVID-19 changed the rules of the game where enterprise security is concerned. Historically, security models were based on 'castle and moat' style architectures where the enterprise’s network and data center were guarded by firewalls on the perimeter. When users left the 'trusted' enterprise network, VPNs were used to extend the enterprise network to them.

Continue reading →

A new report shows that 91 percent of organizations in the financial services, technology, telecoms, and aviation sectors worldwide intend to increase their spending on identity verification solutions in the next one to three years.

The report from Regula says 17 percent of businesses intend is to dedicate 11-20 percent of their IT budget annually to IDV solutions, with 15 percent of businesses opting for 21-30 percent.

Continue reading →

According to a new study 70 percent of companies report they're paying for identity tools they're not actively using.

The research from OneIdentity, which surveyed over 1,000 IT security professionals, shows 96 percent of companies are using multiple identity management tools, with 41 percent deploying at least 25 different systems to manage access rights.

Continue reading →

A Freedom of Information request by identity verification company ID-Pal reveals that complaints to the Financial Ombudsman Service in the UK regarding identity fraud soared over the COVID-19 pandemic, finishing 2020 at 44 percent higher than 2019.

Even as the pandemic came to an end numbers in 2021 were still over 18 percent higher than pre-pandemic levels in 2019. Figures so far this year suggest that if identity fraud continues at the same pace, 2022 will see a 10 percent increase in complaints compared to 2021.

Continue reading →

Around the world governments are increasingly keen on introducing digital identity systems for their citizens. These are seen as a secure way for people to access government and other services as these move online.

We spoke with Philipp Pointner, chief of digital identity at Jumio, to find out more about digital ID and its implications for security and privacy.

Continue reading →

Recent years have seen endless stories of human identity being exploited heavily in attacks. The malicious actors behind these attacks have compromised human identities (usernames, passwords and 2 factor authentication) to steal valuable data from countless companies and individuals. The COVID-19 pandemic and the shift to remote work dramatically increased the risks connected with human identities as people accessed corporate networks from many new locations and devices.

But while security departments have increased their investments in protecting human identities, many are still neglecting the risks connected with machine identities. Machines of all types including hardware, software and containers all need unique identities in order to connect and communicate securely, yet most businesses have very limited security controls in place to protect them. 

Continue reading →

Identity fraud is on the rise, with cybercriminals employing increasingly sophisticated techniques including realistic 2D/3D masks and deploying display attacks (e.g. showing a picture of a person on a screen) to try to spoof biometric verification systems.

Identity verification specialist Onfido is launching a new 'biometric liveness solution' called Motion which is aimed at increasing verification speed and ensuring that it’s seeing a real person.

Continue reading →

Identity data is frequently stored by organizations using a variety of sources, formats, and protocols, sometimes making it impossible to access essential identity information needed for security and business decisions. Without precise identity data, systems cannot decide what users should and should not be able to access which resources. Even worse, to make life easier for the admins, sometimes the default is overextending access and over-privileging accounts. This raises the possibility of a successful breach, as well as the possibility that it will go unnoticed for a longer period of time.

The number of identities linked to companies has also been increasing exponentially -- a recent study by Gartner Peer Insights  found that 60 percent of organizations have more than 21 identities per user.

Continue reading →

A new study reveals that identity sprawl is a major problem for organizations, with 60 percent reporting as many as 21 separate identities per user.

The report from Radiant Logic and Gartner Peer Insights looks at the rapid growth of enterprise identity silos, and the explosion of user information, attributes, and credentials that accompanies it.

Continue reading →

At this point in the history of cybersecurity, the concept of a network perimeter seems almost quaint. The perimeter was like a moat or castle wall designed to keep the bad guys out. But the days of employees and all their digital tools residing within an isolated secure area are long gone.

Today, the walls have crumbled, and the moat has dried up. Now we live in a world where people can and do work from anywhere. And they need access to resources that may be located on premises, in the cloud, or even in multiple clouds. The dramatic changes in how people work mean you can’t use location to determine who can and can’t be trusted. Today’s new demands require a new security model. And that model has a name, zero trust.

Continue reading →

The introduction of the cloud has brought a lot of change to the world. A big one for enterprises is that it’s no longer a necessity to guard data on-premises. Most organizations today rely on a hybrid approach to hosting their applications, with an average of three or more different clouds driving various applications in their infrastructures.

While the cloud has delivered plenty of benefits to these businesses and transformed the way they think about data and security, they’re not all properly managing and securing applications across the enterprise.

Continue reading →

According to a new report 84 percent of respondents say their organization has experienced an identity-related breach in the last year, with 78 percent citing a direct business impact as a result.

The report, from the Identity Defined Security Alliance (IDSA), finds that 98 percent of respondents report that the number of identities is increasing, primarily driven by cloud adoption, third-party relationships and machine identities.

Continue reading →

The Fast Identity Online (FIDO) Alliance -- a group of technology companies including Apple, Google and Microsoft -- recently announced its commitment to supporting passwordless authentication across its products. FIDO’s plans have been in place for nearly a decade and work started long ago on a system that lets users log in to their online accounts without a password but instead with a PIN, biometric, iris scan or with voice recognition.

FIDO’s approach is expected to be implemented across Apple, Google and Microsoft platforms later this year and FIDO believes this will provide better protection over legacy multi-factor authentication and better protection against malicious phishing attacks.

Continue reading →

Only 16 percent of respondents to a new survey have a fully mature identity and access management (IAM) strategy in place, yet 56 percent have experienced identity-related incidents in the last three years.

The study carried out by the Ponemon Institute for enterprise identity specialist Saviynt shows that the 84 percent without a mature strategy are currently dealing with inadequate budgets, programs stuck in a planning phase, and a lack of senior-level awareness.

Continue reading →

Ransomware, software supply chain attacks, data breaches, and more have become an almost daily occurrence in an increasingly challenging threat landscape.

Automated threat detection company Blumira has released a new report based on its security detections which reveals that identity-based attacks and living off the land behaviors were the top threats organizations faced in 2021.

Continue reading →