Identity, authorization, and authentication are some of the hottest topics in cybersecurity right now, with 80% of attacks involving some form of compromised identity. The proliferation of cloud-based and managed infrastructure and primarily data-driven organizations has made identity and security a top priority for organizations and regulatory bodies. Here, we’ll talk about identity governance–what it… Read More
Passwords are our oldest form of digital security… and, in most cases, one of the weakest links in identity management and authentication. Phishing, database breaches, and poor digital hygiene have made authentication challenging for security and compliance. They have become the quintessential keys to our online kingdoms. As cyberattacks grow more sophisticated, there’s a mounting… Read More
Providers looking into StateRAMP authentication standards may find themselves staring into a stack of requirements documents across multiple security frameworks and government contexts. Not only is this unhelpful for these providers, but it also makes the process sound much more intimidating than it needs to be. In this article, we’ll take a high-level view of… Read More
Moving through the requirements of PCI DSS 4.0, we’re well over halfway through. During this journey, we’ve touched on cryptography, security and perimeter management, network security, authorization, and other critical security considerations. Now, we come up against the authentication and identity management problem with the eighth requirement. Authentication isn’t simply about passwords and CAPTCHAs, however.… Read More
In the financial industry, fraud is a natural and ever-present challenge. Digital banking and international finance have only compounded this problem, and anti-money laundering and fraud laws in the U.S. have evolved to address these issues. In modern times, the overlap of identity management, authentication, and identity assurance has led to more comprehensive forms of… Read More