In the online world, knowing and trusting who you are interacting with has been a problem for decades. When it comes to assessing the state of identity verification, "we certainly have a lot of problems to address," according to identity expert Jeremy Grant of Venable.
While multifactor authentication helps solve some of the problems with passwords, we still need to get to being truly passwordless, said Susan Koski, PNC Financial Services. She said adopting the FIDO standards, using zero trust and relying on authentication analysis can all help speed the journey.
Thoma Bravo has agreed to spend $12 billion on three high-profile identity acquisitions to help with the transition from on-premises licenses to cloud-based subscriptions. Vendors in the space must expand their customer success organization and shift incentives for the salesforce, said Chip Virnig.
While the concept of zero trust has been around for years and has been adopted by the federal government, most small- and medium-sized businesses still don't know how to implement zero trust, said Chase Cunningham. But progress is being made - with a big focus on automation.
As COVID-19 made remote work more prevalent, managing identity through both network and remote capabilities became a challenge for organizations. Zero trust is a big initiative for the Center for Internet Security, but applying zero trust principles to its infrastructure has not been easy.
Diabetic patients who used a Medtronic smartphone app for managing insulin levels are being told that Google may have collected certain personal information through the sign-in infrastructure. The disclosure comes amid a wave of healthcare providers reassessing their use of third-party tools.
Hardware-based authentication vendor Yubico plans to go public at an $800 million valuation by merging with a special purpose acquisition company. The Swedish firm said becoming publicly traded will accelerate Yubico's push to enter adjacent authentication markets and land clients in new verticals.
Healthcare sector entities have a special mix of identity and access management challenges, but other factors, including the shortage of skilled cybersecurity expertise, create even more obstacles, says Dave Summitt, vice president, cybersecurity, at Florida Cancer Specialists & Research Institute.
In the latest weekly update, Venable's Jeremy Grant joins ISMG editors to discuss how to defend against the increasing use of MFA fatigue attacks, takeaways from a recent U.S. probe into compliance issues related to Login.gov services and the latest updates on the Improving Digital Identity Act.
The FBI and other national police are touting an operation that dismantled Genesis Market, a marketplace used by ransomware hackers and bank thieves to gain ongoing access to victims' computers. Genesis Market since 2018 offered access to more than 1.5 million compromised computers around the world.
Remote access provider Splashtop has bought server and network access management vendor Foxpass to get better visibility across co-managed and multi-tenant environments. The acquisition of Foxpass will simplify the onboarding experience for developers while ensuring passwords aren't being shared.
Forrester recently published a report that shows over two-thirds of European security decision-makers have begun to develop a zero trust strategy, and public sector organizations are leading the way. Forrester's Tope Olufon shares the cultural and regulatory roadblocks to zero trust.
Okta Identity Governance has enjoyed success in its first quarter of global availability as businesses unify access management and governance. Okta is surprised by the amount of traction its governance offering has gained with large enterprises and in competitive bake-offs, says CEO Todd McKinnon.
The situation at LastPass keeps getting worse: The company says hackers implanted keylogger software on a DevOps employee's home computer to obtain access to the corporate vault. Customer vault data can be decrypted only with the end user master password, which LastPass doesn't store.
Twitter says it will turn off SMS second-factor authentication for all but paying customers starting March 20 in a decision provoking concerns that many customers will be less secure than before. Twitter says 2.6% of active Twitter accounts have activated second-factor authentication.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.