FB pixel

Digital identity, access management efforts are dangerously fractured — insiders

| Jim Nash
Categories Access Control  |  Biometrics News  |  Trade Notes
 

cybersecurity online authentication

Threat complexity outstrips the identity and access management capabilities of governments and businesses, and the situation is made worse because digital identity management tactics and strategies are uncoordinated.

A survey of 150 U.S. IT executives paid for by ThycoticCentrify, a recently-merged privileged access management vendor, found that 89 percent had deployed credible management in cloud and multi-cloud environments.

But 40 percent of respondents said multi-cloud layouts have become a pain to work with. They reported that they are using different IAM tools for each cloud services. For context, 75 percent of those responding said they started adopting cloud strategies for digital identity three to six years ago.

Too often organizations lack of a coherent and integrated strategy even as cyber threats grow in number and in scale, and are tailored to national and world events such as the pandemic. Nine in 10 attacks on cloud environments in the last year were made possible by compromised privileged credentials, according to the survey.

Uncoordinated strategies bedevil the federal government, too.

Speaking at a cyber defense summit this month, Chris DeRusha, the federal chief information security officer, said that agencies deliberately cut themselves off from other agencies when preparing IAM budgets.

At the same time, officials are falling for vendor marketing that confuses the issue.

Zero trust is fairly widely accepted as something to implement in keeping data secure, but, said DeRusha, that is a strategy, not a product. Companies are pitching digital identity products they have had been selling for some time as new zero trust products.

It is a strategy for securing data stores and access which includes credible technology, he said.

In a Nextgov article, DeRusha listed three principle of zero trust: user verification, device validation and intelligently limiting access.

Article Topics

 |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Network International seals deals to streamline digital payments in Egypt, Libya

United Arab Emirates-based payments processing company Network International is expanding its influence in North Africa’s digital payments landscape with deals…

 

DHS quietly built pathway to track Americans through advertising data economy

For years, the Department of Homeland Security (DHS) quietly experimented with turning the digital advertising ecosystem into a surveillance tool….

 

UK provides ‘some certainty and reassurance to DVS providers’ on digital ID

The UK’s consultation on digital identity is expected to begin next week. Currently, the government’s policy is fundamentally tied to…

 

Data cooperatives offer antidote to digital excesses, SafeGuarden’s Crack argues

Cooperatives emerged as a reaction to the excesses of the industrial revolution. In the digital context, an equivalent can give…

 

Tycoon 2FA phishing empire dismantled in global cybercrime crackdown

A sprawling cybercrime platform that helped thousands of attackers bypass modern authentication protections has been disrupted in a coordinated global…

 

AI fraud pushing pace on need for advanced deepfake detection tools

A blog post for GetReal Security by Dr. Edward Amoros, CEO of TAG Infosphere and research professor at NYU, looks…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events