FB pixel

Digital identity, access management efforts are dangerously fractured — insiders

| Jim Nash
Categories Access Control  |  Biometrics News  |  Trade Notes
 

cybersecurity online authentication

Threat complexity outstrips the identity and access management capabilities of governments and businesses, and the situation is made worse because digital identity management tactics and strategies are uncoordinated.

A survey of 150 U.S. IT executives paid for by ThycoticCentrify, a recently-merged privileged access management vendor, found that 89 percent had deployed credible management in cloud and multi-cloud environments.

But 40 percent of respondents said multi-cloud layouts have become a pain to work with. They reported that they are using different IAM tools for each cloud services. For context, 75 percent of those responding said they started adopting cloud strategies for digital identity three to six years ago.

Too often organizations lack of a coherent and integrated strategy even as cyber threats grow in number and in scale, and are tailored to national and world events such as the pandemic. Nine in 10 attacks on cloud environments in the last year were made possible by compromised privileged credentials, according to the survey.

Uncoordinated strategies bedevil the federal government, too.

Speaking at a cyber defense summit this month, Chris DeRusha, the federal chief information security officer, said that agencies deliberately cut themselves off from other agencies when preparing IAM budgets.

At the same time, officials are falling for vendor marketing that confuses the issue.

Zero trust is fairly widely accepted as something to implement in keeping data secure, but, said DeRusha, that is a strategy, not a product. Companies are pitching digital identity products they have had been selling for some time as new zero trust products.

It is a strategy for securing data stores and access which includes credible technology, he said.

In a Nextgov article, DeRusha listed three principle of zero trust: user verification, device validation and intelligently limiting access.

Article Topics

 |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Identity industry rethinks fraud-versus-friction tradeoff

If you spend enough time with the biometrics and identity crowd, you will eventually hear someone whisper fretfully about the…

 

UK biometrics watchdog backs expanded oversight role for Scotland

The UK’s Biometrics and Surveillance Camera Commissioner (BSCC) has backed a stronger role for Scotland’s biometrics watchdog, warning that the…

 

OCR Studio launches neural network for document collages, updates deepfake detection

OCR Studio has launched a neural network technology that reliably detects document collages that fraudsters use during KYC and customer…

 

Evrotrust partners with Shufti as it expands digital trust services in DACH

Bulgarian national eID provider Evrotrust has signed an agreement with identity verification firm Shufti as it expands its presence in…

 

Heuristik targets healthcare biometrics with AI built for clinical conditions

Spanish biometrics company Heuristik has global ambitions, a personal origin story and government backing for its neural network focused on…

 

Smart glasses, mobile FRT normalize ambient biometric surveillance

Meta’s smart glasses and Immigration and Customs Enforcement’s (ICE) expanding use of mobile facial recognition point to a broader shift…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events