FB pixel

Digital identity, access management efforts are dangerously fractured — insiders

Categories Access Control  |  Biometrics News  |  Trade Notes
 

cybersecurity online authentication

Threat complexity outstrips the identity and access management capabilities of governments and businesses, and the situation is made worse because digital identity management tactics and strategies are uncoordinated.

A survey of 150 U.S. IT executives paid for by ThycoticCentrify, a recently-merged privileged access management vendor, found that 89 percent had deployed credible management in cloud and multi-cloud environments.

But 40 percent of respondents said multi-cloud layouts have become a pain to work with. They reported that they are using different IAM tools for each cloud services. For context, 75 percent of those responding said they started adopting cloud strategies for digital identity three to six years ago.

Too often organizations lack of a coherent and integrated strategy even as cyber threats grow in number and in scale, and are tailored to national and world events such as the pandemic. Nine in 10 attacks on cloud environments in the last year were made possible by compromised privileged credentials, according to the survey.

Uncoordinated strategies bedevil the federal government, too.

Speaking at a cyber defense summit this month, Chris DeRusha, the federal chief information security officer, said that agencies deliberately cut themselves off from other agencies when preparing IAM budgets.

At the same time, officials are falling for vendor marketing that confuses the issue.

Zero trust is fairly widely accepted as something to implement in keeping data secure, but, said DeRusha, that is a strategy, not a product. Companies are pitching digital identity products they have had been selling for some time as new zero trust products.

It is a strategy for securing data stores and access which includes credible technology, he said.

In a Nextgov article, DeRusha listed three principle of zero trust: user verification, device validation and intelligently limiting access.

Article Topics

 |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Biometrics startup gets accelerator backing for Africa, Middle East expansion

Startup Vove ID has secured funding from The Baobab Network to support an expansion of its biometric KYC and AML…

 

NHIs see new funding, products and security approaches

Non-human identities (NHI) like AI agents now outnumber human users in many organizations. Companies are coming up with products to…

 

White House includes NSF research on deepfakes among threats to free speech

The U.S. National Science Foundation (NSF) has new priorities, and while some might call them great priorities – tremendous priorities,…

 

Infineon powers demo of edge biometrics for user onboarding

Edge AI and embedded systems developer embedUR unveiled a pair of solutions for computer vision and biometric onboarding made with…

 

Fintechs crucial to trust needed for financial inclusion: Rwanda Stock Exchange CEO

The growing emergence of fintechs in Africa represents major hope for the continent’s financial inclusion efforts. However, one serious problem…

 

Age assurance enforcement concerns raised as porn sites drag feet

A barking dog is alarming, but if it has no legs, it’s not scary for very long. This is particularly…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events