Identity Management

Continuous Authentication: Security for an Evolving Threat Landscape

Employees enter login credentials and, once authenticated, gain secure access to valuable network resources and applications. However, requiring users to go through the authentication process only once is turning out to be a risk factor in itself. This process leaves organizations vulnerable to risk every time an employee steps away from their desk, clicks a link, shares a password, or misplaces a mobile phone. If a user authenticates only at login, credential misuse mid-session can go unnoticed.

Taking Mobile Authentication Mainstream

The online hub for the modern workforce is the mobile phone—making reliable, frictionless security critical. Without it, text messages, location data, contacts and any account information stored on the phone is at risk for theft and misuse. Moreover, the broader universe of enterprise applications accessed through the mobile device can be imperiled.

A Brief History of the Password & Why It Matters

“Success in creating AI would be the biggest event in human history. Unfortunately, it might also be the last, unless we learn how to avoid the risks.”

– Steven Hawking

Protecting Biometrics at Rest, an Essential Tutorial

Biometric authentication is fast and convenient. Touch your phone and it is unlocked. Look through an iris scanner and enter a secure room. Speak into your phone for hands-free authentication. Governments, law enforcement, airports, and corporations use it. However, is biometric authentication that simple? Not really when you consider the policy issues, privacy concerns, and complexity of biometric data protection.

Four Questions to Ask Your Identity and Access Management Vendor

Strong identity and access management (IAM) is vital to securing your business against cyber attacks, thwarting social engineering attempts and stopping hackers from stealing credentials. You need a solution that provides robust authentication and authorization, balanced with ease of use, to secure your sensitive data and systems.

With so many IAM solutions on the market, how do you choose the right one for your business?

HID’s Risk Management Solution as Threat and Fraud Detection for Financial Institutions

Not surprisingly, as threat and fraud detection solutions become more sophisticated, malware and other threats continue to evolve. In the arms race between banks and criminals, the most advanced cybersecurity solutions are needed to reduce the risks of identity theft, compromised banking credentials and outright stealing from customer accounts. HID’s Risk Management Solution (RMS) offers the security, flexibility and peace-of-mind financial institutions and their customers need.

Creating Trusted Identities Starts with Trusting Your IAM Vendor

Finding the right identity and access management (IAM) solution can be a challenge. With dozens of vendors and products in the marketplace, how do you pick the right one? The following is a guide to help you identify the unique needs, challenges and various factors in your organization to consider when selecting the perfect IAM solution and vendor to meet your security goals.

New York Cybersecurity Regulation — How to Deal with the Impact of 23 NYCRR 500

If you’re a financial services organization doing business in New York State, then you need to be compliant with the New York Department of Financial Services (DFS) Cybersecurity Regulation, known as 23 NYCRR 500. All banks, financial institutions, and similar businesses must understand their responsibilities under 23 NYCRR 500, particularly for strong authentication and securing data.

Multi-Factor Authentication and Single Sign-On Explained

The simple combination of a user ID and password is no longer good enough to protect our most vulnerable information. Identity theft, data breaches, malware, and malicious actors mean that digital security must evolve to stay one step ahead of security threats.

Strong, reliable security in a modern government, non-profit, SMB, or enterprise environment isn’t just important today; it's mandatory.

The best security must take into account the needs of the organization and the employee, balancing protection, encryption, and ease-of-use.

Business Email Compromise Attack – The Art of Impersonation

Business Email Compromise (BEC) is a type of phishing attack in which an attacker impersonates a high-level executive and attempts to trick an employee or customer into transferring money or sensitive data. According to the Federal Bureau of Investigation (FBI), as of 2018 this scheme has already caused $12.5 Billion in losses to companies. The FBI warned that there was a 60% increase in 2018 in fake email schemes that aim at stealing money or tax data. These figures support the fact that BEC attacks are technically simple but extremely effective in nature.