Enterprise IT Security in the News: What You Need to Know

Enterprise IT Security in the News: What You Need to Know

You’ve worked hard on your identity management program. Now, it’s time to raise your head above water and see how you measure up to other organizations. Use this news roundup as a guide to inform and refresh your identity management strategy.

1. Identity Management Solves a Major Blockchain Problem

For years, there’s been one problem holding back blockchain technology. Just think about how cryptocurrency is portrayed in the TV show “Billions,” for example. It’s shown as a sneaky way to transfer large values of money without a trace. That lack of traceability is a problem for the enterprise. In 2019, identity management is adding value to blockchain technologies.

Here’s one example of this larger trend: Oracle’s Blockchain Platform Adds New Capabilities for DevOps and Identity Management.

2. The High Cost of Ineffective Identity Management

Persuading CIOs and other IT leaders to invest in identity management is tough. You have to compete against the demands of application development, IT training, and third parties. That’s why you need to know about new research showing the cost of weak identity management.

According to a survey of more than 500 IT professionals, weak identity management can cause an organization over $60 million in expenses and lost productivity every two years. If you’re in a reputation-sensitive industry such as financial services, the cost can be much higher.

Now, compare that cost to the investment required to implement Identity Anywhere. For less than $10 per user in monthly fees, you can improve identity management issues permanently. Yes, you’ll need to have a few employees provide oversight and support for identity management. However, that’s much cheaper than losing tens of millions due to weak identity management.

3. Multi-Factor Authentication by Smartphone Projected to Rise

The humble password is critical to keeping your organization secure. You can’t ask too much of passwords, especially when employees tend to reuse them. Instead of forcing staff to memorize 20-character passwords, more and more organizations are embracing multi-factor authentication (MFA).

Gartner, the IT research organization, projects that 70% of organizations will adopt smartphones for MFA by 2022. In 2018, only 5 percent of organizations leveraged smartphone apps as part of their MFA approach. That means you still have the opportunity to act as an early adopter.

Resource: Need to see examples of other leading companies using MFA to protect their systems? We’ve already researched the issue for you. Check out our article to learn more: Which Companies Use Multi-Factor Authentication with Their Customers?.

4. Password Reuse Contributes to HSBC Hacking Incident

Banks and other financial companies are subject to constant security attacks. When you consider the rewards available, this comes as no surprise. Banks know about this pattern as well, and they invest in security accordingly. That’s why any news story about bank hacking events needs to be studied, as it represents a successful attack against a highly motivated defender.

In 2018, approximately 14,000 HSBC customers were compromised through a credential stuffing attack. Unfortunately, customers reusing the same passwords across multiple services was a key contributor to this incident. To minimize the chances of this situation hitting your company, be sure to train employees to avoid password reuse disease. Find out how in our post: “Treating Password Reuse Disease in Three Steps.”

5. Biometric Authentication Is Coming to Credit Cards

Ten years ago, biometric authentication was limited to the military and the most paranoid corporate environments. That’s starting to change because of increased consumer adoption. Millions of customers have used biometrics on Apple devices since the most significant security flaws were fixed a few years ago.

Recently, biometric authentication took a major leap forward due to Mastercard’s announcement that it’ll use biometrics on its credit card products. As this practice becomes widespread, IT leaders will find it much easier to make a case for biometric authentication in the office. In fact, neglecting to support biometrics may cause your company to fall behind the competition.

6. GDPR Demands Better Customer Authentication

General Data Protection Regulation changed the game of security and privacy protection in 2018. Already, the regulation has had implications far beyond Europe, as American companies struggled to meet the new expectations. At first glance, it might not be obvious how this regulation impacts identity management. The connection is simple: if a customer contacts your company to invoke GDPR rights (e.g., the right to have personal data deleted), then you need a robust way to authenticate that person to prevent mistakes.

How to Keep up with Changing IT Security Without Going on a Hiring Spree
Keeping up with the changing IT threat landscape is tough. You probably can’t get approval to hire 10 more IT security analysts to cover off every risk. Instead, you should build a business case to implement an IT security automation solution such as Identity Anywhere.

Written by Nelson Cicchitto