The Digital Boom Fuels The Next Billion Digital Identities.

The average digitally-savvy individual has hundreds of online accounts, and a dozen (or more) distinct digital ‘identities’.The proliferation shows no sign of slowing down, but is also unsustainable.

Digital’s biggest advantage – choice – is also its greatest drawback.

There’s a near-endless pool of potential destinations: clouds, applications and services, for users to select from. Whether free or paid, each destination inevitably asks for a bit of information about the person (or device) wanting access to it. This often results in a set of credentials being created to identify the user when they interact with that destination in future. Information about their use of the service may be collected for personalization, monetization or other purposes.

People are inevitably amassing vast collections of credentials, often a new one for every digital service they interact with. What’s certain is that a person is no longer a single identity. We estimate that a typical person might have upwards of 15 identities distributed across social media accounts, applications, cloud services, mobile, and physical devices.

Even a cursory look at digital usage habits sees account numbers quickly add up.

Globally there are over 5 Billion Internet users who are estimated to have 4.65 billion social media accounts, and 16.1% have access to “streaming services” and 1.9 Billion individuals actively use online banking services.

Risks of Cloud Computing

While there are many benefits of cloud computing, as it offers businesses a convenient, scalable, and readily accessible service to its users; there are also risks associated with the cloud: 

Unauthorized Access: The most common cloud security issues include unauthorized access through improper access controls and the misuse of employee credentials. Over permissioned users, particularly administrators and lack of proper entitlement visibility, management and governance are contributing factors. Insecure APIs and unauthorized access are the number one perceived security vulnerability in the cloud.

Data Loss or Theft: When you store files and data in someone else’s server, you’re trusting the provider with your data. However, that doesn’t mean you have abandoned or fully transferred responsibility for your data in event of loss due to system error or theft by cybercriminals. Cybercriminals can hack into servers or malware can render data unreadable by both humans and software. In many cases, this data cannot be recovered so data loss prevention is an essential tool. 

Denial of Service Attacks or Distributed Denial of Service: A denial-of-service (DoS or DDoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. This can render systems inaccessible for users and severely disrupt business operations.

Cloud Identity Security

As users, we are largely responsible for generating the content and data that creates our online identities. As a result, it’s reported that 88% of cloud breaches are due to human error, what can businesses do to help individuals stay safe using
the cloud?

Establish an Identity Control Plane: Passwords can often be the only barrier between a cybercriminal and your sensitive information. There are several programs attackers can use to guess or “crack” passwords or even easier to phish credentials. We recommend users follow NIST guidance on updating passwords, which is generally now once per year or upon known compromise. However, to really help mitigate credential sprawl, organizations should establish a global authentication authority to define access policies and apply the concept of SSO’ing everything to its practical limits.  SSO (and even passwords) should be used with compensating controls such as MFA and risk signals.

Opt for Multi-Factor Authentication (MFA) Verifications: Leverage MFA for logging in wherever possible. If passwords become compromised, enabling this extra layer of security will decrease the likelihood that cybercriminals who have stolen passwords can log into accounts. Furthermore, adding a layer of intelligence via risk signals will help to decrease MFA fatigue.

Control Privileged Access: Secure and manage administrative consoles and entitlements as well as secrets such as embedded credentials, keys, tokens, certificates and API keys for human and machine identities.

File Encryption: Ensure that all important files are encrypted. To read an encrypted file, the user must have access to a secret code to enable decryption. This means no one other than an authorized user can see it—not even the software provider. This extra level of security will make it difficult for any potential attacker.

By Aubrey Turner at Ping Identity.

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...

Custom Software Development

Natalia Yanchii • 04th October 2024

There is a wide performance gap between industry-leading companies and other market players. What helps these top businesses outperform their competitors? McKinsey & Company researchers are confident that these are digital technologies and custom software solutions. Nearly 70% of the top performers develop their proprietary products to differentiate themselves from competitors and drive growth. As...

The Impact of Test Automation on Software Quality

Natalia Yanchii • 04th October 2024

Software systems have become highly complex now, with multiple interconnected components, diverse user interfaces, and business logic. To ensure quality, QA engineers thoroughly test these systems through either automated or manual testing. At Testlum, we met many software development teams who were pressured to deliver new features and updates at a faster pace. The manual...