07.23.2018 - Manufacturers Need Industrial-Quality Access Control

Ideas about cybersecurity in the manufacturing sector have started to change, and it’s about time. Until recently, a common misperception among those in the industrial world was that that they had little to attract hackers—no credit card data, no health records, no bitcoin. But manufacturers do have data, and it’s immensely valuable — their trade secrets. Profit isn’t the only motivation for hackers many just want to cause chaos. There are plenty of reasons for hackers to attack manufacturing systems; the proof is that one out of three industrial control systems (ICS) computers were hacked last year (Kaspersky Lab, Sept 2017). That number seems daunting. Many industrial automation systems have only limited internet connectivity, if at all. But they are connected to their corporate networks, and that’s where the weakness lies. Only half of manufacturing businesses isolate their ICS networks from their corporate networks (www.ncms.org/CyberSecurityReport). The rest are the mercy of the same phishing, ransomware, and insider attacks as any financial or healthcare organization. One vulnerability that affects manufacturers in particular is poor security practices among their vendors. It just takes one weak partner to infect an entire supply chain. Hackers are efficient criminals; they conduct research using Lexis Nexis, LinkedIn, and even dumpster dive to learn what they need to know to launch the most effective attack possible against their target of choice. If they want to attack your business, they may learn who your vendors are, choose those they suspect to be the weakest¾which may be a mom-and-pop shop, or may be a larger business that has a reputation on the dark web as an easy takedown¾and breach the weak vendor in order to hop onto your network. Security professionals like to say, “Security is people.” The average worker at a bank or hospital is highly aware that their employer is a high-value target, so they are more cautious than those in other industries about clicking on links or opening attachments. The average worker in an industrial business may not be as guarded. Security awareness training is a step in the right direction, but not all workers will take it seriously. Even if every worker did keep security at top-of-mind, humans still make mistakes. It just takes one accidental click to open the door to malware. And once inside, it may make its way to whatever target its authors desire. That could be your trade secrets, or it could be the main controllers in your automation system. ...

05.22.2018 - Protecting Your Patient’s PHI Data

For healthcare, there’s never been a more urgent time to reassess your cybersecurity and identity and access management strategy. Until recently, protected health information (PHI) was the most valuable merchandise on the Dark Web. Complete healthcare records were going for $75 to $100 dollars at the height of demand according to Institute for Critical Infrastructure Technology (ICIT).  ...

03.6.2018 - The Barriers to Entry for Blockchain

In part one of our Identity Blockchain blog series, we discussed the fundamentals of blockchain and why establishing trust is a key factor making it work. But beyond the obvious Bitcoin application of the blockchain network, there are a number of blockchain experimental infrastructures already in trial (proof of concepts) by corporations and consortiums. If there’s a ‘market’ for those technologies, they will spin off from central governing bodies and spawn new peers. There are, of course, barriers to widescale blockchain adoption. ...

02.22.2018 - The Fundamentals of Blockchain

Bitcoin is now an ubiquitous term for a leger-based cyber cryptocurrency and is often mentioned in tandem with blockchain. What is blockchain? Are Bitcoin and blockchain the same thing? No, they are not. Bitcoin and blockchain are different in that blockchain is the decentralized ledger that keeps track of all of the Bitcoin transactions. Blockchain technology isn’t confined to just bitcoin though. It’s a digital platform that can be applied to other digital transactions—a smart-grid, of sorts. ...

02.20.2018 - Integrate Your Mobile Applications Into Your Company

When it comes to integrating your mobile applications into your company’s backend, you need a secure authentication and authorization process that’s not only efficient, but also reliable, easy-to-use and supportive of cloud-based access. Learn more about implementing a safe integration of your mobile applications below. ...

02.1.2018 - Boost Your Cyber Maturity Level with IAM

What is your company’s cybersecurity maturity level? If you haven’t considered cybersecurity capability maturity-model levels, your company’s identity and access management protocols may not be where they need to be. In general, the stronger your information security maturity model is — meaning the more mature your identity and access management setup is — the greater your defense against outside threats will be. Click here to calculate where your IAM maturity ranks on our scale! ...

Tags

  • The database in which all of your organization’s sensitive identity data is stored.
  • A digital ledger in which digital transactions are recorded chronologically and publicly.
  • Securely managing customer identity and profile data, and controlling customer access to applications and services.
  • The means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems.
  • A legal framework that sets guidelines for the collection and processing of personal information of individuals within the EU.
  • The policy-based centralized orchestration of user identity management and access control.
  • An authentication infrastructure that is built, hosted and managed by a third-party service provider.
  • A security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.
  • A global provider of innovative and affordable identity access management solutions. 
  • Managing and auditing account and data access by privileged users.
  • Tools and technologies for controlling user access to critical information within an organization.
  • An authentication process that allows a user to access multiple applications with one set of login credentials.

Pin It on Pinterest

Get 6 Months Of The Optimal Cloud For Free!

X