Posted on

Privacy and the 7 Laws of Identity

In 2005, the late Kim Cameron penned “The Laws of Identity.” The paper explored how to give internet users a deep sense of safety, privacy, and certainty about their interactions online. With the proliferation of web-based services and applications, it was essential to develop a formal understanding of the dynamics causing digital identity systems to succeed or fail. Nearly 20 years later, Cameron’s seven laws of identity are still applicable today. 

Published shortly after the dot-com bust and the introduction of social media, this paper came at a point of inflection for the Internet. Today, with the promise of Web3, a metaverse, and adjusting to a largely virtual working world, we’re living through a similar shift in history. For both points in time, digital identity is at the epicenter—and it’s worth remembering some tried and true lessons from the past.

Posted on

Identity Governance 101: Popular User Stories

What Is Identity Governance

In theory, identity governance refers to the policy-based centralized orchestration of user identity management and access control. In layman’s terms, this refers to managing different aspects of user accounts and how they access the resources offered. It’s believed that the concept of identity governance grew out of the Identity Governance Framework, a now-defunct project by the Liberty Group that aimed to standardize enterprise identity information usage.

That been said, there are some user stories that are identified and catered for in the WSO2 Identity Server, categorized under identity governance. I’m trying to talk about these stories one by one, hoping to have in-depth articles on each of them later.

Posted on

How to Integrate Identity Governance Into Your Business Strategy

A strong identity governance strategy enables enterprises to safeguard information, facilitate compliance, and streamline work processes. Despite the benefits, implementing these processes has been perceived as a complex, on-premises project that takes an army of consultants to deploy. While this can be true in some cases, 76% of enterprise organizations are looking to replace their existing identity governance and administration (IGA) system (Gartner). 

This number and other recent research proves we need to find ways to make identity governance more approachable in order for businesses to realize its true value. Fortunately, there are proactive steps companies can take to ensure identity governance is ingrained in their business strategy without the headaches. And it starts with four proactive approaches any business can take to achieve long-term, continual success.

Posted on

Risky Business: Preparedness Lessons Learned from the Florida Water Plant Hack

You’d be hard-pressed to find someone in the IT security space who will argue against the importance of risk preparedness. Unfortunately, more often than not, people will talk-the-talk without walking the proverbial walk. It sounds smart: be ready for potential attacks before they happen. But we have a long way to go to put this sentiment into practice. Accidents are unplanned, and we're never quite as prepared as we should be. The "that will never happen to us" attitude is rampant among the enterprise, especially when it comes to cybersecurity.

Risk preparedness is something organizations need to start taking seriously, as seen by the recent Florida water plant hack, among others. If they don't, the outcomes could be devastating. Imagine a stadium of sick Super Bowl attendees or worse. While the focus has been largely on protecting big businesses or federal entities with lots of valuable data, no one is truly safe from bad actors — not even local municipalities. In fact, these could be even more dangerous targets when you consider something as serious as compromising a community’s water supply or information theft. 

Posted on

6 Security Predictions for 2021—And Why They Matter

Understanding industry trends is important for any IT professional, but it’s especially critical for anyone working in security. Teams need to be able to stay a step ahead of a wide range of security threats. With the global COVID-19 pandemic altering the way enterprise organizations do business and their employees work, it’s been a particularly challenging year to achieve this, all while ensuring that the new tools employees need to stay connected and productive don’t put individuals, or the enterprise, at risk. 

Just as the nature of our work style and lives have changed, so too has the threat landscape and the security tools we use to combat it. We’re constantly learning about emerging and ongoing security trends that will impact businesses and customers globally, but with breaches du jour, it’s often hard to know which are the most important. That said, there are six factors that IT and business leaders should keep top of mind to kick off the new year right.