Digital transformation has been adopted by most companies from around the world, resulting in a more connected and innovative business environment. Today, digital transformation essentially involves an organization’s adoption of IoT, cloud computing, machine learning, and AI. Continue reading Security or Functionality? Security Risks with Digital Transformation
Just last year, the popular Q&A site Quora suffered a data breach, as reported by Techworld in their article on UK’s most infamous data breaches. This just goes to show that even the best of businesses are finding it a challenge to secure their data and vital business information in this age of digital advancements.
IT security is, no doubt, an overwhelming, daunting, and expensive task. With cybercriminals getting more advanced and sophisticated, organizations are struggling to find security solutions that will effectively counter them. Continue reading How Technology Can Simplify IT Security
Data protection and data privacy are so closely linked that people (and sometimes even organizations) tend to think of them as synonyms. However, understanding the difference between the two is crucial to ensuring that both protection and privacy are maintained. Continue reading Data Protection & Data Privacy – A difference that matters
What is WebAuthn?
WebAuthn (Web Authentication API) is a global standard specification for secure authentication on the Web, formulated in 2018 by the World Wide Web Consortium (W3C).
This browser-based API allows user authentication on web applications through the creation of strong “credentials” and user-agent-mediated access to authenticators. This could be either in the form of hardware tokens (like U2F security keys) or in-built modules (biometric readers like Google Hello, Apple Touch ID) in the platform. Web Authn has garnered the support of all leading browsers like Chrome, Firefox, and Edge, and is compatible with all leading platforms. Continue reading The Key to Data Security: WebAuthn
As organizations increasingly place their data and applications across multiple locations on the cloud, zero trust security is rapidly gaining ground as the network security model of choice among enterprises.
Zero Trust Security is a security model in which a user, irrespective of whether he/she is within or outside the network perimeter, requires an additional verification to get access into a network. There is no particular technology or software product associated with this security model. It simply requires an additional security layer to verify users. This could be anything from biometric verification like thumb-print scanning, or a digital signature verification. Of the two, biometric verification is preferable as it can neither be recreated nor hacked.
Would you trust just anyone to enter your home? Or would you first confirm that you know them and they have the right to be there?
The Zero Trust Model (ZTM) of security follows a similar principle. The ZTM approach is to be aware of anything entering the company, whether from inside or outside the company’s perimeter.
ZTM simply verifies everything that requires access to the system. The approach does not necessarily decree that every request should be denied. Instead, it asks: Why is access needed? How far? How long?