Category: Access Control

Highlights taken from Modernising Digital-ID Systems: What Open Standards and Open-Source Software Really Mean, for the Tony Blair Institute for Global Change.  

As organisations and Governments look to build inclusive Digital ID ecosystems, how do they overcome the key challenge of choosing which technology solution(s) to adopt?  

We recently collaborated on an article with the Tony Blair Institute for Global Change, which looks at this exact question and how Open Standards and Open-Source Software technologies have emerged as the approaches that will give governments the flexibility and freedom they need.  

ICYMI, the topics and themes discussed in the piece are summarised below.   

The need for Open Standards and Open-Source Software  

When a new industry is formed, it is common to see the creation of proprietary and non-interoperable systems; this is no different in the identity market. However, today, the market is maturing and moving towards interoperable and vendor lock-in free solutions – spelling good news for the future of digital identity in government services. Open standards and open-source software are the two main approaches that have emerged to offer governments the flexibility and freedom they need. 

Why Open Standards Matter 

Open standards are the vehicle to enable interoperability. When multiple products can work together seamlessly, the result is a level playing field market, which leads to more innovation, lower costs, and better products and services for consumers. 

The developments in Open Standards 

The open standards that are accelerating developments in the digital-ID space include: OpenID for Verifiable Credential Issuance, OpenID for Verifiable Presentations, W3C Verifiable Credentials Data Model, Decentralized Identifiers, FIDO2 and OSIA. 

Why Open-Source Solutions Matter 

As put by the team behind the Canadian Digital Service, “Open-Source saves time and money, by making software easier to reuse and adapt.”  

The developments in Open Source Solutions 

Open-source approaches to digital ID include: OpenCRVS, Modular Open Source Identification Platform, X-Road, and OpenWallet Foundation 

What Does this Mean for Governments Looking to Build Digital-ID Ecosystems? 

Both Open Standards and Open Source Software approaches have the capability and potential to add value to governments to build and upgrade their digital ID ecosystems.  

However, caution is needed on two fronts: 

  • Open Source Software solutions need to be interoperable and therefore based on Open Standards, such as OSIA. This is key for governments to ensure true open Digital-ID ecosystems.  
  • Although initially dependent on system integrators, governments should consider putting in place local training to mitigate the capacity risks of Open Source Software solutions.  

By considering these two recommendations, governments are more likely to futureproof their digital-ID systems in the most efficient manner. 

To read the full piece, co-authored by Debora Comparin, Standardisation Expert, Thales and Chair of OSIA Initiative, SIA and Yiannis Theodorou, Head of Digital ID at the Tony Blair Institute for Digital Change – please click here.  

 

For further reading, please check out the following:  

The post Open Standards & Open-Source Software: What do these solutions mean, and why are they relevant for Digital ID systems? appeared first on Cybersecurity Insiders.

This is equivalent to 20,000 tons of polymers – the weight of almost 2 Eiffel towers or 40 Airbus A380s at take-off.

Inevitably most of these SIM cards will end up as waste. However, there is another way. In this blog we’ll be looking at the efforts being made to make SIM cards greener.

Commitment to going green

At Thales we have an unrivalled, ecological SIM portfolio that is aimed at mobile operators looking for sustainable strategies to reduce the environmental impact of their SIM activity, while improving brand awareness in front of their end customers.

We have a long history in this area, so to recap some of our key milestones:

2009 – We measured our first global footprint in 2009, and as a result started engaging in different action plans to address our most important emissions sources.

2014 – In order to cut down on wastage we introduced the Half SIM Trio as early as 2014, but our best development was yet to come…

2020 – In 2020 we partnered with Veolia, the global leader in optimized resource management, to co-develop the world’s first EcoSIM. This venture resulted in the first eco-designed SIM card made from 100% post-consumer recycled plastic…. From discarded fridges to be exact.

Turning old fridges into new SIM cards  

After three years of joint development, Thales and Veolia mastered the process of turning polystyrene waste from these discarded fridges into pellets that are then used to manufacture the SIM card body.

This eco-designed product is part of an innovative offer (which includes the eco-friendly Eco Touch SIM packaging) for telecom operators looking for real sustainable strategies to reduce the impact of their SIM card activity.

So just how exactly does a fridge get turned into a SIM card? Watch here to find out:

Completing the offer with ecofriendly packaging

With more than 300 million packs delivered each year and more than 30 years of experience in the telecommunications sector as the world’s number one provider of SIM packaging, we’ve designed an ecofriendly packaging offer with:

  • Vegetal & water-based inks for safer products
  • Small and smart layouts to reduce paper consumption
  • Recycled papers to decrease waste and PEFC or FSC Certified papers to protect forests

EcoSIM, the world’s first certified carbon neutral SIM card

On top of the recycled card body itself, Thales commits to offsetting the carbon footprint of the other components of the SIM (such as the chip) in order to achieve a controlled environmental impact.

Our eco-designed SIM card is a CarbonNeutral® certified product in accordance with The CarbonNeutral Protocol – the global standard for carbon-neutral programs. The carbon footprint of each SIM has been calculated and offset through a program that supports impactful emission reduction projects – such as energy savings and renewable energy development in developing countries.

For this launch received a “Best Practice on Circular Economy” award from telecom operator sustainability association JAC, in recognition of our consistent approach regarding environmental impact reduction in products. This award was given in recognition of everything through from the recycled card body, half card, energy efficiency of sites, renewable electricity sourcing, carbon offset offer, and life cycle assessment tool for the eco-design of the SIM products.

Increasingly, it’s important for companies to take a “Life Cycle” approach to product design.

What is “Life Cycle” thinking?

Life cycle thinking is a holistic approach to tackling the environmental impact of products beyond manufacturing. This style of thinking considers the processes involved in the use of a product from the point of its creation to the end of its useful life.

Here at Thales, we use this approach for the development of our eco-designed products where raw materials extraction, material processing, transportation, distribution, consumption, reuse/recycling, and disposal are examined to reduce at its minimum the carbon footprint impact. Thanks to our factories scattered around the world, we’re able to produce SIM cards as close as possible to our customers by producing the minimum carbon emission.

Want to hear more about our eco initiatives?

The post Turning fridges into SIM cards: An ecological SIM portfolio appeared first on Cybersecurity Insiders.

Amsterdam, the capital city of Netherlands, is renowned for its artistic heritage and vibrant culture. An amazing blend of old-world charm and contemporary culture, the city offers a plethora of activities for tourists. From history, to art, or dabbling in unique experiences, Amsterdam has something for everyone.

Every summer, the city plays host to Money 20/20, the largest global fintech event enabling payments and financial services for connected commerce. We’ll be there this year to talk about our key solutions that are designed to help financial institutions, fintechs, neo-banks, retailers, and cryptocurrency exchange platforms in their digital transformation.

If you’re heading to Amsterdam this year for the event, then don’t miss out on the opportunity to explore what the city has offer outside the RAI Amsterdam.

We’ve complied our top five must-see attractions:

1. Van Gogh Museum

Art lovers should make their way to the Van Gogh Museum, home to the world’s largest collection of works by the iconic Dutch painter, Vincent Van Gogh. The museum presents an impressive range of his paintings, drawings, and letters, allowing visitors to walk into the artists life and his profound influence on the art world. From the vibrant Sunflowers to the introspective self-portrait, each masterpiece showcases a glimpse into Van Gogh’s unique artistic vision. 

2. Anne Frank Museum

A museum dedicated to Jewish wartime diarist Anne Frank. The building is located on the Prinsengracht canal, close to the Westerkerk, in central Amsterdam. As a visitor, you experience this story through an audio tour, quotes, photos, videos, and original items. The Anne Frank House can only be visited with an online ticket for a specific date and time.

3. Vondelpark

Take the opportunity to escape the city and find a calming presence in the peaceful oasis of Vondelpark. This sprawling urban park is a favourite among locals and tourists, offering a serene settling for relaxation and recreation. Take a leisurely walk or rent a bicycle to explore the park’s lush greenery, beautiful ponds, and charming bridges. During the summer months, the open-air theatre hosts various cultural performances, making it a lively hub of entertainment.

4. Albert Cyup Market

Immerse yourself in the lively atmosphere if the Albert Cuyp Market, Amsterdam’s largest street market. Located in the vibrant De Pjip neighbourhood, this bustling market has been a local favourite for over a century. Wander through the colourful stalls offering a diverse array of products, including fresh produce, flowers, clothing, and delicious street food. Indulge in traditional Dutch treats or sample international flavours from the multicultural food stands. The Albert Cuyp Market is a vibrant melting pot of cultures and a fantastic place to soak up the energetic spirit of Amsterdam.

5. Canal Tour

No visit to Amsterdam is complete without a leisurely cruise along its enchanting canals. Embark on a canal tour and witness the city’s stunning architecture, picturesque bridges, and charming houseboats from a unique perspective. Drift along the historic waterways, passing by iconic landmarks such as the Westerkerk and the Skinny Bridge, while learning about Amsterdam’s fascinating history. Whether you chose a guided tour or opt for a self-guided boat rental, the canal tour offers an unforgettable experience and showcases the best of the capital.

Visiting Money 20/20 this year – pay us a visit in Hall 1, Stand D90 – or click here to book a meeting with us.

The post Top five things to do in Amsterdam appeared first on Cybersecurity Insiders.

Banking upstarts, or ‘Challenger Banks’ have enjoyed remarkable growth over the past 10 years. In fact, research shows that since 2014 Europe-based challengers Atom Bank, Tandem, Monzo, Starling Bank, Revolut and N26 have collectively attracted over $6B in funding and amassed more than 37 million customers.

The impact of these digital-first banks has been so significant that many of these early movers are no longer thought of as ‘challengers’. Instead, they have become known for setting the pace of innovation in the financial services sector. In this blog, we’ll look at the reasons upstarts are so popular and the lessons traditional banks can learn from them.

What banking upstarts have got right

Newer and smaller banks are faster and lighter than the traditional players, which means they can launch innovative digital and mobile-first services more quickly and more cost-effectively.

From Netflix to Deliveroo, we’ve all become accustomed to easy-to-use, personalised services – and we expect the same customer-centric services from our banks. Newer financial service providers have been able to deliver on this by launching products that meet modern consumer demands. For example, Monzo has made it easier for consumers to budget by setting aside ‘pots’ of money, while Revolut has delivered new services for travellers and those making international payments.

In a relatively small space of time, we’ve gone from visiting physical banking branches, to managing all our money from an intuitive mobile app. Digital-first banks saw an opportunity to transform the way customers engage with financial services, and they continue to innovate to meet our every need – from tracking our spending, to sending money without bank details, to accessing loans, to investing in the stock market.

How traditional banks can keep up

Traditional banks have more barriers in place to start innovating and launching new products. Legacy systems, complex organisational structures, and regulatory requirements can add complexity when it comes to introducing innovation.

But they have one major advantage: consumer trust. According to YouGov research carried out in 2020, less than a fifth (17%) of Brits believed that challenger banks are as reliable and trustworthy as traditional institutions. And in general, consumers said they’d prefer to use these traditional institutions over neobanks (47% versus 11%).

It appears that consumers do not have a strong preference for challenger banks and their popularity has been driven by the simple fact they have been offering the most relevant, useful services. If traditional banks can successfully digitally transform and accelerate innovation, consumers will be there to support them.

The final word

Whether banks are new or well-established, they need to keep up with the changing needs of consumers. This could be anything from offering customised card artwork through to promoting more inclusive products such as voice payment cards.

The newer ‘challengers’ may have been the big disruptors in the financial services landscape over the past 10 years – but banking players of all sizes remain in the race to attract consumers and convert them into long-term, loyal customers. Those who embrace change will be the ones to stay relevant and grow in the years ahead.

The post Banking upstarts: from challengers to pace-setters appeared first on Cybersecurity Insiders.

by John Spiegel, Director of Strategy, Axis Security

Gartner just released the 2023 version of their “Magic Quadrant” for Secure Service Edge or SSE. Cheers are being heard from the companies who scored upper righthand and jeers being shouted for those companies who did not enjoy where they landed on Gartner’s matrix. Over the next few months, there will be a lot of noise coming from all the vendors. Some are useful, and some just distracting. Overall, SSE now has a place in the industry. This is good. As you read the news, cyber-attacks are still on the rise and now we’ve drifted into national security concerns with the leaks about the war in Ukraine by a junior-level, 21-year-old Massachutures National Guard airman. SSE provides a framework to finally bring together networking and security in a modern manner to secure our future in a truly least privileged way.

While the Gartner MQ provides a plethora of helpful information to the network and security leader, one area I found needing improvement was how these solutions are architected. As Winston Churchhill famously said, “We shape our buildings: thereafter they shape us.” Or said another way, “architecture matters”. More importantly, you need to understand how a particular solution deploys its network “points of presence” or PoP. To paraphrase a well-known movie from 2002, “SSE, it’s all about the PoPs.”

The fundamental concept of both SSE and its bigger brother Secure Access Service Edge (SASE) is to place network and security functions close to the employee and endpoint device. This is critical in overcoming the dilemma of selecting either network performance or security scanning. The PoPs are where the action happens. Through centralized policy, security treatments like malware scanning, web filtering, and data leakage protection, occur close to the employee, 3rd party, or device. These PoPs can be placed in the SSE providers owned regional data centers, and telecom hotels, as well as in several of the “Cloud Giants” (AWS, Azure, Google Cloud). The closer you place the PoPs to the employee and their device, the better the performance and security of a given application. How these PoPs are created, deployed, and managed also needs to be understood as they impact a given solution’s resiliency.

Before we dive into this critical topic, let’s take a step back and level set. Why should you care, and why are all PoPs not created equal? In the past, the WAN network, which both SASE and SSE are replacements for, was constructed on a private network owned by a large telecom vendor who would provide service level agreements. Performance was consistent and when there was an outage, the service vendor was on the hook for resolution. That was when applications lived in the private data center. Cloud changed the game in the 2010s and led the enterprise to move to an “internet as the WAN” for connectivity. Why? Gartner provides several statistics to help us understand the reason:

· Gartner surveys in 2020 showed 80% of enterprises using IaaS are multi-cloud
· In 2024, 60% of IT spending on application software will be directed at Cloud technologies.
· By 2026, SaaS workloads will dominate the enterprise software market.

As the internet is now the onramp for Cloud and SaaS-based applications/services, SSE and SASE will be the means to access them. Therefore, it brings up the question of resiliency and how you should build out your SSE/SASE platform as downtime is, in this day and age, not acceptable.

In another recent research paper, Gartner analysts Evan Zeng and Jonathan Forest called this out. The paper was titled “Leverage Cloud Connect Infrastructure to Improve Connectivity Experience for Cloud Workloads for SASE Solutions”. If you have access to a Gartner license, give it a read. If not, the cliff notes are – as applications become Cloud dominant, Secure Access Security Edge (SASE) product leaders must consider how to architect their WANs. Meaning, it is enough to purchase the service from either a vendor or a telecom and call it good? Application performance and security must be accounted for. As an example, if my company leverages Azure for PaaS services, is it good enough that my SSE/SASE vendor only runs on Google Cloud? Is it OK if my SASE vendor built out their PoPs in their own data centers? If so, I need to account for this and the result may be that I need to add my own interconnects into Azure or similar services. This costs money, adds complexity, and also increases the “keep the lights on” (KTLO) burden. It also, most importantly, causes the network/security engineer back into the performance vs security dilemma. Not ideal.

To address this, a few vendors in the space have taken a different path. One which puts the network/security engineer back in the driver’s seat. Instead of a “take or leave it approach” to the PoP that harkens back to the big telco days for WAN services, the engineer can select the best placement of a PoP to realize the value of SSE/SASE, and application performance with security. As an example, consider this option. Start with the Cloud Giants as a massive network underlay. Use all of them. AWS, Google Cloud, Azure, and Oracle Cloud. The result is this. You don’t need to transit from Google Cloud to access services in Azure. The SSE/SASE platform does the work for you. It also provides resiliency. If AWS suffers an unfortunate outage, PoP services can be handled by Azure, Google Cloud, or Oracle Cloud. Additionally, vendors are also offering a local edge option that can be installed in an on-prem data center. This is a smaller scale version of the standard PoP running in the traditional data center providing the full suite of services, Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Data Loss Prevention (DLP) and Zero Trust Network Access(ZTNA). Then take it a step further. What if you are in an area where there is no option for a local edge and the closest Cloud Giant data center is 800 miles away? Are you in what is called a “PoP desert” and you have a latency-sensitive application? Can the SSE/SASE provider spin up a PoP as a colocation facility to extend their services closer to you?

Choice in how you construct, create resiliency, and provide performance with security must be at the core of how you evaluate the various SSE/SASE solutions on the market. While the Gartner MQ is a good first pass, it is critical to dive into the architecture of each of the solutions listed in the MQ and not included. Ask the critical questions. Ask about the location of a vendor’s PoPs. How quickly can they build a PoP? How can they increase capacity rapidly to meet your demands? How resilient is their network of PoPs. Are all services provided in each PoP. If their answer is one size fits all, think really hard before continuing the conversation. If their answer is fully redundant, ask how. Dive deep. Much like you would architect your data center network and power systems or your WAN, these answers matter. Ask them. You are the enterprise engineer on the front lines. Don’t be pigeonholed into a solution that is flawed or results in compromises and puts you right back into complexity with limited resiliency. Downtime and its cousin, the slow, insecure application is no longer acceptable.

The post Architecture Matters When it Comes to SSE appeared first on Cybersecurity Insiders.

By Jaye Tillson, Director of Strategy, Axis Security

The iconic 1986 film “Top Gun” is one of my favorite films. In the movie, a group of elite fighter pilots train to become the best of the best. The film depicts a world of intense competition and high stakes, where the pilots must constantly prove themselves in order to earn their place among the elite.

In many ways, this world is similar to our world of cybersecurity, where companies must constantly defend themselves against an array of threats to protect their assets and reputation from a range of attackers. One strategy that companies are increasingly turning to improve their cybersecurity posture is the concept of zero trust. In fact, close to 80% of organizations have a zero-trust strategy today. This adoption is driven by the fact that every user, device, and application is now connected over an external network, the Internet.

This creates significant challenges for businesses that must inspect all traffic before it is given access to critical business resources. This is no simple undertaking. It means that every individual must be validated based on identity and policy. This is where zero trust comes in.

Now that we know what’s driving zero trust adoption let’s shift to how zero trust can help the CISO and CIO of a company be more secure, which I will do by drawing on the lessons and characters of “Top Gun”!

At its core, zero trust is a security model that assumes all networks, devices, and users are potentially hostile. In a zero-trust environment, access to resources is granted on a “need-to-know” basis, and authentication and authorization are required for every interaction. This approach contrasts with the traditional network security model, which assumes that traffic inside the network is trustworthy and focuses on securing the perimeter. Zero trust is becoming increasingly popular as companies face an ever-evolving landscape of threats. Top examples include advanced persistent threats, insider threats, and supply chain attacks.

The character of Maverick in “Top Gun” embodies many of the qualities that are needed to succeed in a zero-trust environment. Maverick is a highly skilled pilot, and for those familiar with his character, he also has a rebellious streak that often puts him at odds with his superiors. These characteristics are vital in a zero-trust environment where security teams need to be both highly skilled and willing to challenge the assumptions of the past. They must also be willing to question whether traditional security measures are sufficient and, when necessary, adopt new approaches to stay ahead of the threat landscape.

Another important character in “Top Gun” is Goose, Maverick’s wingman, and friend. Goose is not only loyal and dependable, but he also plays a crucial role in helping Maverick overcome his self-doubt and become a better pilot. In a zero-trust environment, it is crucial to have a team of individuals who can work together and trust each other. Collaboration and communication are essential, as security teams must be able to identify and respond to threats quickly. ‘You don’t have time to think up there.’

Beyond the film’s main characters are some key themes that also relate to the world of zero trust. One example is the importance of constant training and improvement. The pilots in the film are regularly pushed to their limits in an effort to become better, and they are always looking for ways to improve their skills. In a zero-trust environment, this same mindset is critical. Security teams can never stand pat—quite the opposite. The cybersecurity world is in perpetual motion, and teams must constantly learn and adapt. This includes staying current with the latest threats and best practices to remain one or more steps ahead of the game.

When I first saw the original Top Gun, I never could have imagined that this action movie classic would provide some critical lessons for my future career. But that’s exactly what it has done. It has provided a valuable lens through which to view the concept of zero trust. The characters in the film embody many of the qualities needed to succeed in this new environment, including skill, adaptability, collaboration, and a willingness to challenge assumptions. By embracing the principles of zero trust, companies can better defend themselves against the wide array of threats they face, which will ultimately improve their security posture and protect their assets and reputation.

The post Top Gun and Zero Trust: Lessons in Cybersecurity for the CISO and CIO appeared first on Cybersecurity Insiders.

By Gal Helemski, co-founder and CTO, PlainID

The number of access rules that must be managed across directories, applications, repositories, and other platforms by today’s digitally oriented enterprises is growing at an unprecedented pace. One of the major security headaches this creates is that controlling and auditing authorisations and entitlement is becoming more complex and challenging.

Also playing a bigger role is the widespread adoption of remote and hybrid working arrangements, and taken collectively, many organisations are now at greater risk of data breaches – unless they can consolidate and standardise access controls more effectively.

These challenges serve to highlight the value and growth in the adoption of identity and access management (IAM) technologies, which are used for regulating who has access to what information and how it is used. In particular, security teams are looking at how IAM can manage access across expanding and complex enterprise security perimeters.

While IAM has emerged from requirements focused on issues such as identity lifecycle, governance, proofing and access, today’s digital user journeys have prompted an important shift in emphasis. For instance, given significantly expanding security risk vectors and the need for more effective privacy controls and governance, the current generation of IAM solutions deliver more advanced levels of access control, with authorisation reemerging as a crucial component of IAM.

More specifically, real-time “dynamic authorisation” is becoming central to the zero-trust security strategies that aim to protect today’s dynamic technology environments. This represents an expansion of existing IAM components, which are now employed to build more robust systems that reduce the danger of compromised credentials providing unauthorised access to digital assets.

While this objective is growing in importance, one of the challenges of delivering on it is the disparate nature of access and authorisation policies used within the typical modern organisation. In many cases, for example, thousands of policies may be in use without sufficient levels of standardisation, centralised management or visibility. The result of these shortcomings can range from operational inefficiency to significantly increased risk.

Prevention is better than cure

Responding to these increasingly pressing issues, enterprise security teams are focusing on how they can standardise and consolidate access to deliver a preventative approach to today’s diverse risks. In effect, identity has become the common denominator for enforcing authentication and access control (via dynamic authorisation).

Looking ahead, the broader adoption of dynamic authorisation is likely to be driven by a range of factors, such as those organisations moving from an in-house policy engine to a proven industry solution, particularly as applications are built or refreshed. In the case of those organisations focused on the implementation of zero-trust architectures, for example, manually processing the growing number of entitlements is – for many – no longer sustainable. Instead, security teams need the capabilities that only automated solutions can provide if they are to minimise the impact of human error and more effectively control their exposure to risk.

Indeed, dynamic authorisation is increasingly viewed as a prerequisite for delivering effective zero-trust architectures. As part of this approach, implementing a fine-grained authorisation policy can put organisations in a much stronger position to meet their data privacy compliance obligations across specific data sets.

This kind of dynamic decision-making is central to the ability of security teams to make real-time changes in how and when users are granted access to data and resources across enterprise networks. Without an effective approach to policy management that allows users to be verified through an authentication solution, data is much more difficult to protect. When the network is controlled within a resilient architecture, however, access points to critical data are protected by more resilient and agile security measures.

In today’s dynamic business environment, companies are facing a range of crucial challenges related to access control, security, and cybercrime. In order to remain secure and agile, it is essential for organisations to adopt a standardised, consolidated approach to access and authorisation. This can not only help to provide robust security that supports the goals and priorities of the business, but by taking this approach, companies can achieve a win-win situation where effective security and bottom-line success go hand in hand.

The post Why Access Control Should Be a Core Focus for Enterprise Cybersecurity appeared first on Cybersecurity Insiders.

The pandemic shook businesses to its core, forcing users to trade in their office chairs for home desks. The result? Users, devices, and data scattered across the world. And for those in the networking and security fields, this shift brought major challenges. The traditional castle and moat access approach was no longer enough, and even the most reliable security tools became obsolete.

Businesses are at a crossroads, trying to decide whether to stick with a familiar approach or embrace this new form of work. This presents a golden opportunity for businesses to improve and innovate. With this in mind, Axis collaborated with Cybersecurity Insiders to release the industry’s first 2023 Security Service Edge (SSE) Adoption Report. Here’s what you need to know from the report.

The new normal: A mobile workforce
As the pandemic recedes into the rearview mirror, the familiar bustle of office life is not quite as bustling as before. Companies have come to understand that a contented workforce is a productive one, and thus, many have allowed employees the freedom to work from home or opt for flexible work arrangements. A staggering 78% of companies have embraced the hybrid work model, while an additional 10% are fully committed to remote work.

This move towards a hybrid workforce ushers in our first report highlight: conventional access methods don’t cut it in this new world of work. With a plethora of tools created specifically for securing the hybrid workforce, businesses are re-evaluating their bulky hardware, software, and data center-centric solutions for modern ones that provide more ease and simplicity.

Streamlining security through consolidation
The numbers don’t lie – 63% of businesses are juggling three or more security solutions, with 22% dealing with a dizzying six or more. The task of managing this maze of solutions is not for the faint of heart – it’s complex, costly, and time-consuming. Teams must navigate multiple user interfaces, pay for new hardware with each renewal cycle, and spend countless hours learning and troubleshooting.

This leads us to our next report highlight – security and networking leaders will look for solutions that allow them to simplify and slim down their security landscape. They want to streamline their setup, save money, and find a single solution that can replace, not just augment, their existing security infrastructure. Enter Security Service Edge (SSE) platforms – the consolidating solution that businesses are turning to in droves.

As organizations explore the benefits of SSE, they’re eyeing the platform to perform some serious heavy lifting. 63% are looking to say goodbye to enterprise VPN, 50% are seeking to retire SSL inspection, and 44% want to eradicate DDoS, among other inbound and outbound security stack solutions. With SSE, the goal is to keep security simple, cost-effective, and streamlined.

SSE is actually driving strategy
The rise of Security Service Edge (SSE) has been nothing short of spectacular, captivating the attention of the cybersecurity world with its prowess and potential. In just two short years, SSE has garnered recognition among 71% of cybersecurity professionals, solidifying its status as a game-changer in the field.

As businesses look to the future, it’s no surprise that 65% have their sights set on adopting SSE in the next 24 months, with a staggering 43% planning to fully implement it by the end of 2023. SSE has quickly become a strategic priority, with 67% of businesses planning to launch their SASE journey with it versus WAN Edge Services.

But what makes SSE truly special? According to the report, it’s seen as the crown jewel of a zero trust strategy, outranking SSO, MFA, endpoint security, and SIEM providers in its importance. With 47% of respondents eager to begin their SSE journey with Zero Trust Network Access (ZTNA) technologies, it’s clear that organizations are ready to embrace this cutting-edge solution.

Prioritizing the right SSE project

The IT world is buzzing with excitement over SSE, but where to begin? What should be their starting point? The report revealed that a whopping 48% of organizations have their sights set on securing remote and hybrid access for employees, marking the starting line of their SSE journey.

The urgency to secure the workforce’s connectivity while keeping pace with the evolving business needs is the fuel that propels the SSE engine. This is where the SSE revolution truly roars to life, charging ahead towards a secure, connected, and adaptable future.

Explore the future of secure access with SSE
The future of work has arrived and it’s in the form of a hybrid workforce! This is a golden opportunity for IT and security experts to bid farewell to the hassle of multiple, outdated tools and welcome a more secure and advanced access system with open arms. Don’t let this chance pass you by! If your team hasn’t delved into the business implications of an SSE platform, it’s high time you did. Deep-dive into these findings check out the 2023 SSE Adoption Report for an in-depth look at the future of secure access.

The post The Rise of Security Service Edge (SSE): A Game-changer for the Modern Workforce appeared first on Cybersecurity Insiders.

From March 2023, that is within 30 days, Netflix, the world-renowned streaming service provider, is all set to enforce a ban on password sharing. As it not only blocks its revenue stream but also creates multiple security issues that hackers can easily exploit, as each account has sensitive details such as email, phone number and payment details.

Therefore, from early next month, Netflix is all set to roll out a new feature that legally allows the current subscribers to share their account passwords with their loved ones. The feature is called “Paid Sharing” that is already in operation in a few of the South American countries. It is nothing but adding of new profiles under one account, so that the same password can be shared with others at an extra cost, sans the fact on whether they belong to the same household.

All these days, one person from a household used to subscribe for the service and share the password and account details with others, say friends or other family members.

And the servers of Netflix used to identify such password sharing instances as Red Flag and used to lock their account, if their IP address and device ID did not match with profile location details of their Netflix accounts, respectively.

Now, they can continue doing the same, provided they pay an extra amount. However, the person who will use the shared credentials should live in the same region, means state or province.

UK users and consumers from America will test this new official paid sharing feature in a few days’ time and let’s hope that it will put an end to the security issued that arises otherwise.

Technically speaking, Netflix is not stopping the password sharing feature, but it is instead monetizing it. So, that its cash registers ring, thus helping the streaming service provider recover its losses to a certain extent.

NOTE- Netflix already imposed a VPN Blocking program since January 2016, thus blocking its users from accessing content from countries where its content is unavailable or not allowed for viewing, like China.

 

The post Netflix password paid sharing amuses consumers to a certain extent appeared first on Cybersecurity Insiders.

In 2022, it took around 9 months to identify and contain a breach. To prevent a cybersecurity breach for your business, you need to think about your on-premise security systems.

How can you futureproof your cybersecurity with on-premise video and access control systems?

Keep reading to learn about on-premise video and access control systems and what the combination of these technologies can do for your cybersecurity strategy. Fortifying your physical security can help you to avoid a data breach that leads to significant losses and liability issues.

What Is An On-Premise Video And Access Control System?

Both access control and surveillance are essential elements in a security strategy. In an on-premise system, you’ll generally need to use DVR recorders for security cameras to store analog security information.

Access control prevents unauthorized users from entering the building. Surveillance helps deter unauthorized users from attempting to enter the building and provides a record of any incident. 

When paired together, however, both security technologies can serve additional functions, strengthening your security strategy and helping you receive more ROI on your security investments.

An on-premise video and access control system is ideal for businesses requiring a high level of security.

In a cloud-based system, you could integrate video surveillance and access control to make both data sets available on a single cloud-based platform – creating a single source of truth for real-time security data.

Using an on-premise system can help you to implement video and access log accessibility. Investing in a video intercom reader can make both data sets available on a single system.

A video intercom reader comes with built-in video surveillance, an access reader, and intercom features, allowing for remote operability.

In the remainder of this post, we will discuss the key benefits of an on-premise video and access control system. 

Why On-Premise Video And Access Control Systems Future Proof Your Cybersecurity

Here you’ll find the top reasons why on-premise video and access control systems can futureproof your strategy and strengthen your approach to cybersecurity.

Integrated Data For Identity Verification

One of the critical vulnerabilities in any access control system is the potential for an unauthorized person to steal access credentials and use them to enter your building.

An integrated video and access control system allows you to view access logs alongside video surveillance footage, allowing for identity verification. You must correlate timestamps from different platforms without integrating these two technologies to authenticate a user’s identity.

Integrating facial recognition software can help you to automate the identity verification process and verify each user before they enter the building.

Additionally, integrated on-premise access control and video surveillance allow you to remotely view this information from anywhere using a mobile application. 

So, suppose you have a visitor, and they press your intercom button. In that case, you will receive a mobile alert, and you will be able to view video feed information to ensure the visitor is authorized to enter. You can remotely grant them access to the building, allowing more convenient visitor management.

Allows For Cybersecurity Authentication

Since your valuable data is hosted in your building, providing identity verification at your entrance will strengthen your cybersecurity strategy. An on-premise access control and video surveillance system will allow you to ensure that only authorized employees and visitors can gain access to your building and, thus, your sensitive data and digital assets.

You might consider integrated video and access control as an added layer of cybersecurity, in addition to your passwords or biometrics for logging into company accounts. Providing this security hardware can add a layer of MFA to your cybersecurity strategy.

Automation And Streamlined Management

With on-premise video and access control systems, security professionals can manage access control, surveillance video, and cybersecurity on a unified platform. The open platform integrations allow security staff to create automation between systems, improving the convenience of daily operations and reducing time-consuming manual tasks.

An excellent example of the automation of on-premise video and access control systems is the potential to automate lockdowns based on failed password attempts. If you require high-level security, you need to create protocols for failed password attempts, allowing you to verify user identity and ensure that only authorized users are logging into your system.

When a user enters the wrong password too often or fails too many biometric login attempts, the system will automatically initiate lockdown procedures, ensuring that you can act quickly and resolve the threat if an unauthorized user is in the building. You can investigate the incident to verify the user and lift the lockdown if it is simply an instance of human error.

Additional automation between access control and video security includes lockdowns when a user attempts to enter the building with stolen or misappropriated credentials. If the system fails to verify the user’s identity using facial recognition, you will enforce lockdown procedures until security staff has resolved the threat.

Summary

Suppose you’re looking to futureproof your cybersecurity strategy by taking a blended approach to cyber and physical security. In that case, you should consider the benefits of an on-premise video and access control system. You will be able to integrate data for identity verification, automate cybersecurity, and streamline your response strategy for security threats.

The post Futureproofing Cybersecurity With On-Premise Video And Access Control Systems appeared first on Cybersecurity Insiders.