Recognition rather than Identity as the foundation for access management

This article was originally published on Technology.Info.
As part of our continuing strategy for growth, ITProPortal has joined forces with Technology.Info to help us bring you the very best coverage we possibly can.

Viewer Takeaways

  • Awareness of the drawbacks arising from a reliance on user identity alone to secure data assets;
  • Understanding of why recognition is more important than identity when determining access permissions;
  • Insight into common attack vectors that have resulted in high profile data breaches;
  • Examples of how the application of user recognition substantially reduces the risk of a major data breach.

The IT security industry has become obsessed by proof of identify in a bid to combat growing cyber security threats. However recent high profile data breaches at organisations, such as Target and JP Morgan, have demonstrated that even organizations with a strong identity based security model are vulnerable to insider attacks, when a trusted identity is hijacked.

This presentation introduces the concept of recognition, where identity becomes, only one dynamic attribute amongst many, used to determine user authenticity and grant access permissions, in order to minimize IT security exposure in line with risk based policies.

Download PDF

Topics