Identity Management Day
Statement by Arne Ohlsen, Senior Field Marketing Manager at SailPoint
Tomorrow, April 12, marks the second anniversary of Identity Management Day. But what is behind it?
Arne Ohlsen, Senior Field Marketing Manager at SailPoint
The Day of Identity Management was launched in 2021 by the association “Identity Defined Security Alliance ” and the National Cybersecurity Alliance in the USA. It is intended to educate about the dangers of careless or improper identity protection by raising awareness of the problem and calling on companies and consumers to protect their identities. But what does the term mean in this context? “Identity” has many meanings – it can be the way we see or define ourselves, or it can be a physical identifier such as a driver’s license or passport. In a world that is determined by our use of technology, it is essential how we are digitally identified. Our identities and the credentials that protect them determine how we work, interact with each other, access technologies, conduct transactions and much more.
For businesses, identity and access management (IAM) is “the discipline that enables the right people to access the right resources at the right time for the right reasons,” according to Gartner. Weak or improper identity management increases the risk here. The vast majority of data breaches that make headlines are the result of poor identity management.
For consumers, identity management is synonymous with the protection of personal digital identities when communicating, shopping and handling our daily lives on the Internet. For individuals, poor password management and careless online behavior can lead to compromised user accounts or identity theft. These incidents occur when weak passwords are used, two-factor authentication is not activated, or users carelessly click on malicious links. In the corporate context, data breaches and IT security incidents in which identities are misused can lead to massive financial damage and loss of reputation – they are often even business–critical. Reason enough for users and companies to check whether their identities are really secure in the digital space or whether there is a need to catch up.
This is where technologies that offer intelligent detection and remediation of high-risk accesses through the use of AI and ML analyses help. For example, these detect anomalous identities – ideally within a single dashboard. Here, companies can use the dashboard to search and filter for specific identities and take appropriate measures to eliminate all or certain types of “outlier identities”.
The fact that it is necessary to be aware of the importance of protecting identities is shown by a recent study by the email provider Web.de . The survey reveals that more than half of German Internet users are concerned about identity theft. 72 Percent of respondents fear that unauthorized persons could make purchases on their behalf. 63 Percent are afraid that contracts will be concluded in their name. Also, 37 percent worry that cybercriminals are using the stolen identity to open new accounts.
At the same time, in January of this year, the European Union Cybersecurity Agency (ENISA) issued a nearly 60-page paper on identity theft entitled “Remote Identity Proofing – Attacks &Countermeasures “. Due to the pandemic and the associated progress in digitization, it is more important than ever to offer secure electronic identification options for the European digital single market, said ENISA CEO Juhan Lepassaar at the time of publication. The paper deals with the methods of cybercriminals in the context of identity theft and shows countermeasures. ENISA notes that criminals have recently been making use of photo and video manipulations, the theft of video material or deepfake algorithms, which use artificial intelligence to create convincing video material.
One thing is certain: the compromise of identities in the digital space is omnipresent. But it is also important to emphasize that it is quite avoidable – whether it concerns individuals or a large corporation. For example, there are technologies that actively help to minimize the risk of identity theft.