Identity: the heart of all security problems
The joke is, on the internet, no-one knows you're a dog. In fact, weak identity remains one of IT's core security problems.
Inside the Enterprise: In technology, a whole host of problems boil down to identity and authentication issues.
Is the right person accessing the right records on a database? Is that laptop encrypted? Is sensitive email being viewed only by those who are entitled to see it? Is the person using mobile banking, who they claim to be?
A host of problems from data loss to spam have their roots in weak identity, and in particular, our continued reliance on passwords.
In a report looking at the cyber security threat landscape during 2013, the European Union's cyber security agency (ENISA), points out that if end users adopted simple security measures, it would halve the number of cyber attacks, even as hackers have increased the sophistication of their tools.
A need for strong, secure, end-to-end authentication was identified by ENISA as one issue that everyone involved in the internet economy needs to consider.
And the idea of establishing a single ecosystem for strong identity lies behind the formation of a new organisation, the Global Identity Foundation.
The new body builds on work started by organisations such as the Jericho Forum and the Cloud Security Alliance, but takes the idea further. The goal is ambitious: to create a secure identity model that can work just as well for people, devices and organisations, but yet isn't controlled by any one organisation, or relies on any single piece of technology or equipment, such as a token.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.