Identity and access management products
-
News
20 Dec 2024
Top 10 data and ethics stories of 2024
Here are Computer Weekly’s top 10 data and ethics stories of 2024 Continue Reading
-
News
18 Dec 2024
Top 10 cyber security stories of 2024
Data breaches, data privacy and protection, and the thorny issue of open source security were all hot topics this year. Meanwhile, security companies frequently found themselves hitting the headlines, and not always for good reasons. Here are Computer Weekly's top 10 cyber security stories of 2024 Continue Reading
-
Definition
17 Oct 2023
Secure Sockets Layer certificate (SSL certificate)
A Secure Sockets Layer certificate (SSL certificate) is a small data file installed on a web server that allows for a secure, encrypted connection between the server and a web browser. Continue Reading
-
Feature
11 Oct 2023
Preparing IT security for the age of quantum computing
We look at what progress is being made to ensure digital communications remain secure as quantum computers make an entrance Continue Reading
-
Definition
10 Oct 2023
password entropy
Password entropy is a measurement of a password's strength based on how difficult it would be to crack the password through guessing or a brute-force attack. Continue Reading
-
News
10 Oct 2023
MGM faces £100m loss from cyber attack on its casinos
MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m Continue Reading
-
Definition
06 Oct 2023
risk-based authentication (RBA)
Risk-based authentication (RBA) is an authentication method in which varying levels of stringency are applied to a system’s authentication process based on the likelihood that access to that system could result in its compromise. Continue Reading
-
News
05 Oct 2023
Policing minister wants to use UK passport data in facial recognition
The policing minister’s plans to integrate the UK’s passport database with police facial-recognition systems have been met with criticism from campaigners, academics, and the biometrics commissioner for England and Wales Continue Reading
-
News
04 Oct 2023
Lloyds Bank launches digital identity app
Lloyds Bank has launched a digital identity app with tech startup Yoti, after it invested £10m in the firm Continue Reading
-
E-Zine
03 Oct 2023
Where next for quantum computing?
In this week’s Computer Weekly, we talk to the head of Amazon’s Braket quantum computing services about how the technology is progressing. We go behind the scenes at an ethical hacker event to find out how bug bounty programmes work. And we analyse the offerings of the major players in software-defined storage. Read the issue now. Continue Reading
-
News
28 Sep 2023
Strasbourg court condemns Turkey for jailing teacher for using ByLock encrypted messaging app
The case is expected to have implications for the use of digital evidence in prosecutions against users of other encrypted phone apps Continue Reading
-
News
28 Sep 2023
Security and risk management spending to grow 14% next year
Growth in public cloud services will stand out over the next 12 months, as Gartner projects an overall 14% increase in cyber spending in 2024 Continue Reading
-
Definition
26 Sep 2023
Protected Extensible Authentication Protocol (PEAP)
Protected Extensible Authentication Protocol (PEAP) is a security protocol commonly used to protect wireless networks. Continue Reading
-
News
26 Sep 2023
Cover-ups still the norm in the wake of a cyber incident
Almost half of organisations that have experienced a cyber incident did not report it to the appropriate authorities, according to a report Continue Reading
-
E-Zine
26 Sep 2023
Preparing for post-quantum cryptography
In this week’s Computer Weekly, our latest buyer’s guide assesses the challenges for cryptography in the emerging era of quantum computing. Google Cloud experts explain how the internet giant is preparing its datacentres for a world of AI. And we examine the privacy, compliance and backup issues from generative AI. Read the issue now. Continue Reading
-
News
19 Sep 2023
Okta confirms link to cyber attacks on Las Vegas casinos
Okta CISO David Bradbury confirms widespread speculation about the high-profile cyber attacks on two Las Vegas casino operators, revealing that the threat actors responsible had indeed abused its services as they earlier claimed Continue Reading
-
News
19 Sep 2023
38TB Microsoft data leak highlights risks of oversharing
An accidentally disclosed SAS token with excessive privileges enabled researchers to access nearly 40TB of Microsoft’s data, highlighting the risks of privilege mismanagement and oversharing Continue Reading
-
Opinion
19 Sep 2023
Ending the online fraud epidemic
A different approach to managing personal data across the web is possible - and it could minimise online fraud, boost e-commerce, and help make the web more secure. So why isn't the government doing it? Continue Reading
-
Feature
18 Sep 2023
APAC guide to identity and access management
The rise of identity-based attacks is fuelling investments in identity and access management (IAM) tools. We examine the key capabilities of IAM, discuss implementation best practices, and explore the future of this technology Continue Reading
-
News
15 Sep 2023
Las Vegas mainstay Caesars Palace likely paid off ransomware crew
Caesars Entertainment, owner of the lavish Roman Empire-themed Caesars Palace casino in Las Vegas, has revealed it also suffered a ransomware attack, and appears to have paid off its hackers Continue Reading
-
News
15 Sep 2023
Manchester police data breach a classic supply chain incident
The developing data breach at Greater Manchester Police follows a cyber attack on the systems of a key supplier of ID services to the force Continue Reading
-
News
13 Sep 2023
Storm-0324 gathers over Microsoft Teams
An initial access broker associated with several different ransomware operations is now conducting Microsoft Teams phishing attacks Continue Reading
-
News
13 Sep 2023
How DocuSign is extending its capabilities beyond e-signatures
DocuSign is harnessing large language models to help individuals make sense of agreements and employing AI-based biometrics to verify the identity of signers, as part of its broader efforts to expand its capabilities beyond electronic signatures Continue Reading
-
Podcast
12 Sep 2023
Podcast: ‘Data first’ a key principle of digital transformation
Chris Gorton of Syniti says organisations should put data first during digital transformation projects, and that means getting data quality, access rights and governance right Continue Reading
-
News
08 Sep 2023
Sensitive NatWest customer files set to be returned after High Court agreement
Sensitive NatWest customer files set to be secured by bank after years in the home of a data breach whistleblower Continue Reading
-
News
08 Sep 2023
HGS to provide contact centre support for One Login
The partnership between the Government Digital Service and Hinduja Global Solutions will see the supplier provide contact centre services for the digital identity platform Continue Reading
-
News
07 Sep 2023
Finnish government to bolster spending on cyber-AI defences
Finland’s government will increase spending on cyber security amid heightened threats from artificial intelligence-based attacks Continue Reading
-
News
06 Sep 2023
Meet the professional BEC op that targeted Microsoft 365 users for years
The so-called W3LL cyber crime operation ran a phishing empire that has played a large role in compromising Microsoft 365 accounts for years. Its activities are now coming to light thanks to Group-IB researchers Continue Reading
-
News
06 Sep 2023
Okta customers targeted in new wave of social engineering attacks
Authentication specialist Okta has warned customers to be on alert for a campaign of social engineering attacks exploiting highly privileged users Continue Reading
-
News
05 Sep 2023
Researchers find flaw in Mend.io security platform
WithSecure’s research team uncovered an authentication flaw in an application security platform developed by Mend.io, which has now been fixed Continue Reading
-
News
31 Aug 2023
Home Office and MoD seeking new facial-recognition tech
The UK’s Defence and Security Accelerator is running a ‘market exploration’ exercise on behalf of the Home Office to identify new facial-recognition capabilities for security and policing bodies in the UK Continue Reading
-
News
31 Aug 2023
Post Office to provide in-person identity checks for One Login
Partnership between the Government Digital Service and the Post Office will see postmasters and staff provide face-to-face identity checks for those unable to use the One Login app or website Continue Reading
-
Definition
30 Aug 2023
biometric authentication
Biometric authentication is a security process that relies on the unique biological characteristics of individuals to verify they are who they say they are. Continue Reading
-
Tip
24 Aug 2023
How do digital signatures work?
Digital signatures add a level of security to online agreements, which can prevent bad actors from impersonating other individuals or tampering with sensitive contracts. Continue Reading
-
News
24 Aug 2023
Google bets on AI-backed cyber controls for Workspace users
Zero-trust and digital sovereignty controls are the focus of a series of enhancements being made for Google Workspace users Continue Reading
-
Definition
23 Aug 2023
BYOI (bring your own identity)
BYOI (bring your own identity) is an approach to digital authentication in which an end user's username and password are managed by a third party. BYOI is increasingly being used for website authentication. Continue Reading
-
News
18 Aug 2023
NatWest customer calls bank’s handling of breach of his data ‘disgusting’
A second NatWest customer has contacted Computer Weekly after finding out from a whistleblower that his sensitive personal data has been in her home for 14 years Continue Reading
-
News
16 Aug 2023
CyberArk eyes growth beyond PAM
CyberArk is seeing exponential growth in the broader identity security market as the company expands its capabilities beyond privileged access management Continue Reading
-
Podcast
15 Aug 2023
Unconventional career: A Computer Weekly Downtime Upload podcast
Cyber security expert Junade Ali, talks about his non-academic route to a PhD. He was recently elected as a fellow of the IET Continue Reading
-
News
14 Aug 2023
NatWest offers compensation to customer affected by data breach exposed by whistleblower
NatWest bank has offered compensation to a former customer affected by a data breach alongside around 1,600 other former and current customers Continue Reading
-
Definition
14 Aug 2023
Directory Services Restore Mode (DSRM)
Directory Services Restore Mode (DSRM) is a Safe Mode boot option for Windows Server domain controllers. Continue Reading
-
News
08 Aug 2023
MPs warn about growing prevalence of tech-enabled domestic abuse
The UK government must take action to prevent perpetrators from being able to use connected or smart technologies to conduct their domestic abuse, a select committee has warned Continue Reading
-
News
08 Aug 2023
Workplace monitoring needs worker consent, says select committee
Employers looking to monitor their employees through connected devices should only to so with the consent of those affected due to negative impacts such surveillance can have on work intensification and mental health Continue Reading
-
News
03 Aug 2023
Cozy Bear hijacks SME Microsoft 365 tenants in latest campaign
Microsoft shares intelligence on a newly observed Cozy Bear campaign that saw the APT take over genuine Microsoft 365 tenants and subvert them to try to phish its victims Continue Reading
-
Definition
31 Jul 2023
Common Access Card (CAC)
A Common Access Card (CAC) is a smart card issued by the Unites States Department of Defense for accessing DOD systems and facilities. Continue Reading
-
Definition
28 Jul 2023
national identity card
A national identity card is a portable document, typically a plasticized card with digitally embedded information, that is used to verify aspects of a person's identity. Continue Reading
-
News
28 Jul 2023
How Indian organisations are keeping pace with cyber security
Indian organisations are shoring up their defences to improve their cyber resilience amid intensifying cyber threats targeted at key sectors such as healthcare and logistics Continue Reading
-
Opinion
27 Jul 2023
AI-enhanced cyber has potential, but watch out for marketing hype
As AI is a hot topic right now, it is no surprise there are some cyber solutions coming to market that have been thrown together in haste, but that said, genuine AI-powered security products do exist and their abilities could yet prove transformative. Continue Reading
-
News
24 Jul 2023
CIO interview: Sean Green, University of East Anglia
In his role as director of digital and data at the University of East Anglia, Sean Green provides high-performance computing to researchers and manages the diverse needs of a campus with the characteristics of a small town, all while finding the time to study one of his passions Continue Reading
-
Feature
21 Jul 2023
Handbook helps Dutch organisations migrate to quantum-safe communication
Organisations must start implementing new cryptography standards – as migration is a lengthy process Continue Reading
-
News
20 Jul 2023
Online Safety Bill screening measures amount to ‘prior restraint’
The Open Rights Group is calling on Parliament to reform the Online Safety Bill, on the basis that its content-screening measures would amount to “prior restraint” on freedom of expression Continue Reading
-
News
17 Jul 2023
Police Scotland use cloud for biometric data despite clear risks
Police Scotland confirms it has stored significant volumes of biometric data on a cloud-based digital evidence sharing system despite major ongoing data protection concerns, bringing into question the effectiveness of the current regulatory approach and the overall legality of using hyperscale public cloud technologies in a policing context Continue Reading
-
News
13 Jul 2023
Civil society groups call on EU to put human rights at centre of AI Act
Dozens of civil society groups are calling on EU institutions to prioritise people and human rights in AI legislation as secretive negotiations begin Continue Reading
-
News
12 Jul 2023
Whistleblower contacts NatWest customers affected by a decade-old data breach
Former worker says contacting the people affected by the data breach is her last resort after the bank and regulators appear satisfied that the sensitive data file is safe stored under her bed Continue Reading
-
Feature
11 Jul 2023
Norwegian data privacy experts sound alarm over generative AI
Hundreds of millions of people embrace generative artificial intelligence, blissfully ignorant of what it’s doing to data privacy. Continue Reading
-
News
07 Jul 2023
Suspicious email reported every five seconds in UK
National Cyber Security Centre report reveals a suspicious email was reported by UK citizens and organisations every five seconds last year Continue Reading
-
News
06 Jul 2023
Biometrics watchdog calls for public space surveillance review
The biometrics and surveillance camera commissioner is calling for a review of public space surveillance to gain a clearer picture about the proliferation of Chinese surveillance technology across the public sector, but warns against applying double standards on companies just because they are from China Continue Reading
-
News
30 Jun 2023
AI can never be given control over combat decisions, Lords told
Artificial intelligence is technically incapable of distinguishing between the complex contextual factors of combat situations, and will likely never be able to, according to legal and software experts Continue Reading
-
Definition
30 Jun 2023
security token
A security token is a physical or wireless device that provides two-factor authentication (2FA) for users to prove their identity in a login process. Continue Reading
-
News
27 Jun 2023
One Login’s Gov.uk ID check apps downloaded over two million times
The One Login digital identity system is being used by eight government services, and GDS has issued more than 1.5 million verified identities since summer 2022, while its ID check apps are proving popular Continue Reading
-
News
23 Jun 2023
ICO under fire for taking limited action over serious data breaches
The ICO has come under fire from lawyers and data protection specialists for just issuing written warnings to two public bodies over serious data breaches that placed people’s lives at risk Continue Reading
-
News
23 Jun 2023
Phishing and ransomware dominate Singapore’s cyber threat landscape
Phishing and ransomware attacks continued apace in Singapore last year amid signs of improving cyber hygiene Continue Reading
-
News
21 Jun 2023
Nearly quarter of a million malicious websites reported and removed through NCSC service
A suspicious email and text message reporting service in the UK has directly led to a quarter of a million malicious websites being removed Continue Reading
-
News
14 Jun 2023
TSB calls on Meta to intervene and protect users from fraud losses of £250m this year
TSB is the latest bank to demand more action from social media sector in helping to reduce online fraud Continue Reading
-
Opinion
08 Jun 2023
Regulatory ‘lacuna’ around facial recognition threatens rights
The UK is heading for a “legal quagmire” around live facial recognition if the government and regulators do not take action to rein in use of the technology before it becomes ubiquitous Continue Reading
-
Podcast
08 Jun 2023
Podcast: Storage, backup, AI and data classification at RSA 2023
Much discussion at RSA 2023 about artificial intelligence, the risks to data protection, storage and compliance, plus risk and data classification, especially its impacts on access and data management Continue Reading
-
News
07 Jun 2023
UKtech50 2023 winner: Michelle Donelan/Chloe Smith, secretary of state, DSIT
Computer Weekly looks at the achievements and successes of the Department for Science, Innovation and Technology, as its secretary of state is recognised as the most influential person in UK technology for 2023 Continue Reading
-
News
07 Jun 2023
Payments regulator makes APP fraud reimbursement mandatory
UK payments regulator confirms changes to rules around repaying customers who lose money to authorised push payment fraudsters Continue Reading
-
News
05 Jun 2023
Bank of International Settlement sets up channel secure from quantum breach
The Bank of International Settlement has worked with two of Europe's central banks to explore preventing the security risks posed by quantum computers Continue Reading
-
News
01 Jun 2023
Met Police director of intelligence defends facial recognition
The Met Police’s director of intelligence has appeared before MPs to make the case for its continuing use of facial-recognition technology, following announcements from the force and the Home Office that they intend to press on with its adoption Continue Reading
-
News
31 May 2023
Lloyds Bank calls on tech companies to control social media ‘wild west’
Lloyds Banking Group is calling on tech giants to step forward in the fight against online fraud, which emanates in the social media ‘wild west’ Continue Reading
-
News
25 May 2023
Cabinet Office publishes response to data sharing for digital ID consultation
The majority of respondents to government’s consultation on data sharing for digital identity are critical to the plans and concerned about data privacy, but Whitehall’s response says many of the responses ‘were driven by anti-digital commentaries’ Continue Reading
-
News
24 May 2023
Kuwait bank introduces biometric payments card
Middle East bank launches payment cards with fingerprint sensor technology embedded Continue Reading
-
News
24 May 2023
Two-thirds of all 2022 breaches resulted from spear phishing
Research by Barracuda Networks has found that, despite the low volume of spear-phishing attempts, the attacks are highly successful and have major consequences Continue Reading
-
E-Zine
23 May 2023
How to secure your software supply chain
In this week’s Computer Weekly, our latest buyer’s guide looks at secure coding, and kicks off by examining the challenges of securing your software supply chain. Cyber law enforcement leaders are calling on firms to end the secrecy around ransomware attacks. And we find out how facial recognition technology is being adopted by retailers. Read the issue now. Continue Reading
-
E-Zine
19 May 2023
CW APAC: Expert advice on security and threat intelligence
Organisations are all too aware of the importance of cyber defence. In this handbook, focused on security and threat intelligence in the Asia-Pacific region, Computer Weekly looks at the software supply chain, Mimecast’s email security, Australian data breaches and Singapore’s threat intelligence. Continue Reading
-
News
17 May 2023
Home Office pushes for more police facial-recognition deployments
An independent report commissioned by the biometrics commissioner of England and Wales reveals that the UK policing minister is pushing for wider adoption of facial-recognition technology by police, and further criticises the government’s proposed changes to surveillance oversight Continue Reading
-
News
17 May 2023
Pentera ups ante in penetration testing
The Israeli startup, which expanded to the APAC region last year, scans for vulnerabilities and emulates cyber attacks through its automated security validation platform Continue Reading
-
News
15 May 2023
MS macro-blocking has forced cyber criminals to innovate
One year after Microsoft started blocking VBA and XL4 macros by default, the cyber criminal ecosystem has all but stopped exploiting macros in their attacks. They’re instead innovating at an unprecedented rate Continue Reading
-
E-Zine
11 May 2023
CW EMEA: The future of work
In this month’s CW EMEA, we look at the future of work in Europe after the pandemic forced a change in entrenched human behaviour. For years, people talked about flexible working being the way forward, but scepticism within the management of large companies held it back. This all changed when Covid-19 began to spread out of control and governments and businesses quickly told people to work from home where possible. We also look at the increasing problem of IT failures in Dutch hospitals and how they are affecting patient care, highlighting the need to improve IT security in hospitals. Read the issue now. Continue Reading
-
News
11 May 2023
Fujitsu staff had ‘unrestricted and unauditable’ remote access to Post Office branch systems
Fujitsu engineers could make changes to Post Office branch accounts without anyone knowing Continue Reading
-
News
10 May 2023
How datacentre operators can fend off cyber attacks
Applying zero-trust principles in the form of strong authentication controls and network segmentation can help datacentre operators to mitigate cyber threats Continue Reading
-
News
05 May 2023
Santander reports increase in scams and admits fraud head was impersonated
Santander has reported an increase in impersonation scams, and admitted its own head of fraud was impersonated by a fraudster Continue Reading
-
Opinion
05 May 2023
Security Think Tank: Thinking beyond IAM in the cloud
Looking beyond IAM, there are other aspects of securing public cloud environments that admins can reasonably expect to control Continue Reading
-
News
04 May 2023
Google debuts passwordless login options for users
Launch of Google’s passkey service hailed as a great leap forward for passwordless technology Continue Reading
-
News
03 May 2023
Cyber Action Plan for Wales launched
The devolved Welsh government has set out four priorities in an action plan designed to foster cyber resilience, talent and innovation across the country Continue Reading
-
News
27 Apr 2023
Google Cloud seals bug that could have led to data breaches
The Asset Key Thief vulnerability gave rise to multiple potential attack scenarios that could have impacted thousands of Google Cloud users, but has now been safely fixed Continue Reading
-
Opinion
24 Apr 2023
Security Think Tank: Going beyond IAM for cloud security
Managing access and privilege across complex and powerful cloud tooling is not a straightforward task; but there are some key considerations that can help security teams stay on top of identities in the cloud Continue Reading
-
News
19 Apr 2023
Global finance firms take part in NATO cyber attack simulation
Global financial services organisations take part in NATO annual event which simulates cyber attacks on critical infrastructure Continue Reading
-
News
19 Apr 2023
How organisations can succeed with zero trust
By starting small, taking a long-term view and prioritising the most critical assets in their zero-trust implementations, organisations will be able to reap returns from their investments in the security paradigm Continue Reading
-
Opinion
18 Apr 2023
Cloud identity: Are you who you say you are?
As identity, rather than networking segmentation, becomes the primary determining factor in accessing cloud resources. ISACA’s Ser Yoong Goh highlights three trends driving cloud IAM Continue Reading
-
News
18 Apr 2023
Focus on these three risky behaviours to boost cloud security
Some 80% of cloud security alerts are triggered by just 5% of security rules. Security teams can substantially improve their resilience by zeroing in on a small set of risky behaviours, according to a report Continue Reading
-
Feature
18 Apr 2023
Why IAM systems are crucial for securing multicloud architecture
As business tools evolve into cloud-based services, organisations are finding themselves becoming ever more reliant on the cloud, but how can data be secured across so many different platforms? Continue Reading
-
Definition
17 Apr 2023
Microsoft Azure Key Vault
Microsoft Azure Key Vault is a cloud-based security service offered by Microsoft as part of its Azure platform. Continue Reading
-
Feature
14 Apr 2023
Securing your software supply chain
Organisations need to have a thorough understanding of software components and build security controls into development lifecycles to shore up the security of their software supply chains Continue Reading
-
News
13 Apr 2023
Three charged over banking fraud for hire website
UK authorities have charged three men in connection with the operation of a website that sold social engineering tools to cyber fraudsters Continue Reading
-
News
12 Apr 2023
UK police double down on ‘improved’ facial recognition
The Met and South Wales Police have doubled down on their use of facial recognition technology after research found improved accuracy in their algorithms when using certain settings, but civil society groups maintain that the tech will still be used in a discriminatory fashion Continue Reading
-
News
12 Apr 2023
Okta integrates with Singapore’s national digital ID system
The integration with Singpass will let Okta customers authenticate consumers using Singapore’s national digital ID system and is expected to expand the company’s reach in regulated industries Continue Reading
-
Opinion
11 Apr 2023
Security Think Tank: Adopt a coherent framework for ID first security
With IAM central to enabling appropriate access to cloud-based services, identity first security is becoming a key trend for IAM in the cloud. Continue Reading
-
News
06 Apr 2023
Prioritise automated hardening over traditional cyber controls, says report
A report from strategic risk specialist Marsh McLennan advises security buyers to funnel their budgets towards automated cyber security hardening techniques, saying they have a much better chance of reducing risk in a meaningful way Continue Reading
-
News
05 Apr 2023
Scottish police tech piloted despite major data protection issues
Scottish policing bodies are pressing ahead with a data sharing pilot despite data protection issues around the use of US cloud providers, placing sensitive personal data of tens of thousands of people at risk Continue Reading
-
E-Zine
04 Apr 2023
Revitalising UK digital government
In this week’s Computer Weekly, as the UK plummets down the international rankings for digital government, can its £400m identity system revitalise the UK’s digital strategy? We examine the container management platforms from the big six storage suppliers. And we look at the challenges of achieving IT sustainability while continuing to drive digital innovation. Read the issue now. Continue Reading