Identity Management

The next time you relinquish your personal identity to simply enter a venue or purchase something, spare a thought for how the information might be stored, transmitted and used in the future. Such an overload of identity information may lead to a dramatic escalation in fraud, claims one legal eye.

International experts in Wellington for a conference on identity last week expressed admiration for the New Zealand government's igovt identity information management scheme and the policy behind it.

A prominent Sydney club has deployed a network firewall solution to protect its gaming rewards system, which can potentially hold $50 million.

BMC Australia has won a deal with explosives, chemicals and paint making giant Orica to provide automated employee identity management to accelerate the productivity of new employees.

Barclays bank in the UK has found itself at the centre of another security scam, this time around someone posed as the bank's chairman and scammed £10,000 out of his personal account.

Yahoo appears close to implementing OpenID, a Web authentication standard that relieves people of the need to remember multiple passwords to log into different Web sites.

The BBC presenter Jeremy Clarkson has lost £500 after publishing his bank details in a British newspaper in a naive attempt to prove that the UK's largest ever data breach was a storm in a tea cup.

IBM is aggressively expanding its security portfolio in hopes of becoming the de facto source of advice and technology for businesses looking to adopt high-level IT governance and risk management strategies -- a transformation among customers that officials at Big Blue cite as both ongoing and inevitable.

IBM upgraded its identity management capabilities with tools to help customers manage user access to sensitive information, the company said Wednesday.

The government has defended security measures for its £5.6 billion ID cards scheme in the wake of the data loss crisis at HM Revenue and Customs.

Microsoft is offering updates on the progress of interoperability initiatives, including the Interoperability Executive Customer Council (IEC) and the Interop Vendor Alliance (IVA).

Yahoo!7, eBay and PayPal have joined forces to protect customers against fraudulent e-mails and phishing attacks with the implementation of new authentication technology.

Victorian head-quartered software company, eB2Bcom, has just scored another two identity and access management deals in the Asean market.

Microsoft, EMC and Cisco Systems on Tuesday jointly unveiled plans to build a system for sharing sensitive government data called the Secure Information Sharing Architecture (SISA) that will let various government agencies and their vendors securely share sensitive information.

An Australian organization has developed an algorithm designed solely to detect identity fraud, or people who change their given names to commit fraud following a study into credit risk.

Ah, youth. Ready to take on the world, today's generation of dynamic, tech-immersed youngsters have grown up alongside the Internet. Firsthand, and sometimes single-handedly, they have advanced some of today's hottest technology trends, from peer-to-peer networking, to massively multiplayer online games, to social networks and instant messaging. And along the way, a small, sociopathic number of them have behaved very, very badly.

We've known for a long time that requiring just a user name and password to get on the network or to access personal information on a Web site isn't the tightest security posture, but there weren't a lot of good alternatives, and there wasn't that much pressure to change.

It's security's dirty little secret: Not having your users logged in as root or administrator will not stop malware.

Faced with looming regulations such as the Health Insurance Portability and Accountability Act and the Sarbanes-Oxley Act, Craig Shumard, chief information security officer for healthcare provider Cigna, knew he needed better tools for role-based access control.

Federated identity has long been a goal of many IT organizations. One look at the promise of federation, and it is easy to see why. After all, empowering one organization to serve as an identity provider for another frees IT from having to manage the identities of partnering organizations' employees and customers, thereby facilitating the pursuit of competitive-advantage projects. In this era of increasing enterprise decentralization, thanks in large part to the Web, establishing a federated identity framework is fast proving as essential as it is hard to pull off.

Dean Turner, Director of Symantec's Global Intelligence Network says data breaches and ID theft will continue dominate the threat landscape next year. He also outlines practical steps companies and consumers can take to protect themselves, in this interview with ITBusiness.ca editor, Joaquim P. Menezes.

An Australian researcher is developing technology that would let you use your eyes - or more specifically your iris - to unlock your PC, access secure buildings or open your front door.

What are some of the challenges in deploying NAC? What are the alternatives for LAN security?