The reliance on digital technologies to provide safe access and meaningful engagement has never been in such high demand with more than half the world’s population now online. Unfortunately, this rapidly expanding digital landscape is increasing the opportunity and impact of attacks as well as growing the volume of sensitive data now stored digitally.
“Privacy concerns are driving a new focus from government regulators as the
sophistication and frequency of cyber-attacks is at an all-time high.”
Underpinning the digital landscape is the fundamental trust between people in organisations in any digital exchange. This is why new rules and regulations around data rights and protection are constantly being adapted and updated. Current technologies struggle in many cases to adequately protect the privacy, misuse or theft of sensitive data.
Continuous cyber-attacks are exposing weaknesses in organisations security posture. A strong focus at the moment should be on user entry point protection, usernames and passwords, and Multi-Factor Authentication (MFA). This is quickly becoming a crucial first line of defence for enterprises to prevent breaches. The second point is how and where sensitive data is stored. In order to resolve these privacy concerns, cyber security providers and developers are looking at:
- Whether we need to centrally store sensitive data
- Changing the way applications interact with that data
- Changing the way individuals, enterprises, and third-parties access this data; and
- Providing individuals with more control (and safety) over how their personal information is used and shared
In order to protect digital identities at entry point, we need to use a decentralised identity provider that stops identities being stolen. This replaces the need for usernames and passwords as well as traditional MFA, and in doing so, delivers a better user experience, lowers the security risk, and improves the financial outcome for businesses.
What happens in the event a breach is still successful?
If an organisation or its Cloud is attacked, storing sensitive information across multiple decentralised locations means the data being stolen from a single location has no inherent value or use – a simple yet technologically sophisticated way of approaching the challenges of maintaining a secure environment and protecting privacy.
Recently there has been an Australian cyber start-up that has piqued our interest with a different approach within the space – Authenticate by Haventec is a decentralised identity provider technology that is extremely robust at preventing identity theft by using a pin number and an encrypted key that is unique each and every time a user logs in. Highlights of their software include:
- A single step MFA experience—when using Authenticate to access a digital service, the user simply enters a secret (this secret is never stored anywhere)
- A PIN or biometric option—a true passwordless alternative—eliminates operational risk as it does not require a central credentials store to be maintained
- It features quantum computer resistant architecture, a level of sophistication that will become more relevant in the near future
Whether your organisation is in need of this technology now or you are reviewing MFA for potential use, Vectra can navigate this process with you.