Identity Security

Read all about identity security on the OctopusBlog!

Certificates and Inherit Trust

By Shimrit Tzur-David|September 23rd, 2018|Categories: Articles|Tags: , , , |

On the Octopus Blog, we’ve delved quite a bit into the vulnerabilities of contemporary encryption standards. The system of Public Key Infrastructure (PKI) which forms the basis of most of the worlds authentication platforms, while presenting a powerful, easy to use encryption model, still left several holes through which attackers can breach networks and steal identities. Perhaps the single biggest problem [...]

How to Secure the Health Industry

By Shimrit Tzur-David|August 27th, 2018|Categories: Articles|Tags: , , |

Data breaches at healthcare organizations are some of the most critical security incidents. They put very damaging information at the disposal of cybercriminals and malicious actors. A slate of regulations in different jurisdictions classify health data as highly sensitive and penalize organizations that mishandle the information or fail to protect it against hackers. An example is the Health Insurance Portability and [...]

Private Keys Vulnerabilities to Side Channel Attacks

By Inbal Voitiz|August 23rd, 2018|Categories: Articles|Tags: , |

The Public Key Infrastructure has been the staple of cryptography for over forty years. The simple and ingenious system introduced to the world of information technology the concept of “asymmetric” encryption; a way in which a message can be encrypted, but only unlocked by one particular user. While the public key is accessible to all and can be used to encrypt [...]

Before you Get a Physical Security Token – What you Need to Know

By Shimrit Tzur-David|August 2nd, 2018|Categories: Articles|Tags: , , , , |

Last week Google announced that it will create its own physical universal second-factor authenticator that leverages the FIDO Alliance (Fast Identity Online). FIDO was designed to put an end to the tradeoff between fast, easy access on the one hand, and robust authentication security on the other. With the authentication scheme growing in popularity, several tech manufacturers like Yubico and Feitian [...]

Using Social Networks as an Identity Provider

By Inbal Voitiz|July 25th, 2018|Categories: Articles|Tags: , , |

One of the major innovations in authentication today has come through harnessing our social accounts as identity providers. Utilizing our social applications to confirm our identities has certainly streamlined access to tools and services. Data has shown that nearly all users have at one point encountered a social login option, and about half use them regularly. The question is: what is [...]

Windows Hello for Business – Review

By Amit Rahav|July 19th, 2018|Categories: Articles|Tags: , , , |

Just a few years ago, biometric logins were the stuff of science fiction and technophiles. Today, the market has produced a slew of tools that have made biometrics available for the common user. Microsoft’s biometric solution, Windows Hello for Business (WHB), is one of the industries most successful platforms designed for enterprise-wide use. Let’s start with the basics: What Does it [...]

How Does Passwordless Authentication Work? (Part 1)

By Amit Rahav|July 9th, 2018|Categories: Articles|Tags: , , |

Being in the industry of authentication, we get quite a lot of questions on the topic, especially on how to get rid of passwords while maintaining a high level of assurance. To make access to this information a bit easier, we decided to put out a blog series with answers to the most commonly asked questions. Here’s the rundown of ongoing [...]

Cloud IAM and How to Choose Your Solution

By Shimrit Tzur-David|July 4th, 2018|Categories: Articles|Tags: , , |

The shift to the cloud continues to be one of the biggest trends in Identity and Access Management (IAM). Indeed, industry leaders have long pointed to the strengths of cloud-based options for managing digital identifies, often not available with on-premises options. But for managers seeking to develop a data security strategy for their organizations, trying to navigate through the slew of [...]

The Rise of the e-State – A Story About Estonia

By Shimrit Tzur-David|June 20th, 2018|Categories: Articles|Tags: , |

We are approaching a future where our physical identity and digital identity will merge. Today, our biological traits, behavioral markers, and other characteristics are used to identify us in the digital sphere, affecting more and more aspects of our daily lives. The numbers on this shift in identity authentication are pretty clear. In a recent IBM study surveying citizens from the North American, [...]

What to Look for in Identity and Access Management Solutions?

By Amit Rahav|June 11th, 2018|Categories: Articles|Tags: , , |

Effective identity and access management platform is likely the single most important responsibility for today’s chief information security officers (CiSO). Information and Access Management, or IAM, is the bread and butter of securing a network, ensuring access to data and applications is controlled and uncompromising. IAM plays a vital role in a company’s overall security framework. Having an effective strategy enables [...]

Software Tokens Vs Hardware Tokens

By Amit Rahav|May 28th, 2018|Categories: Articles|Tags: , , , |

Proving your identity in order to authenticate yourself and gain access to some kind of system is more of a challenge than most people realize. This process has to be designed so that on one hand it’s as easy as possible for the user of the system to gain access, while on the other it’s as difficult as possible for someone [...]

Circumventing The Single Point of Failure – Goals in Authentication

By Shimrit Tzur-David|May 24th, 2018|Categories: Articles|Tags: , |

Securing our online communications has always been an ongoing task, one that has to stay in-synch with our ever-expanding communication technology. For years, the basis of this security has been Secure Sockets Layer (SSL) cryptography, now in its more updated version of Transport Layer Security (TLS). These protocols work by generating keys for every connection made between parties (say, your internet [...]

Taking on the Growing Threat to Identity Security

By Amit Rahav|December 20th, 2017|Categories: Articles|Tags: , , , |

The need for a robust identity security and access management (IAM) strategy is one of the central concerns of securing enterprise IT. Strong identity solutions can help firms boost their productivity by streamlining user access in additional to strengthening the overall security of the organization. But with identity theft steadily on the rise in recent years, resulting in billions in losses [...]