A Review of the Best News of the Week on Identity Management & Web Fraud

In China, a Three-Digit Score Could Dictate Your Place in Society (Wired, Dec 14 2017)
China is taking the idea of a credit score to the extreme, using big data to track and rank what you do—your purchases, your pastimes, your mistakes.

AWS has a post re:Invent surprise as it enters the single sign-on market (TechCrunch, Dec 08 2017)
“With AWS SSO, you can easily manage SSO access and user permissions to all of your accounts in AWS Organizations centrally,” AWS explained in the announcement. That’s very different from what other single sign on products like Okta or OneLogin are doing.

NIST Updates to Identity Management: Evolved MFA for the Masses (The Duo Blog, Dec 12 2017)
More contextual and adaptive identity management means more than just MFA alone – a more holistic enterprise security solution was developed by Google to ensure zero trust within their internal networks, and to address threats that exist beyond traditional perimeter protections. That model is known as BeyondCorp, and is based on verifying the trust of both users and devices before granting access to enterprise applications and data.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

What is Adaptive Multi-factor Authentication (MFA)? (Centrify, Dec 07 2017)
Adaptive MFA is a way that multi-factor authentication can be configured and deployed in a way that the Identity Service Provider (IDP) system will select the right multiple authentication factors depending on a user’s risk profile and behavior…

Innovating Identity on the Blockchain (Okta, Dec 12 2017)
Changes to every single identifier associated with an identity could be logged on the blockchain preventing fraudsters from being able to tamper without leaving an obvious digital trail. It may finally be possible to put users in charge of their own identities so that they have complete control over it. With this, users will no longer worry about identity sprawl, privacy account takeovers or identity theft.

The FCC Shouldn’t Vote on Net Neutrality Until It Investigates Comment Fraud (Wired, Dec 09 2017)
Opinion: An FCC commissioner argues that the agency shouldn’t vote to dismantle the open internet until it probes how bots hacked the comment process.

A layered approach to modern identity (Help Net Security, Dec 11 2017)
1. Device reputation, 2. User identity proofing, 3. Provision a secure credential, 4. Adaptive authentication, and 5. Step up user authentication

Authentication Provider Best Practices: Centralized Login (Auth0 Blog, Dec 12 2017)
Learn why centralized login is the most secure, standards-based strategy when authenticating with a provider.

What is identity management? IAM definition, uses, and solutions (CSO Online, Dec 13 2017)
Identity and access management products provide IT managers with tools and technologies for controlling user access to critical information within an organization.

How to Future-Proof your IAM Solution (Gemalto, Dec 12 2017)
Given the numerous management complexities that arise from a fragmented IT environment, it comes as no surprise then that 94% of IT decision makers would like to be able to manage two-factor authentication centrally for all the applications in their organization.