Banking institutions have spent the last two years enhancing authentication to conform to regulatory mandates. Organizations in other sectors can learn important authentication lessons from the banking industry.
The answer seems obvious, especially in the context of IT security and information risk. Yet, is it, especially when developing codes and standards, as well as funding research and development initiatives that involve taxpayer money?
Absent a uniform method, the NIST interagency report investigates credential revocation, focusing on identifying missing requirements, and suggests a model for credential reliability and revocation services that addresses those missing requirements.
Five pilot projects unveiled by the federal government, if successful, should build trust in online commerce, helping to boost the economy, says Jeremy Grant, head of the National Strategy for Trusted Identities in Cyberspace National Program office.
The new report aims to help access-control experts improve their evaluation of the highest security access-control systems by discussing the administration, enforcement, performance and support properties of mechanisms that are embedded in each system.
Creating a more trusted Internet ecosystem should help all types of enterprises and leaders implement identity management solutions that extend beyond usernames and passwords, White House Cybersecurity Coordinator Howard Schmidt says.