PKI secures ISS research, News flash: passwords suck
17 March, 2016
category: Biometrics, Corporate, Digital ID, Government
PKI secures research conducted on International Space Station
Researchers on the International Space Station (ISS) are using PKI and digital certificates to secure research with earthbound scientists. Airbus Defence and Space is providing a PKI solution from Safelayer.
The laboratory on board the ESA Columbus Module of the ISS offers scientific research capabilities. Earth-based researchers, together with the station crew, conduct thousands of experiments and the results of those projects can be highly sensitive and needs to be protected. For this purpose, PKI technology was deployed for digital signature in specific business processes.
A key evaluation criterion was the ability to support Airbus requirements for the PKI registration workflow. In particular, it was important to find a solution with a user-friendly enrollment process where end-users could request and install certificates in just a few easy steps. The solution also had to support multiple end user client platforms — Windows, Mac, Linux and mobile devices.
Research confirms the obvious: passwords suck
In news that may not be surprising to IT security professionals, passwords are failing, according to research from Lieberman Software Corp. conducted at the RSA Conference.
The study looked at the attitudes of nearly 200 cyber security professionals. It found that 77% of IT professionals believe passwords are failing IT security and 53% of those surveyed thought that modern hacking tools could easily break passwords within their organizations.
The study also showed that 45% of respondents think that even with all the IT security technology deployed in their organizations, they’re still unable to defend against cyber attacks.
Another common theme in the survey was that nearly one in six respondents said if they left their organization they could still access their administrative credentials remotely. Also, more than a third say their IT staff share the same password.
Updating privileged credentials as frequently as necessary – even every couple of hours – negates the damage inflicted by zero day attacks and other advanced cyber threats. If an intruder compromises a credential, it has a limited lifetime, is not shared among multiple systems, and cannot be leveraged to leapfrog between systems.
Biometrics market set for boon
ABI Research forecasts the global biometrics market will reach more than $30 billion by 2021, marking a 118% increase from 2015. Consumer electronics, particularly smartphones, continue to boost the biometrics market, with embedded fingerprint sensors anticipated to reach two billion shipments by 2021 at a 40% compound annual growth.
While North America and the Asia-Pacific region continue to dominate the majority of the biometrics market share, ABI Research market data suggests that Latin America and the Middle East can also expect a boon in terms of new biometric implementations. This will primarily occur in banking and personal finance, followed by the governmental and security sectors.
Rising tensions and pressing identification issues in both the Middle East and Europe will also cause a major increase in biometric technologies. This will, in turn, motivate the respective governments to push for new legislation and regulations for data management and exchange initiatives.
Payment giants like Mastercard lead the way with multimodal technologies and a distinct emphasis on facial recognition. Meanwhile, vendors Gemalto, STMicroelectronics, FPC, and Precise Biometrics recently formed a partnership for the development of end-to-end biometric architecture. And Morpho (Safran) partnered with Airtel to increase user mobility under the UIDAI project in India.
FIDO Alliance hosting financial services seminar
The FIDO Alliance is hosting a seminar about trends in strong authentication for the financial services community and beyond in New York City. Executives from eBay, Google and Aetna will describe FIDO’s approach to frictionless, stronger authentication – and also details on some real-world FIDO deployments and use cases.
FIDO’s open specifications for stronger authentication can help all organizations, especially service providers who want to scale these features for consumer services over the web. There are more than 100 solutions on market that have been FIDO Certified, and hundreds of millions of end-users’ web and mobile apps have been FIDO-enabled for strong authentication protection by service providers, including Google, PayPal, Samsung, Bank of America, Dropbox and GitHub.
The seminar is March 31, 9 am – 4:30 pm at the New York City Marriott Downtown, 85 West Street. You can register here.