The security risks posed by malicious credential abuse is fast becoming every chief information security officer’s worst nightmare.
Image: Bakhtiar Zein/Shutterstock.com
IT security should be a simple concept—it’s essentially about being able to prove you are who you say you are.
The "you" in this context might be an individual logging into a network or service, a device interacting with an application programming interface (API), one network talking to another, or a host of other potential scenarios.
The corresponding proof of identity could be a certificate, a Secure Socket Shell (SSH) key—this is a special network protocol leveraging public-key cryptography, which enables authorised users to remotely access a computer or other devices—or a confirmation code, facial or fingerprint recognition,
For thoughtful journalism, expert insights on corporate governance and an extensive library of reports, guides and tools to help boards and directors navigate the complexities of their roles, subscribe to Board Agenda