Say Goodbye to Passwords and Hello to Quantum Security with Lastwall!

Unlock seamless IT administration with Lastwall’s all-in-one Identity as a Service (IDaaS) solution. Simplify user access across all your cloud services and IT infrastructure. Our integrated quantum resilient cryptography and PKI-first approach ensure that your credentials are securely stored in hardware-bound, segregated systems, using modern off-the-shelf devices. Ready to embrace passwordless access and elevate your data security? Contact us today and start your journey with Lastwall.

When’s the last time you talked to your CFO?

Came across this article and thought it would be great to share here for this question: When’s the last time you talked to your CFO about identity? But not in the case of “we need x amount of money to do y”, but more in the case of “What things do you do to prepare for a data breach?” Learning to talk to the business on their terms is a skill we all should learn in identity.

Identity and AI: Match made in heaven?

Good short read about some of the challenges facing true Gen AI integrations in identity products. TLDR: Limited data sets, poor data quality, and managing sensitive data.

Let’s talk identity fraud

Let's delve into the digital identity fraud. Buckle up, because the battle against identity fraud is fierce, and knowledge is our greatest weapon. Let’s break down the key stats, and why making fraud prevention a cornerstone of your IAM strategy is essential.

The Stark Reality: Identity Fraud by the Numbers

In the vast expanse of the digital galaxy, identity fraud looms large. Nearly two-thirds of midsized to large e-commerce companies are under significant threat from fraudsters, both automated bots and real-life villains. These cyber bandits aren’t just a nuisance; they’re a major financial drain. In 2023, the global average cost of a data breach hit a staggering $4.45 million. That’s enough to make any CFO’s lightsaber flicker!

Account takeover attacks have skyrocketed, with a jaw-dropping 354% increase year-over-year. Think about that: if you had one attack last year, you’re looking at four this year. And it’s not just about the immediate financial loss. Merchant losses from online payment fraud are projected to exceed $91 billion annually by 2028. That’s more credits than a small planet’s GDP!

The ripple effects are massive. Fraud increases acquisition costs and lowers customer lifetime value by eroding trust. Once that trust is broken, it’s like trying to repair a damaged droid—it takes time, effort, and sometimes, it’s never quite the same.

The Holistic Approach: Fraud Prevention in Your IAM Strategy

Now, why should fraud prevention be a key part of your IAM strategy? Simple: identity fraud is not just an IT issue—it’s a business issue. When fraudsters strike, they hit your revenue, reputation, and customer trust. Incorporating robust fraud prevention into your IAM strategy ensures you’re not just reacting to attacks but proactively defending against them. Not only that you are helping the business do the one thing they love to do: MAKE MONEY.

Conversations around investing in identity now become conversations about investing in increasing revenue generation. Those are fun conversations to have.

Project Jedi: OpenITDR

Ok full disclosure and transparency this project may not see it’s end..lol. But as I’ve been diving into the world of Microsoft and understanding more about their IAM platform, I’ve decided to get a trial tenant an start exploring and setting up some app integrations. While figuring out what apps I wanted to integrate into the tenant, and setting some basic groundrules for what I want to do, I stumbled across the OpenITDR project by Authomize ( now Delinea). So I decided..hell why not make this interesting and tie in OpenIDTR to my Microsoft tenant. ( Yeah….the likelihood of this getting anywhere is dwindling fast..lol) But this should be fun. Now I may have to reach out to some of the Delinea folks to see if this project is still supported because what I can see from the repository I need access to an Authomize tenant to really make this thing work. So if there are any Delinea folks reading this, let’s talk! So here’s the plan for the project:

• Setup Entra ID with SSO into 3 Apps that I use (this may be challenging because most apps have SSO behind an Enterprise pay wall)

• Setup a basic Access Review with Microsoft IAM Governance

• Setup conditional access policies around one of my apps.

• Configure an automated remediation with OpenITDR (Stretch Goal)

Pray for me. I’ve purposely avoided Microsoft for the past decade plus, so diving back into this world will be…..interesting. I’ll keep you guys updated.