Identity Jedi Newsletter Tenth Edition

Wednesday 11/9/22 - Identity Jedi Newsletter - Subscribe

Hey Jedi!  Welcome back to the Identity Jedi Newsletter. The Tenth edition!! Coming to you post-U.S Midterm elections. Exciting times ahead, my friends..... I'll just leave it there. 

We are almost at 100 subscribers, folks!  Wow, once again, I can't thank you enough for all the support; let's see if we can break 100 by next week. Hit the referral link, share with your friends, get free swag, and let's do this!!

Let's get to the good stuff!

What's happening this week

FTC Cracks down on Chegg

The Federal Trade Commission (FTC) has taken action against education technology provider Chegg Inc. for its lax data security practices that exposed sensitive information about millions of its customers and employees. The FTC stated that Chegg allegedly failed to fix problems with its data security despite experiencing four security breaches since 2017. Yup, you read that correctly 4. Two that are highlighted in the article are 

• Phising attack in 2017

• Third party beach ( aka contractor) less than a year later

The proposed order requires the company to bolster its data security, limit the data it can collect and retain, offer users multifactor authentication to secure their accounts and allow users to access and delete their data. So in other words, do the right thing. 

News flash we still suck at passwords

LastPass released their findings from their fifth annual Psychology of Password survey earlier this week, which revealed that password hygiene has not improved despite an increase in security education. Shocker.

The research shows that regardless of generational differences across Boomers, Millennials, and Gen Z, the false sense of security given current behaviors across the board is even more pronounced than ever. ( Hit the link in the article for the report)

But since we still use them, we might as well have a strategy

“Passwords haven’t worked as a solid security strategy in a long time. Stolen credentials have long been a favorite attack vector for cybercriminals — they can get a lot of mileage out of a single password.”- Sue Poremba

In this article, Sue Poremba, discusses the inefficiency of passwords when it comes to protecting the identity of users and discusses why passwords are cybersecurity’s weak spot. Look, we've been trying to kill the password for at least 20 years now, and the fact remains they will be here for a long time. So we might as well make sure we are putting an effective strategy into place for managing them. LastPass seems to be the favorite for corporate use. Personally, I LOVE 1Password. ( Huh, I should see if they will let me offer some discount codes.....I digress). 

Product News

Good Reads

Podcasts

Last Word

Doing the research for this newsletter has made me realize how extremely repetitive and vague we are as an industry. We've been marketing the same shit for years, and we've mastered the art of saying a whole lot, without saying anything. 

LET'S BE BETTER

How about we change that Jedi. Right here, right now, as you are reading this, make a promise that you will do what it takes to push the industry forward. You'll be intentional in your actions. Specific about those actions, and hold yourself and your colleagues to a standard of delivering results. Not just marketing speak, not just trend-hijacking talk of how this software could have helped a customer stop this breach. 

No from this day forward, we deliver real value to our customers. 

Are you with me? 

Till next week

 Be Kind to each other, Be Good to each other, Love each other.

-Identity Jedi

P.S Don't forget to tell a friend