LONDON & WASHINGTON--(BUSINESS WIRE)--Today, digital identity and credentials expert Intercede announced MyID as a Service (MyIDaaS), a convenient and affordable cloud-based ‘strong credentials’ service for enterprises. With 25% of breaches involving ‘internal actors’, and 81% of hacking related breaches exploiting stolen or weak passwords1, user authentication is currently the weakest link in the security chain and the potential for catastrophic business impact is real.
To navigate this environment, MyIDaaS removes the need for passwords completely, replacing them with unique, highly secure, government-grade digital identities and an authentication process that enhances the user experience. Critically, MyIDaaS is designed to provide this level of security in a cost-effective manner, allowing enterprises to strengthen authentication methods without compromising budgets.
Recognising the vulnerabilities associated with today’s digital economy, regulators across the world are establishing rules to ensure that security not only catches up with internet development but seeks to “future proof” interconnectivity from emerging threats.
For example in the US, President Trump’s Executive Order on Cybersecurity requires public and private providers of critical infrastructure and digital services to ensure that the highest recommended standards for cybersecurity are applied universally. This is manifest in New York State 23 NYCRR 500 Cybersecurity Requirements for Financial Services Companies. NIST Special Publication 800-171 for government contractors also mandates multi-factor authentication to ensure enhanced levels of identity assurance.
In Europe, the Second Payment Services Directive (PSD2), the General Data Protection Regulations (GDPR) and the Markets in Financial Instruments and Derivatives (MiFID II) Directive, all mandate enhanced levels of digital trust enabled by strong customer authentication. These international regulatory frameworks create a large global market for password replacement technologies, which MyIDaaS has been specifically designed to satisfy. By adhering to the most stringent of regulations all companies, regardless of sector and size, can meet compliance obligations quickly and with ease.
The latest solution from Intercede has been created by envisioning and reengineering the company’s existing MyID solution to operate as a secure, self-service, multi-tenanted Cloud service. It is designed to enable organizations to replace employee passwords with more secure and convenient digital identities on real or virtual smart cards, pluggable tokens, mobile devices and embedded security modules. The solution manages the lifecycle of credentials, for example revoking them if a user leaves an organization or updating them in advance of the credentials expiring.
“Regardless of the organization in question, weak or compromised credentials continue to be today’s security downfall. Usernames and passwords are the number one cause of the majority of data breaches. While there have been solutions to this problem for a number of years, most of them have been inaccessible to companies with limited IT budgets, scarce resources and a lack of in-house security skills,” said Richard Parris, CEO of Intercede.
“For over 20 years, Intercede has been at the forefront of securing some of the most sensitive and critical industries, including defense, aerospace, government and financial institutions. Through MyIDaaS, we’re now offering that same level of security to businesses, without the pain of infrastructure overhaul or hefty costs. This is a game changer for enterprises of all sizes who need to comply with new regulations for protecting customer information but lack the necessary budget and cyber security expertise to build their own digital trust solutions.”
MyID is currently deployed by governments and defense companies to secure some of the world’s most sensitive data. MyIDaaS brings that same government-grade security to businesses to significantly reduce their exposure to cyber-attack. The service packages digital credential deployment into an easily-consumed cloud service. Businesses using the service will be provided with a dedicated certification authority and the ability to deploy digital identities on to hardware-secured zones within existing enterprise computers and devices. This includes Intel Authenticate or IPT on Intel powered computers and Trusted Platform Modules on platforms running Microsoft operating systems. Future support for physical smart cards, smartphones and Internet-of-Things connected devices is planned.
Intercede® is a cybersecurity company specializing in identity, credential management and secure mobility to enable digital trust. It provides software and services that help organizations ensure the safety and security of their people, facilities, networks and information in an increasingly mobile, digital world.
Intercede has been delivering solutions to high profile customers, from the US and UK governments to some of the world’s largest corporations, telecommunications providers and information technology firms, for over 20 years. To find out more: www.intercede.com
Notes to editors:
- MyIDaaS can be deployed without businesses needing to make significant changes to the way existing users are managed. Instead, system administrators can define an Active Directory Security Group for each type of credential and privilege required. Users can then be added to these groups using existing management tools. The service also includes a dedicated, private Certification Authority, an OCSP responder so that businesses can immediately revoke access. A centralised dashboard can also help users keep track of activity.
- The MyIDaaS service can be subscribed to via a self-service portal, making it a highly scalable business proposition for Intercede and its enterprise customers to deliver and implement. Designed to support high volumes of individual enterprise customers, MyIDaaS is also available as an OEM service to partners who wish to embed a credential provisioning solution within their existing product portfolios.
1 Verizon 2017 Data Breach Report