Networked IT ID management in the real world

Passwords are the weak link in IT security (Computerworld)

Password security is the common cold of our technological age, a persistent problem that we can’t seem to solve. The technologies that promised to reduce our dependence on passwords — biometrics, smart cards, key fobs, tokens — have all thus far fallen short in terms of cost, reliability or other attributes. And yet, as ongoing news reports about password breaches show, password management is now more important than ever.

All of which makes password management a nightmare for IT shops. “IT faces competing interests,” says Forrester analyst Eve Maler. “They want to be compliant and secure, but they also want to be fast and expedient when it comes to synchronizing user accounts.”

Is there a way out of this scenario? The answer, surprisingly, may be yes.

It goes on from there to cover several different solutions, including biometrics.

In a Cloud-Connected IT World, are Biometrics the Answer?

For your eyes only: New twist on Digital ID could keep you from getting hacked (ZDNet)

With so many individuals with multiple accounts on so many linked cloud services, it is inevitable that this sort of cybercrime is going to become more commonplace unless new mechanisms are put into place to prevent this form of compromise that Honan experienced.

One way of dealing with this would be to employ biometrics on all computing devices. I wrote about this at length in February 2011, which eventually led to an appearance on CBC Radio alongside prominent independent security researcher Dr. Markus Jakobsson.