identity

now browsing by tag

 
 

#cybersecurity | #hackerspace | Cloud Series: Building a Secure Identity Cloud

Source: National Cyber Security – Produced By Gregory Evans

 

What does it mean for businesses to “go to the cloud?” While the term “cloud” can be used generically, there are many types of cloud architectures. A key benefit of moving to the cloud is that your data is secured with redundant, diversified servers managed by a third party. With your data managed by a third party vendor, it’s important to understand how and where that data is stored. ForgeRock carefully designs an isolated and secure cloud environment for each customer, while maintaining the benefits of the cloud, like sharing high-level resources to reduce costs for customers.

Secure by Design

To understand the concept of these shared cloud resources, it can be useful to imagine the ForgeRock Identity Cloud as a condominium building, with ForgeRock as the landlord. We are responsible for the general construction and maintenance of the building, as well as for shared infrastructure like common water supply and security. Condominium units within the building can be compared to individual customer environments within the cloud, each isolated and protected with walls, locked doors and windows. 

By comparison, other identity cloud architectures and deployments are less like condominium buildings and more comparable to open spaces like high school gymnasiums — more open and malleable. These cloud architectures use virtual machine environments which can be spun up and spun down quickly. Would you feel as secure and safe living in a gymnasium as in your own condo unit? 

In either scenario — condo or gymnasium — you could still have a noisy neighbor. The farther you are from your neighbors, the more sound protection you have. In the case of a data leak, being farther from your “noisy neighbors” by being in an isolated cloud environment, offers more data protection. 

Is your cloud architecture an open space, or a condo building?

This example is an oversimplification but it is meant to underscore the steps ForgeRock has taken to ensure there is no shared knowledge among its customers. We call this architecture our “secure multi-tenant environment with full customer isolation.” In the next few sections, we’ll help you understand exactly what that means for you.

Understanding Multi-Tenancy 

It is important to understand exactly what we mean by multi-tenancy. Revisiting the condominium building analogy, the entire building — from the basic condo unit to the luxury penthouse — is built to common standards using the same materials, and is operated consistently. In the same way, a multi-tenant cloud service is built on a common, consistent model to deliver service to its customers. ForgeRock provides high-level resources, like the ForgeRock Identity Platform that is shared across the entire ForgeRock Identity Cloud. All customer environments are built within the cloud from a standard template and hosted using a common technology base. These environments are maintained according to a consistent set of processes. They are continually updated against security vulnerabilities and upgraded with the latest code base. 

Another benefit of multi-tenancy is the ability for large customers to self-manage multiple environments with a high-level, real-time overview across multiple data centers. Customers who require multiple geo-specific data centers for compliance reasons find this particularly valuable.

Cloud Series Blog- Building a Secure Identity Cloud 2.png

 

Full Tenant Isolation Explained 

Continuing with the condominium metaphor, full tenant isolation can be compared to the individual condo unit itself. The ForgeRock Identity Cloud provides each customer with a distinct, dedicated data environment. All passwords, private keys, and other secrets associated with a customer’s ForgeRock Identity Cloud instance are generated, securely stored, and used solely within the customer environment. There is no shared knowledge between tenants — each tenant environment is self-sufficient and sovereign. Each environment runs a distinct copy of the service code under dedicated identities, with dedicated storage for customer secrets and data that only the customer can access. Additionally, the ForgeRock Identity Cloud enables customers to select their data center location so they can be in compliance with certain regulations. This is unique among identity cloud providers.

In addition to building a secure cloud architecture, ForgeRock also hardens our software by following the latest industry best practices. Our Secure Software Development Lifecycle (SSDLC) maintains high integrity though continuous testing. Our continuous deployment and integration means you will always have the latest version. 

That’s the ForgeRock difference.

Learn more here. Or, contact your sales rep today.

*** This is a Security Bloggers Network syndicated blog from Forgerock Blog authored by n n Robert Vamosin n n. Read the original post at: https://www.forgerock.com/blog/cloud-series-building-secure-identity-cloud

Source link

The post #cybersecurity | #hackerspace |<p> Cloud Series: Building a Secure Identity Cloud <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Cybercrooks busted for multimillion-dollar identity fraud – Naked Security

Source: National Cyber Security – Produced By Gregory Evans

A trio of Australians has been charged with identity theft that netted AU$11 million (US$7.41m, £5.73m) – ill-gotten loot they allegedly ripped off by hacking into businesses and modifying their payrolls, pension payments (known as superannuation in Australia) and credit card details.

According to ABC News, police arrested the alleged cyber-robber – an unidentified 31-year-old man, formerly of Adelaide – at a library in Sydney’s Green Square earlier this week.

His alleged cyber accomplices were 32-year-old Jason Lees and 28-year-old Emily Walker, both arrested in the Adelaide suburb of Seaton. According to Walker’s Facebook profile, they’re a couple.

Jason Lees and Emily Walker, accused of money laundering and deception offenses. IMAGE: Facebook

New South Wales police reportedly said that the unidentified 31-year-old man allegedly stole more than 80 personal and financial profiles so as to use them in identity fraud in South Australia from early 2019, and then in NSW from August 2019. He’s been charged with 24 fraud-related charges in Newtown Local Court. Walker and Lees have been charged with money laundering and deception.

(What’s the difference between lies, deception and fraud, you well may ask if you’re not Australian? Under Australian criminal law, not all lies are deception, and not all deceptions amount to fraud, according to the law firm Sydney Criminal Lawyers. Here’s the law firm’s explanation.)

According to ABC News, the police prosecutor, Senior Sergeant Mike Tolson, told the court that the prosecution anticipates bringing hundreds of additional charges.