About Us

Omada and SecZetta Collaborate to Decrease Threat of Third-Party Breaches

Omada, a worldwide provider of Identity Governance and Administration (IGA) solution announced an integration with SecZetta, a leading provider of third-party identity risk management solutions. Companies will be able to minimize the risk of third-party data breaches as a result of the integration.

SecZetta delivers easy-to-use, purpose-built third-party identity risk solutions to assist organizations in implementing risk-based identity access and lifecycle strategies for third-party non-employee populations such as contractors, supply chain, suppliers, partners, bots, and more. SecZetta information on managing third-party identities, onboarding, role changes, contract extension, termination, and identity risk management is used by Omada to help third-party users make better access decisions.

Companies are in danger because of this absence of protocol with non-employees; an estimated two-thirds of data breaches nowadays are caused by a third party. Businesses require a way to track and manage all of the people and things who have access to corporate systems. SecZetta uses a collaborative onboarding process to gather contextual information on third-party non-employees, which it then sends to Omada for providing and de-provisioning of access, as well as identity governance and access for SecZetta’s customers.

“Organizations are hyper-focused on adopting Zero Trust policies in the hope of reducing the risk of access-related cybersecurity incidents. Our integration with Omada enables organizations to extend the diligence they have around providing least privilege access to employees to their riskier, non-employee users,” said Jeremy Rohrs, Senior Vice President of Global Sales & Business Development, SecZetta.

“With most organizations today relying on third parties to achieve business goals, it’s critical to get access management right. It’s a balance between security and productivity – and that’s what this integration provides. Organizations can work confidently with non-employees, knowing they are all fully accounted for without creating a drag on IT resources,” said Michael Garrett, CEO, Omada.

T-Mobile’s Security breach now Affects 54.6 Million People

T-Mobile has continued to work around the clock on the forensic analysis and investigation into the cyberattack against T-Mobile systems while also taking a number of proactive steps to protect customers and others whose information may have been exposed.

Their investigation still underway and will take some time, but they are sure that they have blocked the bad actor’s access and egress points.

T-Mobile previously disclosed that personal information from roughly 7.8 million current T-Mobile postpaid customer accounts, including first and last names, dates of birth, Social Security numbers, and driver’s license/ID numbers, had been compromised. Phone numbers, as well as IMEI and IMSI information, the normal identifier numbers linked with a mobile phone, were also hacked, according to T-Mobile. In addition, another 5.3 million existing postpaid customer accounts have been discovered as having one or more linked customer names, addresses, dates of birth, phone numbers, IMEIs, and IMSIs fraudulently accessed. SSNs or driver’s license/ID details were not compromised in these other accounts.

T-Mobile previously disclosed that data files containing information on about 40 million past or potential T-Mobile customers, including first and last names, dates of birth, Social Security numbers, and driver’s license/ID numbers, had been compromised. Since then, another 667,000 former T-Mobile customers’ accounts have been accessed, with user names, phone numbers, addresses, and dates of birth exposed. SSNs or driver’s license/ID details were not compromised in these other accounts.

T-Mobile has also discovered further stolen data files, including phone numbers, IMEI numbers, and IMSI numbers. There was no personally identifying information in that data.

There is still no indication that any of the stolen files contained any consumer financial information, credit card information, debit card information, or other payment information.

Approximately 850,000 current T-Mobile prepaid customer names, phone numbers, and account PINs were exposed, according to T-Mobile. T-Mobile has reset ALL of the PINs on these accounts proactively. Additional dormant prepaid accounts were also accessed for similar information. Up to 52,000 names associated with current Metro by T-Mobile accounts may have been included as well. There was no personally identifiable information in any of these data sets. Furthermore, no former Sprint prepaid or Boost customers were among the T-Mobile files obtained.

T-Mobile is continuing to take steps to protect everyone who is at danger from this cyberattack, including those who were recently identified by T-Mobile. T-Mobile has communicated with millions of customers and others who have been affected, and is offering assistance in a variety of ways.

Anti-Money Laundering – A Recapitulation

Anti-Money Laundering Software is as straightforward as it sounds – It works against Money Laundering.
But, in efforts to understand Anti-Money Laundering, we need to understand money laundering first.

So, what is money laundering?

The term ‘Money Laundering’ originates from the innovative methods used by the Italian Mafia to channel the large amounts of money they acquired from illegal occupations, into financial institutions without raising a concern or being subjected to taxation.
For a brief explanation, ‘money laundering’ encapsulates the numerous ways in which people convert illegally obtained funds into legal money.

To prevent this from happening, many laws got put into place in the late 1900s to ensure that financial institutions (FIs) were safeguarded against illicit activities including, but not limited to, money laundering. The Financial Action Task Force (FATF) also makes sure that financial institutions also do not indulge in malpractices by implementing many protocols that FIs needed to follow.

With the addition of these security protocols and compliances, the paperwork that FIs generated suddenly grew manifold. Keeping up with all the new rules and laws was also proving difficult for bank officials. This is why Anti-Money Laundering software came into existence.

Anti-Money Laundering (AML) Software helps banks and other legal/ financial organizations collate, sort and manage customer data and transaction history to identify problematic clients and simultaneously helps them oblige to regulatory compliances.

To gain a deeper understanding of AML software, let’s look into the 4 basic types of AML software –

1) Transaction Monitoring systems – They help monitor and identify suspicious transactions based on transaction patterns and long-term user behaviour. These transactions would include abnormal behaviour, large sum transactions, and multiple consecutive transactions. These systems also put together Suspicious Activity Reports (SARs) or Suspicious Transaction Reports (STRs) that help identify long-term customer behaviour.

2) Currency Transaction Reporting systems – These specifically deal with keeping a record of large cash transactions. The sum varies from region to region. Some systems also have real-time tracking and allow FIs to verify customer identity before allowing large cash transactions.

3) Customer Identity Management systems – Customer Identity Management is an important part of KYC (Know Your Customer). It helps financial institutions identify potentially dangerous customers by checking various databases for fraudulent activity, identity theft, blacklisted persons, and other suspicious behavior. Most countries maintain an elaborate list of suspicious identities as well as PEPs (Politically Exposed Persons). These candidates are generally flagged by the customer identity management system through its name screening capabilities.

4) Compliance Management systems – As stated before, to ensure the security of FIs, many regulatory compliances have been put into place. Keeping up with these and making sure that a FI is truly compliant can be taken care of with compliance management systems. They create audit trails, keep records of proof of compliance, track employee records and training, and help handle non-compliance situations.

Some modern AML Tools utilize Artificial Intelligence (AI) to streamline the above-mentioned processes. These tools function on static and dynamic sets of rules, are capable of integrating with third-party security tools and databases, accumulating and organizing data, and can automatically screen customer profiles for potential risks.