About Us

Cybersecurity Company Netrust Announced Partnership With Leading Biometric Technology Firm IDmission To Improve Cybersecurity Solutions

A renowned provider of cybersecurity services in the Philippines, Netrust Philippines Corporation, has partnered with IDmission to provide improved security solutions to its clients in the Philippines and the wider ASEAN market. Due to increased cyber risk, digital transformation and remote work became the norm in many firms during the past year as a result of the pandemic.

“In this age of digital transformation, it is imperative for leaders to put a digital-first approach to stay competitive. As such, we in Netrust, whose main focus is on securing Identities, are thrilled with our partnership with IDmission, a leader in the eKYC and identity proofing space. This partnership will complete our Identity portfolio and allow us to provide the best technology for a seamless customer onboarding journey. Our partnership will provide that competitive edge for our clients to serve their own customers in the most efficient and secure manner,” said Ms. Jennifer Tongco, CEO of Netrust Philippines Corporation.

Using standard compliant security, passive liveness biometrics, artificial intelligence, and industry expertise, IDmission creates a seamless end-to-end encrypted identity verification procedure.

Because of this partnership, Netrust’s security will improve to the next level protecting the digital identities, applications and data of all of its clients. To combat the threat posed by increasingly sophisticated cyberattacks, new and more complex detection systems are needed. IDmission’s biometric identity verification system uses biometric identifiers to increase security, speed up the verification process, and prevent attackers.

“IDmission has been serving customers in the Asia Pacific for a few years. The Netrust partnership is a big step in the direction of providing new and existing customers better access to state-of-the-art identity technology and local support.” says IDmission CEO Ashim Banerjee,

Omada and SecZetta Collaborate to Decrease Threat of Third-Party Breaches

Omada, a worldwide provider of Identity Governance and Administration (IGA) solution announced an integration with SecZetta, a leading provider of third-party identity risk management solutions. Companies will be able to minimize the risk of third-party data breaches as a result of the integration.

SecZetta delivers easy-to-use, purpose-built third-party identity risk solutions to assist organizations in implementing risk-based identity access and lifecycle strategies for third-party non-employee populations such as contractors, supply chain, suppliers, partners, bots, and more. SecZetta information on managing third-party identities, onboarding, role changes, contract extension, termination, and identity risk management is used by Omada to help third-party users make better access decisions.

Companies are in danger because of this absence of protocol with non-employees; an estimated two-thirds of data breaches nowadays are caused by a third party. Businesses require a way to track and manage all of the people and things who have access to corporate systems. SecZetta uses a collaborative onboarding process to gather contextual information on third-party non-employees, which it then sends to Omada for providing and de-provisioning of access, as well as identity governance and access for SecZetta’s customers.

“Organizations are hyper-focused on adopting Zero Trust policies in the hope of reducing the risk of access-related cybersecurity incidents. Our integration with Omada enables organizations to extend the diligence they have around providing least privilege access to employees to their riskier, non-employee users,” said Jeremy Rohrs, Senior Vice President of Global Sales & Business Development, SecZetta.

“With most organizations today relying on third parties to achieve business goals, it’s critical to get access management right. It’s a balance between security and productivity – and that’s what this integration provides. Organizations can work confidently with non-employees, knowing they are all fully accounted for without creating a drag on IT resources,” said Michael Garrett, CEO, Omada.

SentiLink Identity Verification startup raised $70 million in Series B funding

SentiLink announced that they have raised $70 million in Series B funding, led by David Sacks of Craft. The funds are already being used to develop new products, beginning with the launch of “KYC Insights” product at the end of September, as well as to research new fraud issues such as credit washing, J1/F1 fraud, and the laundering of stolen public benefits funds. And as new issues arise with their partners, they will address them as well.

Identity verification is especially bad in the United States. The SSN is the United States’ national identifier, which is supposed to be unique and secret but is neither. Citizens’ identification cards are rarely used and are easy to fabricate. Organizations spend a lot of time and money on this problem, but fraud persists, and honest people are subjected to unnecessary friction and false positives.

SentiLink believes that determining whether someone is who they claim to be can and should be simple and effective. Organizations should be able to detect and prevent fraud in such a way that consumers are unaware. It should be simple, inexpensive, and functional.

SentiLink announced that they’ve raised $70M in Series B to make this vision a reality, led by David Sacks at Craft. The company is already using these funds to develop new products, starting with the launch of our “KYC Insights” product at the end of September, and to research new fraud issues, like credit washing, J1/F1 fraud, and the laundering of stolen public benefits funds.  And as they discover new issues with our partners, they will tackle those as well.

SecurEnds Raises around $21 Million in Series A Funding to Democratize Identity Management and Cloud Governance

SecurEnds, a cloud-native Identity Governance firm, announced that it has raised around $21 million in a Series A round led solely by Elephant. The investment follows a 340 percent rise in annual recurring revenue y-o-y, making it one of the largest A-rounds in Atlanta’s expanding cybersecurity and digital startup sector to date. SecurEnds, which was formerly self-funded by its founders, today has approximately 100 customers and maintains important technological and reseller connections all around the world.

SecurEnds automates user access reviews, entitlement audits, access requests, and segregation of duties for the world’s most forward-thinking enterprises. The platform helps firms save time and money on adoption and maintenance while lowering audit expenses by up to 60%. The funds will be used to increase operations and product development, as well as geographic expansion into untapped regions across Europe and Asia, in order to fulfil the fast increasing demand. 

“We’ve built the industry’s first fully-cloud-native and configurable Identity Governance platform, empowering organizations to secure identities, protect against data breaches, and meet security and compliance needs. The platform’s ease of use allows organizations to rapidly build identity-driven cyber risk and compliance programs. We’re thankful to Elephant for embracing our vision of democratizing Identity and Cloud Governance and look forward to working together as we continue to scale,” said Tippu Gagguturu, co-founder and CEO of SecurEnds.

SecurEnds plans to roughly increase its employment in the next 12 months, filling more than 125 sales, marketing, and product engineering positions in the US and around the world. Elephant Partners Jeremiah Daly and Christopher De Souza will join the Board of Directors as part of the deal.

“SecurEnds’ rapid growth over the past two years has been particularly impressive when considering the many challenges brought on by the COVID-19 pandemic and the highly competitive cybersecurity landscape. Both Chris and I believe Identity Governance is becoming more critical to businesses around the world and needs disruption. SecurEnds provides that disruption by delivering an innovative and elegant cloud-native solution that customers love. We are excited for a long and fruitful partnership that helps SecurEnds execute on their vision for the future of Identity Governance,” said Daly.

SecurEnds has created a versatile product based on AI and machine learning-enabled predictive analytics that outperforms incumbent legacy on-prem solutions in terms of ROI, time to value, and total cost of ownership. The cloud-native set of technologies integrates seamlessly with current customer applications such as Active Directory, ServiceNow, Ping, Workday, and Okta, among others, allowing businesses to meet their risk and compliance criteria.

“Customers gravitate to SecurEnds because we have simplified Identity and Cloud Governance by creating a business user centered product. We’ve carefully constructed our platform to have intuitive workflows that allow end-users without IGA expertise to meet compliance and security goals,” said Deven Reddy, co-founder and COO.

Cloud Security – Insights

Cloud security or cloud computing security includes a wide range of rules, applications and technological controls that are used to safeguard virtualized data, services, networks, applications and the other components of cloud computing infrastructure. There are 3 types of cloud as per service: Platform as a Service (PaaS), Infrastructure as a Service (IaaS), or Software as a Service (SaaS). Cloud security policies vary with the type of cloud used by an organization.

Types of cloud are

Private Cloud – It is used by single organization. In this all users of the cloud system are employees. It faces fewer attacks as compared to other types of cloud. Cloud security easily managed by security teams.

Public Cloud – This is opened to the general public and organization. This cloud infrastructure is used by cloud service provider to provide services like email and storage. The security policies are difficult to manage as the public is included which increases the chances of attacks.

Community Cloud – In this cloud infrastructure is shared by a number of organizations forming a community with a similar need. It is more secure compared to a public cloud.

Data Security

Data security is a component of cloud security that deals with threat mitigation. Providers and clients can use security tools and technology to create rules for accessing sensitive data. Encryption is one of the most powerful technologies that make data unreadable and useless for attackers. The most significant difference is that traditional IT models leaned significantly on onsite data storage. Building all IT infrastructure and frameworks in-house is costly and restrictive is what organizations have experienced. Cloud-based security has reduced system security update and maintenance expenses.

Flexibility

Whether an Enterprise firm is increasing or decreasing capacity, a cloud computing solution gives a company the security it needs. By scaling up an organization’s cloud solution as per the need of an organization results in avoidance of server crashes during the time of high demand. Then, once the high traffic period has passed the organization can cut back down to save money without compromising security.

Identity and Access Management

Cloud Security services provide Identity and access management (IAM) service with secure verification methods like two-factor authentication. They have firm control over user’s access. End-user activity can be monitored and analyzed in real-time with the help of cloud security to discover anomalies that depart from normal usage patterns, such as logins from new unknown IP addresses or devices. These unusual behaviours suggest a system breach, so detecting them early helps in preventing attackers and allow security teams to address security issues before they cause havoc. The companies working in the leading cloud computing security solutions assist organizations in regulated industries like banking and finance in managing and maintaining infrastructures as per regulatory compliance of respective governments to secure the personal and financial data of customers.

Cloud Firewall

Security has evolved with the shift to cloud-based applications, resulting in the emergence of cloud firewalls. Cloud firewalls, like traditional firewalls, control and monitor the flow of data between outside domains and company’s internal system. Cloud firewalls provide real-time monitoring and analyze what information is passing between those source domains and data ports and allowing or preventing information flow based on a set of security rules created by security teams preventing the potential attacks.

In today’s digital world, it is difficult to find a company that does not use cloud service or applications based on cloud service. With this, the cyber criminals have started targeting cloud systems. The majority of attacks on cloud systems are because of the extensive amount of data they store which can be utilized and damages an organization’s reputation if stolen. This has resulted in the majority of organizations giving equal importance to cloud security.

Identity and Access Management – All You Need to Know

Identity and access management (IAM) is a set of rules implemented using technical solution so that validated users in an organization are granted appropriate level of access to the required resources. IAM is a framework, which manages access to enterprise resources.

Identity – An identity is label or token which is used to recognize user. It is creation, modification and deletion of identities.
Authentication – It is process of verifying whether the user is who he/she claims to be.
Authorization (user access) – It is a process to determine whether an authenticated user is permitted to access a specific resource.
In today’s changing world, IAM is critical. The ongoing process of controlling who has access to what information plays vital role. IAM is responsible for the management of users’ (employee or client) identities. In sharing of data and information, secure user access is critical. Furthermore, electronic data is becoming increasingly important to most businesses. As a result, access control must meet increasingly stringent criteria – a problem that is often addressed by implementing strong authentication. Identity and access are two crucial concepts in IAM that must be handled by an organization. Companies are increasingly dependent on digital tools to do these tasks.

Some Noteworthy Features of IAM are –

  • Centralized Directory service – It is one of the fundamental building blocks of IAM solution. A directory service is a centralized database of information that is structured and defined by a unique identifier. It makes the identity storage and verification process seamless across multiple platforms.
  • User Life cycle – IAM creates life cycles of employees and clients of an organization based on their behaviour patterns and access rules defined. It helps to detect threats.
  • Single Sign-On – IAM solutions support SSO. Single Sign-On (SSO) with a single set of credentials allows employees or clients of an organization to access multiple applications quickly. It eliminates the need to remember several sets of passwords making it more user friendly.
  • Scalable and Flexible – IAM solutions are able to scale up and down efficiently as per the requirement of an enterprise firm. They are scalable enough to manage the need of small firms with less than 100 user or large organizations with millions of users. IAM solutions give companies choice of deployment either on-premise servers or cloud with configuration changes.
  • Multi-Factor Authentication – Multi-Factor Authentication systems use two or more methods to verify the user’s identity. It uses information like biometrics, location, OTP to confirm the user’s identity. Organizations use advanced MFA to protect their employee or client’s connections to corporate networks or cloud applications. MFA greatly reduces the risk of a security breach, and confidential data is kept secure.
  • IAM control – Administrators can authorize who can work on specific resources using Identity and Access Management (IAM), giving them complete control and visibility of the company’s cloud resources. IAM offers a cohesive vision of security policies across the entire company, with built-in auditing to simplify compliance procedures for businesses with diverse corporate networks. IAM gives administrators the ability to grant fine-grained access to cloud services.
  • Government Law – State and Central government laws in various countries require companies who work with Personal or Identity-related information like financial information to use secure and robust Identity and access management solutions. In crucial sectors like banks, it is mandated by law to meet certain compliance guidelines.
  • Security – The beauty of the IAM system is its ability to show you what threats your company is facing. It detects and raises alert if the user’s behaviour deviates from usual activity. e.g. an attempt to access unauthorized resource or login from a different location. IAM takes action like account locking for failed login attempts. To make this possible IAM tools use big data analytics based on key metrics to manage.

Identity and Access Management solutions are used by all organizations. It is difficult to imagine an organization without an IAM Solution. With increasing number of devices, applications and users IAM software have great future with growing a market.

User Authentication – An Overview

Definition – User Authentication is the process of verifying a user’s identity to allow access to confidential data or systems. The word ‘Authentication’ means “genuine or real”.
Identification – User must prove who he is.
Authentication – User must prove he is who he says he is.
Authorization – User must prove he is allowed to do what he is trying to do.

There are two core components of user authentication-
1) Information used for authentication – Password, fingerprint etc.
2) Software used for authentication.

Identity Management Tools

Identity management in an organization is about defining and managing the roles and access privileges of users to a variety of cloud and on-premises applications. Customers, associates, and staff are all examples of users. Devices are laptops, servers, computers, routers, smartphones. The core objective of Identity management systems is one digital identity per person. After establishing digital identity, the task of modifying, maintaining and monitoring throughout all employee’s or device’s access lifecycle. The maximum applications have a built-in tool for user authentication (login and authentication) and therefore some companies do not require any specialized authentication tools. Cloud-based based IAM solutions not just permit clients to do authentication from anytime anyplace, they additionally give the detailed reports on analytics, access rules and policies to genuinely automate identity access and management across the enterprise.


Role Based Access Management

“Access” means what data an employee/client can see and what actions they are allowed perform once they log in. The concept of granting permissions to employees based on their position within an organization is known as Role-Based Access Control (RBAC). It provides an easy, manageable, and error-free approach to access management and companies can easily comply with legislative and statutory criteria for confidentiality and privacy more effectively. Third-party users or clients can be integrated by assigning them pre-defined roles.


Enterprise Single-Sign-On (ESSO) Solutions

With a single set of credentials, the Single Sign-On (SSO) approach allows employees or clients of on organization to access multiple applications quickly. It eliminates the need to remember several sets of passwords, resulting in a more seamless experience. Enterprise SSO has expanded its scope to all IT resources. Single Sign-On is cloud-based, making it simple to set up and allowing it the flexibility to scale as per the need of client’s organization.


Multi-Factor Authentication Solutions

Multi-Factor Authentication systems offer a wider range of authentication methods than passwords alone, like biometrics, location, OTP, additional passwords, device-based confirmation or behavior-based information to confirm user’s identity. Organizations use advanced MFA to protect their employee or client’s connections to corporate networks, VPNs, and cloud applications. Admins monitor who is accessing which network areas, from the central management console and produce comprehensive reports on account use to reduce risk. MFA greatly reduces the risk of a security breach, and confidential data is kept secure. State and Central government laws require companies who work with Personal or Identity related information like financial information to use secure and robust user authentication systems. In Certain sectors like banks Multi-Factor Authentication is mandated by law to meet certain compliance guidelines.


Risk Based Authentication Solutions

Risk-based authentication (RBA) aids in the prevention of security breach by assessing the level of risk associated with each financial transaction and the level of customer authentication needed for the organization. RBA systems analyze millions of users’ connections to check data parameters like the customer’s IP address, device, location, time to assess the risk. The crux of RBA lies in ability to reduce hassle for customers without compromising security and it gives company a big competitive advantage.

Credential Management Systems (CMS)

A central feature of the CMS architecture is centralized password management. CMS integrates with PKI components to provide IT departments with a unified solution for issuing and managing credentials for a wide range of devices, including smart cards, smartphones, USB keys, laptops, and desktop computers.