BIO-key Blog

When we attended the EDUCAUSE Conference several weeks ago in Philadelphia, we learned about major changes and expectations from IT professionals in the education sector. Top IT issues included being cyber-everywhere, modernizing systems, and the move to the cloud. For 2022 and beyond, institutions are looking at new technologies and solving new challenges, which we've included below in our...

As the year ends, many of your employees, users, and customers are beginning to wind down and celebrate the upcoming holiday season. For the United States, the next holiday season is Thanksgiving, a celebration full of food and family gathering. However, the most iconic part of Thanksgiving is the stereotypical food that many families serve throughout the dinner: turkey, mashed potatoes,...

Multi-factor authentication has become a must-have for any cybersecurity strategy, yet getting customers, employees, and suppliers to use it has been a challenge. There is always that group of users or even CEO who does not want to use the authentication method IT administrators provide. But successful MFA relies on successful adoption.

IT directors and managers are now “change managers”,...

When the COVID-19 pandemic created a large shutdown worldwide around March of 2020, many organizations had to suddenly change their workforce model to support remote working; BIO-key included. Daily coffee chit-chats, quick meetings, and in-person conversations were pushed to Slack, Zoom, and other online video meeting services and asynchronous communication methods. 

As we have learned throughout Cybersecurity Awareness Month, the topic of cybersecurity was top of mind for everyone. The headlines throughout the year about cyberattacks especially ransomware on major organizations including Tyler Technologies, SolarWinds, Colonial Pipeline, JBS, and Kaseya heightened awareness around the possibility of an attack happening to anyone.

While removing passwords is the goal for IT leaders and security experts, as Microsoft recently announced, the replacements for...

October is Cybersecurity Awareness Month, a global effort to help everyone stay safe and protected when using technology whenever and however you connect. The theme for the month is ‘Do Your Part, #BeCyberSmart’. The goal of this focused month-long campaign is to support online safety and educate employees, customers, and users about digital privacy. Today, BIO-key is excited to announce its...

With PortalGuard, we offer both the ability have the users reset their password on their own. If you’d like to also configure the ability for the users to see their password instead of resetting it, that is available too. From the PortalGuard Admin Guide, which can be found here:

As we continue to see an overwhelming number of cyberattacks, it has become apparent that many organizations are underprepared for these threats. Security breaches are in the news on an almost daily basis, which makes it clear that many organizations need a stronger way to secure their data.Identity-Bound Biometrics (IBB) can provide an ideal solution for enterprises looking to combat...

Ambulances being re-routed. Postponed radiation treatments for cancer patients. Patient deaths resulting from delayed emergency treatment. 

As a tech nerd, few things pique my interest like the cutting edge. As the architect behind the IDaaS cloud infrastructure at BIO-key, I’ve had the pleasure and rare opportunity to build a system from the ground up that utilizes the latest design philosophies and toolsets available to the industry. What are these tools and what makes them different? Cloud Computing as a paradigm can have its...

The traditional method of authenticating to a network or endpoint uses a single factor – a combination of a username and password that the user enters to gain access. That approach is fraught with security problems, including the fact that users will generally use simple passwords that are easy for them to remember (and easy for bad actors to guess or determine through brute force techniques),...

Josef Stalin is supposed to have once said, “I trust no one, not even myself”. While murderous dictators are normally not reliable sources of useful information, this quote properly summarizes the essence of the Zero Trust architecture, which the National Institute of Standards and Technology (NIST) defines as:

“The term for an evolving set of cybersecurity paradigms that move defenses from...

Moving Away from Passwords

The use of passwords – the traditional method for employees and customers to access networks, applications, data sources and other elements of the IT infrastructure – is the most common method of authentication. They have the advantage of being easy to implement, they are cost-effective, they can be entered from virtually any device with a keyboard, and they offer...

Recent cyberattacks have targeted hospitals, crippling systems for weeks and disrupting patient care.  Over the past several weeks, hospitals in Ireland, New Zealand, and San Diego have been hit by ransomware attacks that have disrupted systems for periods lasting as long as several weeks. Ransom demands for healthcare breaches currently average $4.6 million. 

Ever since the COVID-19 pandemic hit a lot of offices, many organizations have migrated to a fully remote or a hybrid workforce. Regardless, a lot more employees and users find themselves in a more digital environment than before, so improving digital user experience has been a priority for some. Say, for example, you’re an average office worker or student trying to access your work. You wait for...

While the topics of multi-factor authentication (MFA), Zero Trust, and other cybersecurity measures are discussed at great length across all industries, are they being implemented? With the recent explosion of ransomware attacks going after our critical infrastructure and disrupting our daily lives, you would think that cybercriminals are getting past all of these security measures using complex...

On May 7, a cyberattack on Colonial Pipeline forced the shutdown of the East Coast’s largest gasoline pipeline, disrupting gas supplies for several days. Cyberattacks have become increasingly common and this latest breach highlighted the vulnerability of the country’s critical infrastructure.

There are numerous options for Identity and Access Management (IAM) software in today's market. The wealth of information available from vendors provides ample resources for self-guided research, but it also makes it difficult to separate marketing messaging from the explicit answers you need to evaluate and make an informed decision. This post side-steps any feature/functionality checklists and...

Cybersecurity Challenges in the Classroom

Even though the coronavirus pandemic is more under control than it previously was, today's classrooms are still digital, and students are migrating to more online services like their Learning Management Systems (LMS) to checking their report cards or financial information. While talking about login password security might sound funny to talk about in a...

In 2019, US companies had an average turnover rate of 22%, and the retail and wholesale industry saw the highest average voluntary turnover rate, followed by contact center and customer service, manufacturing and operations, and sales.

However, employee turnover is not just an HR issue, companies can also face increased cybersecurity risk through substantial losses as a result of IP theft. The...

The collective government sector, including state and local governments, municipalities, city councils, local law, and federal, and other government entities continue to be a target for cyberattacks. Unfortunately, in 2021, there continue to be more cyberattacks, with more future threats on the horizon. According to a recent article on ZDNet, in 2020 the government sector had 16% of the total...

Why has the education sector become a key target for cyberattacks? Threat actors have increased their cyber security threats against the education sector and institutions for numerous reasons. Let's go over them.

Secure access needs to be given to all applications, regardless of the type of application it is and where it is located – on-premises or in the cloud. However, the larger and more critical the application is, the more complicated and challenging it can become to secure access to it.  

While I thought the conversation started 10 years ago, as early as 2004 we’ve been talking about the de-perimeterization of our cybersecurity thinking. Regardless of when the conversation started, there are clear recommendations to move cybersecurity strategies away from the concept of a defined security perimeter, often designated by the corporate network, with everything outside the network...