BIO-key Blog

Josef Stalin is supposed to have once said, “I trust no one, not even myself”. While murderous dictators are normally not reliable sources of useful information, this quote properly summarizes the essence of the Zero Trust architecture, which the National Institute of Standards and Technology (NIST) defines as:

“The term for an evolving set of cybersecurity paradigms that move defenses from...

Moving Away from Passwords

The use of passwords – the traditional method for employees and customers to access networks, applications, data sources and other elements of the IT infrastructure – is the most common method of authentication. They have the advantage of being easy to implement, they are cost-effective, they can be entered from virtually any device with a keyboard, and they offer...

Another day, another data breach. As we have experienced, organizations being a victim of data breaches are no longer a matter of "if" but "when". Day after day, more and more organizations are falling victim to cyberattacks, like the recent 2021 attacks on the Colonial Pipeline which affected gas stations all throughout the East Coast into Texas and the JBS Meat Factory cyberattack. These...

Recent cyberattacks have targeted hospitals, crippling systems for weeks and disrupting patient care.  Over the past several weeks, hospitals in Ireland, New Zealand, and San Diego have been hit by ransomware attacks that have disrupted systems for periods lasting as long as several weeks. Ransom demands for healthcare breaches currently average $4.6 million. 

Ever since the COVID-19 pandemic hit a lot of offices, many organizations have migrated to a fully remote or a hybrid workforce. Regardless, a lot more employees and users find themselves in a more digital environment than before, so improving digital user experience has been a priority for some. Say, for example, you’re an average office worker or student trying to access your work. You wait for...

While the topics of multi-factor authentication (MFA), Zero Trust, and other cybersecurity measures are discussed at great length across all industries, are they being implemented? With the recent explosion of ransomware attacks going after our critical infrastructure and disrupting our daily lives, you would think that cybercriminals are getting past all of these security measures using complex...

Single Sign-On (SSO) is a constant talking point. You must have seen articles touting the benefits of SSO. Of course, we are in no way innocent either. SSO enables users to authenticate multiple applications and websites by logging in only once with a single set of login credentials. In other words, SSO provides simplicity in an authentication world that can be unnecessarily confusing....

On May 7, a cyberattack on Colonial Pipeline forced the shutdown of the East Coast’s largest gasoline pipeline, disrupting gas supplies for several days. Cyberattacks have become increasingly common and this latest breach highlighted the vulnerability of the country’s critical infrastructure.

There are numerous options for Identity and Access Management (IAM) software in today's market. The wealth of information available from vendors provides ample resources for self-guided research, but it also makes it difficult to separate marketing messaging from the explicit answers you need to evaluate and make an informed decision. This post side-steps any feature/functionality checklists and...

Cybersecurity Challenges in the Classroom

Even though the coronavirus pandemic is more under control than it previously was, today's classrooms are still digital, and students are migrating to more online services like their Learning Management Systems (LMS) to checking their report cards or financial information. While talking about login password security might sound funny to talk about in a...

In 2019, US companies had an average turnover rate of 22%, and the retail and wholesale industry saw the highest average voluntary turnover rate, followed by contact center and customer service, manufacturing and operations, and sales.

However, employee turnover is not just an HR issue, companies can also face increased cybersecurity risk through substantial losses as a result of IP theft. The...

The collective government sector, including state and local governments, municipalities, city councils, local law, and federal, and other government entities continue to be a target for cyberattacks. Unfortunately, in 2021, there continue to be more cyberattacks, with more future threats on the horizon. According to a recent article on ZDNet, in 2020 the government sector had 16% of the total...

Why has the education sector become a key target for cyberattacks? Threat actors have increased their cyber security threats against the education sector and institutions for numerous reasons. Let's go over them.

Secure access needs to be given to all applications, regardless of the type of application it is and where it is located – on-premises or in the cloud. However, the larger and more critical the application is, the more complicated and challenging it can become to secure access to it.  

I’m going to be very frank: a LOT of questions come through the support team here at PistolStar, Inc. That’s not a bad thing – in fact, I love it! Questions keep me going, and I like to see what customers and prospects can come up with. A good ‘stumper’ goes a long way! Moving forward, I will be taking a look at the most popular or frequent questions that come through the support desk, and...

While I thought the conversation started 10 years ago, as early as 2004 we’ve been talking about the de-perimeterization of our cybersecurity thinking. Regardless of when the conversation started, there are clear recommendations to move cybersecurity strategies away from the concept of a defined security perimeter, often designated by the corporate network, with everything outside the network...

Even though companies worldwide are struggling to protect systems and data from incessant waves of cyberattacks—there seems to be no end in sight. With the release of the FBI’s Internet Crime Report 2020, it is apparent that cybercriminals took advantage of the impact of the pandemic while many of us were distracted with trying to figure out our “new normal” and the technology we require to...

Due to the novel coronavirus pandemic throughout 2020, many businesses were required to have their employees work from home, and even with the vaccine rollout and a small beam of normalcy, many will continue to work remotely. In a recent Gartner CFO survey 74% of CFOs report that they plan to shift some employees to permanently work remotely.

Like the blog? Read the whitepaper!

Most portals are designed for their function and only provide the basics when it comes to security, but with the increase in cyberattacks, this is no longer enough. 

Hackers are a blight on the digital scenery where we all spend most of our time, and phishing attacks are one of the oldest tricks in the book. Whether it’s at work or home, modern technology has made the digital world all but necessary. In this environment, hackers and malicious users are the banes of each admin and end-user attempting to get things done. Amid the recent pandemic, the leaches...

Stepping Away from the Static

Even in 2021, in a world where authentication is a large part of cybersecurity measures, the password has still become the cornerstone for accessing websites, applications, and other common logins. In the recent Raconteur publication, "Future of Authentication", they report that Username/Password is still a key identity and access management (IAM) service in 73% of...

While there are key benefits to moving to a cloud-based IAM solution, not all of them are created equal when it comes to their support for various applications and environments. Although the great “cloud migration” is underway, your environment is probably like many organizations – a hybrid. A mix of cloud, on-prem and even “legacy” applications are still in use. With many IDaaS solutions solely...

The pressure to find or update your IAM solutions is at an all-time high. But when faced with this pressure, you may be choosing an IAM solution that delivers unexpected costs in overhead and licensing fees.

According to Gartner, Inc., by not looking at alternative or even open-source options you could be missing out on as high as 25% savings in your IAM budget.

When rushing to find an ...

Identity and Access Management (IAM) is not a new concept or one that many organizations don't already have as part of their security strategy. However, with the evolving threats and constant changes brought on by digital transformation, customer expectations, and even an unexpected pandemic, the need to be able to adapt is more critical than ever.

What is Password Fatigue?

Everyone hates passwords, but what most users hate about them is how many they have to remember. In many organizations it has become a requirement to have different complicated passwords for different applications that store valuable and confidential data. So if you have ever just felt overloaded with tons of passwords from work, personal finance, or your Netflix...