A lot of businesses haven’t got time to spend on implementing good Identity Security practices. And a bigger issue is that they don’t know where to start. A good example of this is password management. I’ve had sessions with smaller businesses who think they’re doing the right thing. They’re using a “Password Manager” to stopContinue reading “(Video) Should you let your staff use In-Built Browser Password Managers?”
Category Archives: Security
Mastering Advanced App-Onboarding with Entra
One of the services we offer at Assertiv is application onboarding. This is a unique area of specialisation, as complexity can wildly differ from application to application. We’ve seen customers get burned when they assume their use-case is straight forward. In this blog, I want to show you a unique use case on the moreContinue reading “Mastering Advanced App-Onboarding with Entra”
Securing Guest Trust: Identity Security as a Hospitality Business Imperative
The hospitality industry encompasses a vast ecosystem of businesses dedicated to customer satisfaction and memorable experiences, which includes restaurants, cruise lines, theme parks, casinos, travel agencies, event venues, and hotels. Over the past decade, these sectors have undergone radical digital transformation to meet evolving customer expectations, optimise operations, and maintain competitive advantage. From contactless paymentsContinue reading “Securing Guest Trust: Identity Security as a Hospitality Business Imperative”
Checking In Securely: How IAM Keeps Hackers Out of Your Hotel
The Cybersecurity Landscape in Hospitality The hospitality industry has rapidly embraced digital transformation to enhance guest experiences, streamline operations, and remain competitive in a global marketplace. From digital key cards and automated check-ins to interconnected IoT devices and sophisticated reservation systems, hotels are increasingly becoming technology-driven enterprises. While this digital evolution has brought unprecedentedContinue reading “Checking In Securely: How IAM Keeps Hackers Out of Your Hotel”
Why Shadow IT is the Enemy of Identity Security
Today, we are spoiled for choice when it comes to the tools we use to do our jobs. Startups are constantly innovating, providing us with new ways to solve complex problems. One of the most common mediums for delivering these tools is Software-as-a-Service (SaaS). It’s almost too easy. You’re only ever one registration form awayContinue reading “Why Shadow IT is the Enemy of Identity Security”
Superannuation Cyber Breach in Australia, Prevention and Mitigation Techniques
What do we know about the cybersecurity breach against superannuation providers in Australia? Last week, funds were stolen from a small number of superannuation accounts along with personal information stolen from many more. We’ll take a look at the attack and provide some feedback on how this could have been prevented or mitigated. We areContinue reading “Superannuation Cyber Breach in Australia, Prevention and Mitigation Techniques”
Role of IAM in Cybersecurity Frameworks — An Australian Context
On 12 March 2025, Australian Securities and Investments Commission (ASIC) lodged a lawsuit against FIIG Securities Limited for failing to have adequate cybersecurity measures for a prolonged period of time. This marks a significant milestone in the Australia’s cybersecurity landscape as it shifts cyber incidents from being just IT issues to regulatory and legal obligations of directorsContinue reading “Role of IAM in Cybersecurity Frameworks — An Australian Context”
Permission Creep – The Hidden Threat in Your Organisation
Permission Creep (also known as Privilege Creep) ranks highly as a cyber threat for any organisation. It typically occurs when staff change roles and nobody bothers to remove their existing access (but read on, as it can materialise in lesser known ways too). It’s also avoidable in almost all cases. The risk of permission creepContinue reading “Permission Creep – The Hidden Threat in Your Organisation”
How Do Organisations Protect Service Accounts?
In today’s complex IT landscape, service accounts play a crucial role in automating and facilitating system-to-system communication. However, their inherent design also presents significant security risks that organisations must address. Unlike user accounts, service accounts typically do not support multi-factor authentication (MFA), making them particularly vulnerable to misuse. As system administrators often employ these accountsContinue reading “How Do Organisations Protect Service Accounts?”
Getting to Know the Identity Pillar of Zero Trust Architecture
Zero Trust Architecture (ZTA) is becoming a go-to framework for keeping our networks secure. It’s modern, and it throws away the idea that you can trust traffic that’s ‘on the LAN’. One of the most important parts of ZTA is the Identity pillar. Let’s break down what this means and why it matters for youContinue reading “Getting to Know the Identity Pillar of Zero Trust Architecture”