Bangalore: April 11 ,2023, is Identity Management Day. This day was established in 2021 via the partnership between the National Cybersecurity Alliance and the Identity Defined Security Alliance (IDSA), to be held on the second Tuesday of April, as a day of awareness to educate business leaders, IT decision makers, and the general public about the importance of identity management.
Business News This Week caught up with Mr Karmendra Kohli, CEO and Director of SecurEyes, who spoke about the importance of every individual to protect their online data and a few do’s and don’ts that everyone must follow. SecurEyes is a pure-play cybersecurity consulting, services and products company that also provides cybersecurity training and education.
Excerpts of the interview:
Business News This Week (BNTW): What is meant by Identity Management? What does it involve?
Karmendra Kohli: Identity Management, in layman’s terms, is the process of managing an individual’s digital identity. It involves making sure that only the right people have access to the right resources/ information at the right times. This includes setting up secure logins and passwords, controlling access levels, managing user profile information, and ensuring all users follow the correct security protocols. Identity Management also involves auditing user activity, monitoring access rights and privileges, and ensuring compliance with company policies. As an IT discipline, Identity management is the process of managing digital identities, which includes authenticating, authorizing, and tracking user access to information systems. It involves managing identities throughout the entire lifecycle of an individual’s usage of a system, from the initial registration process to the periodic authentication checks that occur when a user logs in. Identity management also involves managing the user’s access to data, applications, and other services within the system. This includes granting and revoking access privileges, auditing user access, and ensuring compliance with corporate policies. Additionally, identity management can involve monitoring user activity and creating reports to ensure that all access privileges are being used properly.
BNTW: Why is Identity Management important? Why does it take place in April? Any relevance?
Karmendra Kohli: This day was established in 2021 via the partnership between the National Cybersecurity Alliance and the Identity Defined Security Alliance (IDSA), to be held on the second Tuesday of April, as a day of awareness to educate business leaders, IT decision makers, and the general public about the importance of identity management. Identity Management is important to everyday digital media users because it helps protect their online data, including their personal information. It also helps protect their accounts from being hacked, stolen, or misused. Identity Management helps users make sure their online accounts are secure, so they can confidently use digital media without worrying about their data being compromised.
The relevance of Identity Management Day for people is that it provides an opportunity to educate people about the importance of protecting their personal information. It also serves to remind people of the need for strong password practices, the importance of regularly updating their security settings, and the need for caution when sharing data online. Additionally, it allows people to be aware of the legal implications of sharing their data and the potential for identity theft.
BNTW: What are the do’s and don’ts for the common person to keep their Identity in check?
Karmendra Kohli: A basic list of Do’s and Don’ts would be as follows –
• Keep your personal information secure and private.
• Use strong passwords and change them regularly.
• Use two-factor authentication whenever possible.
• Be diligent about updating your software and antivirus programs.
• Monitor your credit report regularly for any suspicious activity.
• Be careful about what you share online.
• Use secure Wi-Fi networks whenever possible.
• Consider a privacy-focused search engine like DuckDuckGo.
• Shred or otherwise destroy documents containing personal information.
• Lock your devices when not in use.
• Don’t use the same password for multiple accounts.
• Don’t give out personal information online or over the phone.
• Don’t click on suspicious links or open emails from unknown sources.
• Don’t use public Wi-Fi or unsecured networks.
• Don’t store personal information on public computers or devices.
• Don’t post personal information on social media sites.
• Don’t carry around documents with personal information.
• Don’t respond to phishing emails.
• Don’t use the same PIN for all your accounts.
BNTW: How can identity management help consumers to protect against online scams and cybercrimes?
Karmendra Kohli: There are three human triggers that cyber criminals use when targeting victims –
1. Curiosity: Cyber criminals often use curiosity as a tool to get users to click on malicious links or download malicious software. For example, by sending an email with a subject line that is too good to be true, or by using enticing language such as “You won’t believe what you see,” or “Click here for a free gift.”
2. Fear: Cyber criminals may use fear as a way to get users to act quickly and without thinking. For example, an email might be sent warning of a virus that has been detected on the user’s computer, or a threat of a data breach.
3. Greed: Cyber criminals may use greed to get users to part with their money or personal information. This could be done by offering a ‘too good to be true’ investment opportunity, or by offering free products or services that require the user to provide their credit card information.
Identity management can help consumers protect against these kinds of online scams and cybercrimes by introducing extra layers of security to their accounts. Through identity management, consumers can set up multi-factor authentication, which requires additional verification steps such as second-factor authentication or biometrics to confirm the user’s identity before allowing access to an account. Additionally, identity management can also provide real-time notifications of suspicious activity, alerting consumers to potential scams or cybercrimes targeting their data. By using identity management, consumers can create stronger security protocols and protect their data from malicious actors.
BNTW: What kind of risks are involved in sharing one’s identity on open platforms?
1. Identity Theft: Sharing personal information online could lead to identity theft as hackers or malicious individuals could access your data and use it to gain access to your financial accounts or other sensitive information.
2. Loss of Privacy: When you share your identity on open platforms, you are essentially giving away your privacy. You may not be aware of who is viewing the information you have shared and what they may be doing with it.
3. Phishing Scams: When you share your identity, you are giving criminals an opportunity to target you with phishing scams, which involve sending emails or messages that appear to be from legitimate sources but are actually attempts to steal personal information.
4. Cyberbullying: Cyberbullying is a growing problem, and if your personal information is shared widely, it can be used to target you with malicious messages or posts.
5. Spam: When you share your identity, you may start to receive more spam emails or messages from unknown sources.
6. Data Breaches: Open platforms can also be vulnerable to data breaches, which can result in the exposure of your personal information. This can lead to identity theft, financial fraud, and other cybersecurity issues.
BNTW: In the past, there have been high volumes of data breaches of identity. What steps should the Government of the country take to protect against such data breach?
Karmendra Kohli: According to the 2021 Norton Cyber Safety Insights Report, of 1000 respondents in the country, 36% of Indian adults detected unauthorized access to an account or device in the past 12 months. There are several laws in India that protect the consumer and consumer services from Identity Theft. However, this is an evolving space as threat actors keep changing their strategies and on the other side, systems, people and processes need to consistently educate and change to protect themselves. The Government of India has already initiated several task groups to create a comprehensive security plan at all levels.
BNTW: What is SecurEyes doing in terms of cybersecurity ? Share some information about your company
Karmendra Kohli: SecurEyes is a leading provider of cybersecurity services and solutions. Our mission is to help businesses protect their data, assets, and customers from cyber threats. We provide comprehensive and tailored cybersecurity solutions that help organizations protect their networks and data, detect and respond to threats, and ensure compliance. Our team of security experts have deep knowledge and experience across various technologies and industries, and have the capability to provide our clients with the best and most up-to-date security solutions and services. Our services include Network Security, Cloud Security, Endpoint Security, Identity and Access Management, Security Awareness Training, and Security Incident Response. We also offer Data Loss Prevention, Security Auditing and Compliance, and Security Monitoring and Management services. Our solutions are designed to meet the needs of any organization, regardless of size, industry, or budget.