Latest news with #Authentication
Techday NZ
29-04-2025
- Techday NZ
World Password Day reminds us: It's time to rethink access security
Strong passwords are essential, but they're no longer enough. In today's threat landscape, the combination of a password manager and Multi-Factor Authentication (MFA) must become non-negotiable across all organisations. Password managers reduce the risk of reuse and human error, while MFA significantly decreases the chances of unauthorised access, even if credentials are compromised. Threat actors know that many businesses are falling short in implementing these security essentials. In the first three months of this year, Rapid7's Managed Threat Hunting team observed a significantly heightened number of password spray attacks aimed at discovering and compromising accounts not properly secured by MFA. The message is clear: MFA must be implemented, tested, and enforced wherever it's available. And even when it is, organisations must address emerging risks like MFA fatigue. Rapid7's Managed Detection and Response (MDR) team has observed a rise in push notification fraud, where attackers exploit inattentive users. To combat this, many MFA vendors now offer number matching, which helps users verify prompts before approving them. On this World Password Day, let's remember that passwords are just the first line of defence. If key systems don't support MFA, organisations should be pushing suppliers to make it a roadmap priority. Security isn't static. It requires ongoing vigilance and evolution. Follow us on: Share on:
Forbes
01-04-2025
- Business
- Forbes
Proactive Steps For Healthcare CIOs Amid Oracle Security Concerns
Oracle informed some of its healthcare customers about a breach earlier this year. A separate incident report indicates hackers accessed Oracle servers and have access to sensitive data. The hacker claimed to have data that contained the following: Oracle has not publicly responded to the incident yet, but healthcare CIOs who are Oracle customers must take the following steps now. CIOs must work with their organizations to reset all single sign-on and LDAP passwords, prioritizing privileged accounts such as system administrators. This is an opportunity to remind everyone of the policy, emphasizing strong passwords and the need for every organization to have Multi-Factor Authentication (MFA) in place. Technology leaders must work with Oracle to regenerate and replace all compromised JPS and JKS keys to prevent unauthorized access to Oracle Enterprise Manager. Unfortunately, this exercise will cause business disruption and downtime. The organization's system administrator must thoroughly analyze authentication logs, system access records, and other relevant logs to detect unauthorized activities or anomalies within the network environment and the Oracle instance. Real-time monitoring solutions should also be deployed to continuously detect and respond to suspicious activities. Access controls should be reviewed and tightened according to the principle of least privilege to minimize potential attack surfaces. Two security basics have to be part of IT's DNA. The IT system administrator must perform routing Patch Management: Ensure all systems are updated with the latest security patches to protect against known vulnerabilities. The Oracle incident stems from the speculation that exploited a vulnerability in the Oracle Access Manager. Every security incident is a learning moment. Organizations must swiftly educate employees about the critical importance of cybersecurity. Use the incident to reinforce best practices such as creating strong passwords, recognizing phishing attempts, and staying vigilant online. By turning these events into opportunities for education, CIOs can strengthen their organization's defenses and embed security awareness into the culture at every level. CIOs must actively partner with marketing and legal teams to plan the next steps. They should prioritize internal communication by promptly informing all relevant stakeholders about the breach, outlining the actions underway, and clarifying any steps employees must take. At the same time, communication leaders must prepare for external communication to patients—and possibly Health and Human Services—if the breach affects more than 500 individuals, as required for covered entities. This stage may also be the right time to activate the organization's cyber insurance policy to ensure full compliance with all protocols and avoid missing critical steps in the response process. At this stage, with Oracle remaining silent on both incidents, healthcare CIOs must take a proactive stance. As third-party security risks continue challenging organizations, CIOs must strengthen their oversight and response strategies. These types of incidents are becoming increasingly common across the enterprise, making it critical to stay ahead of potential vulnerabilities.
Yahoo
12-02-2025
- Business
- Yahoo
Lydia Solutions Partners with Vonage to Revolutionize Security and User Experience Leveraging Network Capabilities
Enables seamless and efficient authentication using mobile network data HOLMDEL, N.J., February 12, 2025--(BUSINESS WIRE)--Vonage, a global leader in cloud communications helping businesses accelerate their digital transformation and a part of Ericsson (NASDAQ:ERIC), today announced that Lydia Solutions, one of Europe's fastest-growing mobile financial services platforms, has enhanced its security and customer experience with Vonage's powerful Verify API and Silent Authentication powered by the network. By leveraging the solution, Lydia Solutions has protected the data and privacy of tens of thousands of users daily, and experienced improved customer conversion rates—setting a new standard for secure, effortless authentication. Elevating Security with Silent Authentication As a channel within Vonage Verify, Silent Authentication removes the need for traditional One-Time Passwords (OTPs). By automatically verifying users through their mobile network operators using data from their smartphones' data connection, authentication becomes seamless and efficient. Using Silent Authentication as a primary verification channel eliminates vulnerabilities to social engineering attacks, enabling Lydia Solutions users to safely authenticate with just their phone number, ensuring peace of mind for customers while improving customer experience with frictionless authentication. "Vonage Verify with Silent Authentication has been a real innovation for us," said William Brulin, senior VP at Lydia Solutions. "The solution has elevated our ability to deliver a simpler, seamless and more secure user experience while protecting against increasingly sophisticated threats and fraud patterns. With Vonage, we're safeguarding tens of thousands of users every day while improving conversions and reducing costs—a true win for both our customers and our business." Transforming the User Experience By adopting Vonage Verify, Lydia Solutions has significantly improved the user experience for its customers. The API removes the need for manual OTP entries which are often prone to frustrating mistakes, and guarantees seamless authentication via Silent Authentication. If need be, it can failover to other secure methods like SMS, voice, or WhatsApp, minimizing disruptions and maintaining convenience for end-users. Key results since Lydia Solutions went live with Vonage Verify in October 2024, include: Enhanced user experience: Increased conversion rates. Significant time savings: Up to 50% reduction in latency when compared to Lydia Solutions's previous authentication services. Improved security: Social engineering attacks based on OTP sharing are virtually eliminated thanks to Silent Authentication. Improved total cost of ownership (TCO): Controlled authentication-related costs help maximize efficiency. "At Vonage, we're passionate about helping forward-thinking companies like Lydia Solutions create secure, user-friendly experiences," said Seckin Arikan, Head of Business Unit API at Vonage. "With Vonage Verify and Silent Authentication, we're thrilled to support Lydia Solutions's vision of delivering frictionless, reliable authentication that scales with its rapidly growing user base. By opening up the network's capabilities to build applications with advanced security features, we enable enterprises like Lydia Solutions to not only enhance their internal operations but also deliver enhanced value and trust to their end customers." Driving Growth as a Digital Banking Pioneer This collaboration comes at a pivotal time as Lydia Solutions continues to expand its footprint, aiming to become Europe's leading digital bank by 2030. With the recent launch of its mobile banking app, Sumeria, Lydia Solutions plans to grow its customer base in France to 5 million active users by 2027, particularly among young adults aged 18–34. By combining Lydia Solutions's innovative services with Vonage's advanced authentication solutions, the partnership paves the way for a secure, user-first approach to digital banking—positioning Lydia Solutions as a leader in Europe's competitive fintech ecosystem. For more details about Vonage Verify, visit About Vonage Vonage, a global cloud communications leader, helps businesses accelerate their digital transformation, providing a comprehensive set of engagement solutions to deliver richer, more personal and meaningful communications across the entire customer and employee experience. Vonage's Unified Communications as a Service (UCaaS) and Contact Center as a Service (CCaaS) solutions enable companies to transform how they communicate and operate from the office or anywhere. Vonage's Communications Platform as a Service (CPaaS) offering is fully programmable and allows developers to embed video, voice, chat, messaging, AI and verification into existing products, workflows and systems using communications APIs. Leveraging the power of the network, Vonage's CPaaS is expanding to incorporate new network capabilities exposed as APIs to help developers worldwide pioneer new, advanced applications that help enterprises reimagine their business, improve customer experiences, and create more effective engagements. Vonage is a wholly-owned subsidiary of Ericsson (NASDAQ: ERIC), and a business area within the Ericsson Group called Business Area Global Communications Platform. To follow Vonage on LinkedIn, visit To become a fan on Facebook, go to To subscribe on YouTube, visit About Lydia Solutions Lydia Solutions, the company behind the Lydia and Sumeria applications, is powered by 250 employees based in Paris, Nantes, Lyon and Bordeaux. When it launched in 2013, it undertook the mission of setting new standards for P2P payments, by offering an ultra-simple, secure, and universal payment experience. The company is a major player in the French financial technology landscape: it is listed in the FT120 programme and is backed by international investors such as Accel, Tencent, XAnge, New Alpha, Groupe Duval, and Founders Future, from whom it has raised €235 mm. View source version on Contacts Media Contact:Vonage Media RelationsMobile: +44 (0)207 785 8888Email:
