|Features include registering, identity proofing, screening, credentialing, authenticating, reporting and notification management
SureID has announced the launch of SureID Certified Enterprise, a high-assurance identity that provides configurable identity assurance for organisations of all sizes across government and private enterprise. With the ability to integrate into an organization’s existing systems, SureID offers identity solutions to enhance an organization’s confidence that it knows its third-party vendors and contractors who access critical systems and physical locations.
Rise in cybersecurity incidents
According to a 2016 independent study conducted by the Ponemon Institute titled “Data Risk in the Third-Party Ecosystem,” 75 percent of businesses said cybersecurity incidents related to vendors are increasing. The study also indicated that almost 50 percent of the respondents stated their organisation experienced a data breach caused by a vendor. Not only are data breaches prevalent, they are costly. The “2016 Cost of Data Breach Study: Global Analysis” from the Ponemon Institute concluded that the average total cost of a data breach grew this year from $3.8 million to $4 million per incident.
“SureID has provided best in class, high-assurance identities for the Department of Defense and its contractors for the past 15 years,” said Steve Larson, chairman and CEO of SureID, Inc. “We are now introducing our high-assurance identity to commercial enterprise and other federal customers. Whether a company needs a PIV-I solution to meet government compliance requirements or manage their vendor and contractor employee populations, or both, SureID Certified Enterprise offers the identity solution to meet a company’s needs.”
The SureID Certified Enterprise identity solution includes:
- SureID Certified Enterprise: For medium and large-sized businesses needing a high-assurance identity for vendors and contractors. This identity can integrate within a commercial enterprise organisation’s existing credential or identification badge system. SureID Certified Enterprise also includes a thorough background screen that can offer ongoing monitoring to an identity on a subscription basis.
- SureID Certified Management Portal: The portal offers full credential lifecycle management for third-party vendors and contractors. Features include registering, identity proofing, screening, credentialing, authenticating, reporting and notification management. The portal also provides real-time revocation allowing system administrators to status check and immediately revoke any credential.
- SureID Certified API: The Application Program Interfaces (APIs) integrate to existing enterprise identity and access management (IAM) systems, as well as to logical and physical access controls.
- SureID Certified PIV-I: For government contractors, the new streamlined SureID Personal Identity Verification-Interoperable (PIV-I) federated solution can integrate within an organisation’s existing infrastructure, enable multifactor authentication and provide trusted access through the federal bridge. This trusted identity can also help Department of Defense (DoD) and other federal government contractors to achieve NIST SP 800-171 compliance.
Advanced vendor management systems
Industry analysts have also called attention to the need for advanced vendor management (VM) systems. Christopher Ambrose, research vice president at Gartner, commented that “Although regulatory pressures are growing, improving VM should not just be a response to regulations, but rather a desire to apply a better and more standardized discipline to the management of the life cycle of vendor relationships.” Ambrose went on to predict that “by 2017, CIOs will develop vendor relationship skills as a top-five competency to extract business value and innovation from strategic vendors.”*
*Gartner, 2015 Strategic Roadmap for Vendor Management, October 21, 2015