Glossary

Identity Security

Identity security is a combination of approaches that individuals and organizations can take to protect customers, employees, and others from being victims of identity theft.

Terms related to Identity Security: Identity management, cybersecurity, multifactor authentication, two factor authentication, data breach, identity theft

Identity security exists to prevent identity theft. Identity theft occurs when a hacker obtains sensitive, personally identifiable information, and uses that data to impersonate another person for the sake of stealing from them, committing fraud, or otherwise engaging in criminal activities.

There are several ways that identity theft can occur, and different approaches for dealing with attacks.

  • Social Engineering and phishing — this happens when a person is convinced to provide sensitive personal login, password, and other information to a criminal. The criminal then logs in as that person and carries out their nefarious activities. You can defend against social engineering by using multifactor authentication, security algorithms, and other approaches. This should also be supported by training, so employees can recognize phishing attempts.
  • Data breaches — this happens when a criminal gets into a sensitive system and steals large amounts of data on customers, employees, or others. You can defend against this by regularly running vulnerability scans and penetration tests, and encrypting data when it’s stored in your systems or transmitted outside.
  • Malware — malware can install keyloggers and other malware onto a device that can capture important identity information from a user. You can defend against this by maintaining strong firewalls, running rigorous antivirus protection on all parts of the network, and training employees not to install unknown files.

Identity Security Resources from Crossmatch