End of Year Shopping Frenzy: Are You Protecting Digital Identities this Festive Season?

Australia’s end of year shopping season is expected to be frantic, with Finder suggesting Australians will collectively spend $23.9 billion this festive season. That’s $6.6 billion more than last Christmas!

As spending continues to rise so does cybercrime, with dramatic consequences.

Retail remains one of the least protected industries against malicious actors. Thales’ Cloud Security Study identifies that 44 percent of retailers have been hit by ransomware in the past year, higher than any other industry. 

Encouragingly, it’s not because of a lack of investment in cybersecurity, rather a gap in where protection is most needed today. 

Digital identities: cyber frontier for the next decade of retail

The pandemic has increased the adoption of cloud, remote working, and online shopping, pushing security perimeters beyond physical walls. 

Retailers now operate in a completely ‘perimeter-less’ environment where employees, customers and partners can gain access to applications and systems using a digital identity. 

Digital identities – and the credentials that protect them – define how we work, live, and now also shop.

Every time someone attempts to connect to an organisation’s system, their digital identity needs to be verified and approved as safe and legitimate through appropriate levels of authorisation.

Addressing retailer’s weakest link: humans

As the OAIC pointed out in its data breaches report, human error remains a major source of breaches. 

This is worrying considering the retail industry’s struggle to retain staff and heavy reliance on temporary and part-time workers. While Retail is one of Australia’s largest employers, it has an average turnover of 41 percent each year, replacing staff every nine months, compared to the national average of just 16 percent.

This is making security and authentication extra challenging, with more third-party devices and digital identities to deal with.

Retailers can’t rely on traditional training and re-training to keep staff on top of security best practice. Instead, the emphasis needs to be put on cost-effective, super intuitive and easy to use tools that can be easily taken away from outgoing employees. 

Stronger Identity and Access Management, wrapped in a Zero Trust approach

Protecting thousands, if not millions of digital identities is complex. 

Retailers often end up with multiple solutions across departments while groups of users require varying levels of access. This leads to disparate authentication systems and strategies, leaving glaring gaps through which hackers can sneak in undetected. 

The first step towards better protecting digital identities is to adopt a ‘trust no one, verify everywhere’ mentality and Zero Trust approach, where only authorised and authenticated individuals can gain access to online systems, corporate assets and data.

The second step is to remove, not add complexity. This comes down to the type of Identity and Access Management (IAM) policy and solutions in use. 

What to look for? 

Retailers need to move to a more comprehensive Access Management strategy with an identity-centric, layered approach at its core. 

Smart Single Sign On policies that provide frictionless authentication and passwordless identities while allowing access to multiple applications have proven the most helpful. 

Including FIDO, One Time Password, and more, these allow for any unusual activity concerning a digital identity (a suspicious time of day, device, geography, network or other) to be questioned and identity revalidated.

It sounds simple, but there are so many solutions available on the market that it is challenging not to end up with disparate systems that create more complexity for IT teams staff, customers and partners. 

Instead, retailers want to look at one single, integrated platform that offers:

  • Ease of use should be the number one priority to overcome the limitations imposed by high attrition low retention rates in the retail industry. Select one single IAM platform, rather than combining solutions from various providers. This will help make things simpler, provide a seamless access for everyone and reduce potential security gaps.

  • Breadth of identification strategies options. This is extremely important when you consider the wide range of users that transit through retailers’ systems all requiring different levels of authentication and access. Passwordless options include Two-Factor Authentication (2FA), Multiple Factor Authentication (MFA), Single Sign On (SSO) and more.

  • Ability to deploy multiple authenticators. This will help suit multiple user profiles within the same organisation. 


With the right IAM platform retailers can better safeguard confidentiality, integrity and availability of their key assets and data, both in the cloud and on-premise. 

Most importantly, adopting a Zero Trust mindset and a strong IAM platform will enable retailers to protect the privacy of their customers’ data, and remain compliant with the growing regulatory landscape so they can end 2021 with a bang rather than a breach!  

For more information about how you can kick-start or improve your digital identities protection journey, please visit Thales Cloud Protection & Licensing (CPL)’s website or get in touch with one of Thales’ experts today.

0 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

[gravityform id="11" title="false" description="false" ajax="true"]
<script type="text/javascript">var gform;gform||(document.addEventListener("gform_main_scripts_loaded",function(){gform.scriptsLoaded=!0}),window.addEventListener("DOMContentLoaded",function(){gform.domLoaded=!0}),gform={domLoaded:!1,scriptsLoaded:!1,initializeOnLoaded:function(o){gform.domLoaded&&gform.scriptsLoaded?o():!gform.domLoaded&&gform.scriptsLoaded?window.addEventListener("DOMContentLoaded",o):document.addEventListener("gform_main_scripts_loaded",o)},hooks:{action:{},filter:{}},addAction:function(o,n,r,t){gform.addHook("action",o,n,r,t)},addFilter:function(o,n,r,t){gform.addHook("filter",o,n,r,t)},doAction:function(o){gform.doHook("action",o,arguments)},applyFilters:function(o){return gform.doHook("filter",o,arguments)},removeAction:function(o,n){gform.removeHook("action",o,n)},removeFilter:function(o,n,r){gform.removeHook("filter",o,n,r)},addHook:function(o,n,r,t,i){null==gform.hooks[o][n]&&(gform.hooks[o][n]=[]);var e=gform.hooks[o][n];null==i&&(i=n+"_"+e.length),gform.hooks[o][n].push({tag:i,callable:r,priority:t=null==t?10:t})},doHook:function(n,o,r){var t;if(r=Array.prototype.slice.call(r,1),null!=gform.hooks[n][o]&&((o=gform.hooks[n][o]).sort(function(o,n){return o.priority-n.priority}),o.forEach(function(o){"function"!=typeof(t=o.callable)&&(t=window[t]),"action"==n?t.apply(null,r):r[0]=t.apply(null,r)})),"filter"==n)return r[0]},removeHook:function(o,n,t,i){var r;null!=gform.hooks[o][n]&&(r=(r=gform.hooks[o][n]).filter(function(o,n,r){return!!(null!=i&&i!=o.tag||null!=t&&t!=o.priority)}),gform.hooks[o][n]=r)}});</script> <div class='gf_browser_unknown gform_wrapper fix-om-styling_wrapper gform_legacy_markup_wrapper' id='gform_wrapper_11' ><div id='gf_11' class='gform_anchor' tabindex='-1'></div><form method='post' enctype='multipart/form-data' target='gform_ajax_frame_11' id='gform_11' class='fix-om-styling gform_legacy_markup' action='/in-focus/protecting-digital-identities-thales/#gf_11' > <div class='gform_body gform-body'><ul id='gform_fields_11' class='gform_fields top_label form_sublabel_below description_below'><li id="field_11_2" class="gfield gfield_contains_required field_sublabel_below field_description_below hidden_label gfield_visibility_visible" ><label class='gfield_label' for='input_11_2' >Email Address<span class="gfield_required"><span class="gfield_required gfield_required_asterisk">*</span></span></label><div class='ginput_container ginput_container_email'> <input name='input_2' id='input_11_2' type='text' value='' class='large' placeholder='Email' aria-required="true" aria-invalid="false" /> </div></li><li id="field_11_3" class="gfield gfield_contains_required field_sublabel_hidden_label field_description_below hidden_label gfield_visibility_visible" ><label class='gfield_label gfield_label_before_complex' >Name<span class="gfield_required"><span class="gfield_required gfield_required_asterisk">*</span></span></label><div class='ginput_complex ginput_container no_prefix has_first_name no_middle_name has_last_name no_suffix gf_name_has_2 ginput_container_name' id='input_11_3'> <span id='input_11_3_3_container' class='name_first' > <input type='text' name='input_3.3' id='input_11_3_3' value='' aria-required='true' placeholder='First Name' /> <label for='input_11_3_3' class='hidden_sub_label screen-reader-text'>First</label> </span> <span id='input_11_3_6_container' class='name_last' > <input type='text' name='input_3.6' id='input_11_3_6' value='' aria-required='true' placeholder='Last Name' /> <label for='input_11_3_6' class='hidden_sub_label screen-reader-text'>Last</label> </span> </div></li><li id="field_11_5" class="gfield gfield_contains_required field_sublabel_below field_description_below hidden_label gfield_visibility_visible" ><label class='gfield_label' for='input_11_5' >Company / Organisation<span class="gfield_required"><span class="gfield_required gfield_required_asterisk">*</span></span></label><div class='ginput_container ginput_container_text'><input name='input_5' id='input_11_5' type='text' value='' class='large' placeholder='Company' aria-required="true" aria-invalid="false" /> </div></li><li id="field_11_6" class="gfield gform_hidden field_sublabel_below field_description_below gfield_visibility_visible" ><div class='ginput_container ginput_container_text'><input name='input_6' id='input_11_6' type='hidden' class='gform_hidden' aria-invalid="false" value='NOT PROVIDED' /></div></li><li id="field_11_7" class="gfield gform_hidden field_sublabel_below field_description_below gfield_visibility_visible" ><div class='ginput_container ginput_container_text'><input name='input_7' id='input_11_7' type='hidden' class='gform_hidden' aria-invalid="false" value='NOT PROVIDED' /></div></li><li id="field_11_8" class="gfield gform_hidden field_sublabel_below field_description_below gfield_visibility_visible" ><div class='ginput_container ginput_container_text'><input name='input_8' id='input_11_8' type='hidden' class='gform_hidden' aria-invalid="false" value='NOT PROVIDED' /></div></li><li id="field_11_9" class="gfield gform_validation_container field_sublabel_below field_description_below gfield_visibility_visible" ><label class='gfield_label' for='input_11_9' >Comments</label><div class='ginput_container'><input name='input_9' id='input_11_9' type='text' value='' /></div><div class='gfield_description' id='gfield_description_11_9'>This field is for validation purposes and should be left unchanged.</div></li></ul></div> <div class='gform_footer top_label'> <button type="submit" class="button-3" id="gform_submit_button_11">SUBSCRIBE</button> <input type='hidden' name='gform_ajax' value='form_id=11&amp;title=&amp;description=&amp;tabindex=0' /> <input type='hidden' class='gform_hidden' name='is_submit_11' value='1' /> <input type='hidden' class='gform_hidden' name='gform_submit' value='11' /> <input type='hidden' class='gform_hidden' name='gform_unique_id' value='' /> <input type='hidden' class='gform_hidden' name='state_11' value='WyJbXSIsIjRjNDYzMzMwNzM3OTFjM2ZlOGZhNjY2ZDA4ZDVlMDcyIl0=' /> <input type='hidden' class='gform_hidden' name='gform_target_page_number_11' id='gform_target_page_number_11' value='0' /> <input type='hidden' class='gform_hidden' name='gform_source_page_number_11' id='gform_source_page_number_11' value='1' /> <input type='hidden' name='gform_field_values' value='' /> </div> <p style="display: none !important;"><label>&#916;<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js" name="ak_js" value="204"/><script>document.getElementById( "ak_js" ).setAttribute( "value", ( new Date() ).getTime() );</script></p></form> </div> <iframe style='display:none;width:0px;height:0px;' src='about:blank' name='gform_ajax_frame_11' id='gform_ajax_frame_11' title='This iframe contains the logic required to handle Ajax powered Gravity Forms.'></iframe> <script type="text/javascript"> gform.initializeOnLoaded( function() {gformInitSpinner( 11, 'https://powerretail.com.au/wp-content/plugins/gravityforms/images/spinner.svg' );jQuery('#gform_ajax_frame_11').on('load',function(){var contents = jQuery(this).contents().find('*').html();var is_postback = contents.indexOf('GF_AJAX_POSTBACK') >= 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find('#gform_wrapper_11');var is_confirmation = jQuery(this).contents().find('#gform_confirmation_wrapper_11').length > 0;var is_redirect = contents.indexOf('gformRedirect(){') >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;var mt = parseInt(jQuery('html').css('margin-top'), 10) + parseInt(jQuery('body').css('margin-top'), 10) + 100;if(is_form){jQuery('#gform_wrapper_11').html(form_content.html());if(form_content.hasClass('gform_validation_error')){jQuery('#gform_wrapper_11').addClass('gform_validation_error');} else {jQuery('#gform_wrapper_11').removeClass('gform_validation_error');}setTimeout( function() { /* delay the scroll by 50 milliseconds to fix a bug in chrome */ jQuery(document).scrollTop(jQuery('#gform_wrapper_11').offset().top - mt); }, 50 );if(window['gformInitDatepicker']) {gformInitDatepicker();}if(window['gformInitPriceFields']) {gformInitPriceFields();}var current_page = jQuery('#gform_source_page_number_11').val();gformInitSpinner( 11, 'https://powerretail.com.au/wp-content/plugins/gravityforms/images/spinner.svg' );jQuery(document).trigger('gform_page_loaded', [11, current_page]);window['gf_submitting_11'] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find('.GF_AJAX_POSTBACK').html();if(!confirmation_content){confirmation_content = contents;}setTimeout(function(){jQuery('#gform_wrapper_11').replaceWith(confirmation_content);jQuery(document).scrollTop(jQuery('#gf_11').offset().top - mt);jQuery(document).trigger('gform_confirmation_loaded', [11]);window['gf_submitting_11'] = false;wp.a11y.speak(jQuery('#gform_confirmation_message_11').text());}, 50);}else{jQuery('#gform_11').append(contents);if(window['gformRedirect']) {gformRedirect();}}jQuery(document).trigger('gform_post_render', [11, current_page]);} );} ); </script><script type="text/javascript"> gform.initializeOnLoaded( function() { jQuery(document).on('gform_post_render', function(event, formId, currentPage){if(formId == 11) {if(typeof Placeholders != 'undefined'){ Placeholders.enable(); }} } );jQuery(document).bind('gform_post_conditional_logic', function(event, formId, fields, isInit){} ) } ); </script><script type="text/javascript"> gform.initializeOnLoaded( function() { jQuery(document).trigger('gform_post_render', [11, 1]) } ); </script>