The Information Systems Security Association (ISSA) has published a ground-breaking white paper that sets out guidelines and best practice in the identity assurance space, helping to encourage a better understanding of the need for organisations to verify the identity of their customers.

The not-for-profit, international professional organisation of information security professionals and practitioners has enlisted the support of the Right Honourable David Blunkett MP, who said, “There is the most enormous amount of discussion and hand-wringing in this area of deep concern; but these recommendations are about real action in joining together government and public service on the one hand, and private companies and individuals on the other.”

 “The recommendations are a vital step in getting our act together and making digital inclusion and the use of new technology a boon and a benefit to all, rather than a risk to privacy and to business integrity. I hope that they will receive widespread coverage and a vigorous response from all those interested in getting it right for the future,” he continued

In the white paper, entitled `Who do you think you are,' the ISSA - which has more than 10,000 members in more than 100 countries - lays down a number of proposals on best practices for both public and private sector organisations.

According to David Lacey the author of the report “It’s time for everyone handling personal data to get on top of the mounting threat of identity theft. Technology and business trends are creating new and bigger risks. Legacy systems for managing access to data are no longer fit-for-purpose. We can’t afford to wait for more data breaches before taking action. Nor can we turn back the wave of data sharing across government and industry. We need a step-change in our security and management practices: clearer principles, stricter standards and tougher oversight. We must explain to citizens what we are doing with their personal data, and reassure them that we can protect it. Government has a strategy for managing identity data. Industry needs one too. The ISSA recommendations are the collective view of experts from across industry, government and academia. We must all pull together to translate them into action.”

The white paper is available to download from the Infosecurity Europe website  http://www.infosec.co.uk/files/identity_assurance.pdf