Identity-First Security in a SaaS World: Challenges and Solutions
The concept of identity-first security, which makes identity the key to securing digital resources, is growing in popularity. The model is replacing the traditional perimeter-focused approach to security, partly because the perimeter scarcely exists any longer. Cloud computing, software-as-a-service (SaaS), and remote work, among other factors, have caused the perimeter to lose most of its […]
The Role of IAM in a Zero-Trust World
Introduction Identity and Access Management (IAM) is essential to implementing Zero Trust (ZT). After all, verifying user identity is core to ZT. So is ensuring proper authentication and authorization at every level of access to data. This is easier said than done, especially if you’re trying to apply ZT principles to cloud and Software-as-a-Service (SaaS) […]
Universal SSO: A Game-Changer for SaaS?
Introduction The world of Single Sign-On (SSO) is undergoing a major transition, a “game changer,” if you will. Successful as it may be, traditional SSO is not optimal. It requires integration, which creates complexity and inhibits adoption. The “SSO Tax” that comes from having to upgrade to higher licensing tiers adds to costs. SSO for […]
Top 5 IAM Challenges for Growing Organizations
Introduction Identity and access management (IAM) solutions are a staple of corporate cybersecurity. Adoption is at 95%, with the IAM market expected to reach $45 billion by 2032. The reasons for IAM’s success are easy to understand. The technology provides a foundational control over access, authentication, and authorization. IAM presents its share of challenges, however. […]
Uh, About Those 19 Billion Stolen Passwords…
One of cybersecurity’s biggest problems is that we tend to ask the wrong questions about malicious actors. We ask, “How can we defend our digital assets against threats?” That’s all well and good, but a better question might be, “How far will crooks go to get their hands on the world’s $454 trillion in wealth?” […]
Breaking Free from the “SSO Tax”
Single Sign-On (SSO) provides a range of productivity and security benefits for organizations that adopt this convenient authentication method across multiple applications. Employees are freed from the hassle of having to log in more than once. SSO also reduces security risks related to identity and access management (IAM). However, these benefits typically come with an […]
Visibility, Control, and Modern SSO: Elevating IAM Hygiene
During his session on “Guidance for Achieving IAM Resilience in a Cloud-First World” at the Gartner IAM Summit 2024, Michael Kelley introduced a concept that I found incredibly impactful: Identity Hygiene. Identity Hygiene refers to the practices and standards organizations adopt to maintain a secure and well-governed IAM environment. Several critical elements determine an organization’s […]
Bypassing 2FA with AiTM: How Unixi Stops Credential Theft
Introduction Two-factor authentication (2FA) has long been hailed as one of the most effective ways to safeguard online accounts against unauthorized access. However, despite its strength, 2FA is not impervious to clever attackers. One such attack vector that has been gaining traction is the Adversary-in-the-Middle (AiTM) attack. This sophisticated technique allows attackers to bypass 2FA […]
MFA Cannot Stand Alone Series: The Risks of SIM Swapping
Multi-Factor Authentication (MFA) is widely recognized for enhancing security by requiring at least two forms of verification: usually something you know (like a password) and something you have (typically a mobile device). This method undoubtedly complicates a hacker’s job by necessitating the breach of two security barriers instead of one. However, MFA is not foolproof. […]
MFA Cannot Stand Alone Series – The DUO Hacking
Unveiling the Limitations of MFA As was demonstrated in the previous blog post, MFA cannot stand alone. MFA, on its own, still leaves enterprise systems vulnerable to various breaches. In the following post, we will continue exploring different vulnerabilities of the MFA mechanism. The DUO Hacking Incident One such vulnerability was exposed very recently with […]