Cyber Defense eMagazine October Edition for 2021

More documents

Recommendations

Info

Authenticator Choice Impacts That Crucial Last Mile of User Experience Consumers and enterprise users are increasingly asserting choice and control as they grapple with challenging new issues around privacy, consent, and digital identity. New identity paradigms are driving the need for more and better choice. Examples include Bring Your Own Identity (BYOI) where an end user's username and credentials are managed by a third party, and W3C Verifiable Credentials (VCs) – an open standard for tamper-evident digital credentials which represent information found in physical credentials, such as a passport or license. Each further drives the need for more and better choice. End users are also demanding that self-service management and choice of authentication methods be available at their disposal from corporate IT. Furthermore, users strongly desire to use these preferred authentication method across multiple use cases as they navigate across disparate systems such as personal computers, mobile devices, corporate IT applications, and consumer applications. The complexity of choice and resulting friction is further compounded as diverse user populations that span internal, partner and external groups are considered. Each of these has their own entitlements and policy driven rules. Needed: A Modern Authentication Strategy That is Identity Provider Agnostic Identity Providers (IdPs) are services that store and manage digital identities for enterprises and consumers. The record growth in the proliferation of digital identities has propelled the global identity and access management (IAM) market towards reaching $22.68 billion by 2025 with several vendors consolidating and vying to capture the lion’s share of the customer’s wallet by bundling multiple products from their portfolio. The widespread acceptance of Microsoft 365 has resulted in digital identities also proliferating across Azure Active Directory (Azure AD) - Microsoft's cloud-based identity and access management service with their own attributes and related services. These diverging developments have forced a strategic shift in thinking within IAM groups which is away from the historical goal of standardizing on a single IdP across the entire enterprise, to an acceptance that there is likely to be coexistence at least for the foreseeable future amongst multiple IdPs – on prem, hybrid and / or multi-cloud. This has resulted in a new strategic driver to separate the authentication component from the IdP offered services as part of developing a modern authentication strategy that simultaneously addresses multiple stakeholders. The organization can more effectively manage the “last mile” of user experience agnostic of the IdP’s MFA capabilities. It also levels the playing field enabling better competition between Identity Providers IdPs and drives improved economic value for the organization. Some Key Areas That a Modern Authentication System Must Address User Centric Passwordless Authentication: A passwordless future is inevitable in response to the endemic threat of credential exploits resulting in spread of data breaches and ransomware attacks. Passwordless authentication methods improve cyber security while simultaneously reducing user friction Cyber Defense eMagazine – October 2021 Edition 84 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
and operating costs. FIDO2 is the set of standards and protocols developed by the FIDO Alliance and the World Wide Web Consortium (W3C) to strengthen authentication. Passwordless authentication options for consumers could include use of “phone as a token” where an un phishable trusted relationship is established between the individual and their enrolled mobile phone. For private or secure environments like contact centers where a phone may not be feasible, FIDO2 security keys could be an efficient alternative. Users would utilize their preferred passwordless authenticator across multiple use cases. Ease of Administration and Resourcing: According to Cybersecurity Ventures, there will be 3.5 million unfilled cybersecurity jobs globally by end of 2021, up from 1 million positions in 2014. A modern authentication system needs to enable “no code and low code” practices consistent with the current trend in software development world where policy development, administration and operation of these systems can be conducted by citizen developers without the need of specially trained and highly paid security operations resources. The ability to orchestrate complex user journeys with granular controls and a rulesbased engine that can intelligently step-up authentication based on risk level is critical. Support for Edge Cases and “Out of Band” Step-up: A key attribute for a modern authentication system is the ability to operate without limitation across multiple use cases such as WFH, that are commonly encountered by the user. Also, these should encompass scenarios such as lost phone, offline access when the authenticator may not be connected to a network. Account recovery, enrollment or reenrollment poses special challenges as there is an inherent danger of the authenticator having been compromised. An “out of band” step-up authentication capability that is established during identity proofing can help in these situations to restore confidence. About the Author A seasoned cybersecurity executive, Veridium CRO Rajiv Pimplaskar is driving global go-to-market strategy and revenue for Veridium. Based out of the company’s New York headquarters, Rajiv comes to Veridium from the San Francisco based Cloudmark – a leader in Threat Intelligence (acquired by Proofpoint). Previously, he held senior leadership roles spanning sales, marketing, product, and corporate development at Atlantis Computing (acquired by HiveIO) and Verizon. Rajiv is an Electrical Engineering and Computer Science professional by trade and is passionate about building and scaling enterprise software companies that offer a market disruption. First Name can be reached online at @veridiumid and at our company website https://www.veridiumid.com/ Cyber Defense eMagazine – October 2021 Edition 85 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
The Top 6 Cyber Attacks Of 2021 So
Page 3 and 4:
Protecting SMBs from Current Cybers
Page 5 and 6:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 7 and 8:
Cyber Defense eMagazine - October 2
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
Page 33 and 34: Cyber Defense eMagazine - October 2
Page 35 and 36: #2 Florida’s water system A hacke
Page 37 and 38: Raise Cyber Security Awareness: Whe
Page 39 and 40: Source Code Protection Market Do we
Page 41 and 42: of script administration, no backup
Page 43 and 44: to steal “the keys to the kingdom
Page 45 and 46: Part 1 - Using a Proxy Server - BUR
Page 47 and 48: Below we have an example of interce
Page 49 and 50: Having the device UUID and being co
Page 51 and 52: In the second part, we demonstrate
Page 53 and 54: Currently, we are bound to use tech
Page 55 and 56: You can be a hacker too! Remember,
Page 57 and 58: The Brutal Reality of Brute Force A
Page 59 and 60: Multi-factor authentication is one
Page 61 and 62: Why outdated software poses cyberse
Page 63 and 64: About the Author Roman Davydov is a
Page 65 and 66: What data security risks do communi
Page 67 and 68: Is the Edge Really Secure? By Cheta
Page 69 and 70: Or, let’s spend some time discuss
Page 71 and 72: accessible. Different agencies have
Page 73 and 74: Making Sure the Lights Don’t Go O
Page 75 and 76: Gösgen’s IT Security Officer, Fr
Page 77 and 78: MFA works a few different ways, but
Page 79 and 80: Get Ahead of the Game: Packet Captu
Page 81 and 82: investigations and the ability to t
Page 83: Thousands of Fortinet VPN Account C
Page 87 and 88: As ports have been steadily ramping
Page 89 and 90: About the Author Working at the int
Page 91 and 92: Today’s Threat Landscape The 2021
Page 93 and 94: Thwarting Today’s Phishing Attack
Page 95 and 96: Security is Everyone’s Job Employ
Page 97 and 98: CapitalOne data breach occurred as
Page 99 and 100: About eSentire eSentire Inc., is th
Page 101 and 102: Complying with regulations Security
Page 103: Cyber Defense eMagazine - October 2
Page 115 and 116: Free Monthly Cyber Defense eMagazin
show all

Cyber Defense eMagazine October Edition for 2021

Create successful ePaper yourself

Delete template?

Save as template?