cybersecurity

How to Meet your PCI DSS Targets with Okta

Did You know that the most common type of identity theft is debit and credit card fraud? According to the Federal Trade Commision, the rate of card fraud more than doubled between 2017 and 2019 with more than 270,000 reports in 2019 alone.  The Payment Card Industry Data Security Standards (PCI DSS) were introduced to help businesses to prevent,…

9 Steps to Create a Security Program on a Budget

In today’s threat landscape, a good security posture is needed to protect your business and your customers from potential cyberattacks. But when you’re on a shoestring budget, that’s easier said than done. So how can you get a good security posture without having to dedicate much of your already limited resources? Here are a few points to consider…

Advisory 2020-008: Mitigating the Risks of Copy-Paste Compromises

Australian Prime Minister Scott Morrison recently raised awareness of a state-based cyber attack that Australia is facing across all levels of government and the private sector. In response, the Australian Cyber Security Centre (ACSC) published an advisory on the nature of the attacks as well as guidance on how to mitigate these types of attacks…

Why You Should Ditch SMS as an Auth Factor

In my previous post, I talked about how the COVID19 pandemic has impacted how our customers use MFA — more specifically how SMS authentication is on the rise as organizations look to rapidly roll out a quick and easy secondary auth method in response to the need to embrace remote work. In this post, I’ll go into more detail around issues with SMS…

MFA Trends: The Impact of COVID19

The COVID pandemic has changed how we do many things. In the workplace, it’s pushed us to take a deeper look at how we enable employees to work remotely—and to ensure that they can do it securely. But what does that actually look like? According to our recent Businesses @ Work (from Home) report, companies are adapting and evolving quickly…

API Security Threats in the Real World

When we think of compromised API security, we typically see an image of a hoodie-wearing hacker toiling away in a darkened room, targeting a bank’s server. We can imagine them compiling a custom tool, launching it against the system, and celebrating as your 401k becomes theirs. Alternatively, we may even picture armies of hackers using…

Why Your Customers Need Passwordless Authentication

In today’s threat landscape, passwords have become increasingly ineffective for protecting customer authentication and data—and they’re also unintended inhibitors for user experience. As such, it’s not surprising that many organizations are exploring passwordless authentication as a more secure, user-friendly alternative.   In our previous post in…

How to Use Feedback Loops to Find the Gaps in your Security Strategy

Organizations are under ever-greater pressure to leverage new app technologies to drive competitive advantage and growth. Yet these ambitious plans all come crashing down if they can’t guarantee that modern IT systems are built on a secure foundation. Security analytics that incorporate data from access control systems are a crucial tool in the…

Understanding FIDO Standards: Your Go-To Guide

FIDO is an acronym that comes from the Latin fido, meaning ‘to trust’, which was popularised by Abraham Lincoln—who borrowed it to name his dog. It’s a fitting name for man’s best friend, and just as appropriate in the security world, where trust is key. A more technical reference, FIDO (Fast IDentity Online), emerged in 2012 and is backed by a…

Cybersecurity and the Unexpected Consequences of the Government Shutdown

On December 22, 2018, the U.S. government instituted a partial shutdown when Congress failed to approve an appropriations bill. The consequences of this lapse in funding are obvious and very visible, from parks closed due to lack of trash collection, to the suspension of key services like federal housing loans. In today’s heavily connected and…

Archive