cybersecurity

When we think of compromised API security, we typically see an image of a hoodie-wearing hacker toiling away in a darkened room, targeting a bank’s server. We can imagine them compiling a custom tool, launching it against the system, and celebrating as your 401k becomes theirs. Alternatively, we may even picture armies of hackers using…

In today’s threat landscape, passwords have become increasingly ineffective for protecting customer authentication and data—and they’re also unintended inhibitors for user experience. As such, it’s not surprising that many organizations are exploring passwordless authentication as a more secure, user-friendly alternative. In our previous post in…

Organizations are under ever-greater pressure to leverage new app technologies to drive competitive advantage and growth. Yet these ambitious plans all come crashing down if they can’t guarantee that modern IT systems are built on a secure foundation. Security analytics that incorporate data from access control systems are a crucial tool in the…

FIDO is an acronym that comes from the Latin fido, meaning ‘to trust’, which was popularised by Abraham Lincoln—who borrowed it to name his dog. It’s a fitting name for man’s best friend, and just as appropriate in the security world, where trust is key. A more technical reference, FIDO (Fast IDentity Online), emerged in 2012 and is backed by a…

On December 22, 2018, the U.S. government instituted a partial shutdown when Congress failed to approve an appropriations bill. The consequences of this lapse in funding are obvious and very visible, from parks closed due to lack of trash collection, to the suspension of key services like federal housing loans. In today’s heavily connected and…

Every website or mobile app with a login form is a potential target for account takeover attacks. An “account takeover” is the process by which hackers and fraudsters use ill-gotten credentials to gain access to legitimate customers’ accounts. Most of these attacks are automated and driven by malicious bots. The rise of bots is mirrored by the…

This week, Yubico, one of our finest security partners, asked our Okta team about ways to stay safe during the holiday shopping season. Take the following little quiz to check your own security savvy when visiting sites and opening holiday emails. Give yourself a point for each best practice you do. How did you score? How many of these online…

Passwords. Most of us have a love-hate relationship with them. Security best practices and common sense tells us to pick unique, hard-to-guess passwords for every account, which makes management of them a pain, or leads to bad password habits like reusing them. Then there’s the inherent security of passwords, or rather, the insecurity of them. As…

People who live in glass houses, probably shouldn’t throw stones. Over the last month, many organizations and thought leaders have lined up to criticize Facebook over their recent breach. While I agree with them — it was pretty bad, I propose that we also take a step back to look at the bigger picture. In actuality, Facebook should be commended on…

While the internet lights up with terrifying costume ideas every October, what we find truly scary are the security breaches that have hit major companies in recent months. Luckily, we have National Cybersecurity Awareness month to provide focus and resources toward a safe and secure internet. To celebrate and observe the month, our diverse team…