Identity 101 Index

Authentication

• Defining Certificate Authority and How It Works
• Multi-factor Authentication + VPN = Secure and Private 
• Why Multi-Factor Authentication is Everywhere
• What is Strong Authentication? We Rank 6 Security Factors 
• Should You Choose U2F or Adaptive MFA?
• Which Industries Require Two-Factor Authentication?
• Authentication vs Authorization
• What Is a Security Token (or Authentication Token) and How Does It Work?
• What to Look for in a Risk-Based Authentication Solution
• What is the Most Secure Authentication Method for Your Organization?
• Biometrics: Secure Authentication in the Modern Age
• What’s the Difference Between OAuth, OpenID Connect, and SAML?
• Take Your Security to the Next Level with Context-Based Authentication
• What Is Token-Based Authentication and Who Uses It?
• SAML vs. OAuth: Comparison and Differences
• Universal 2nd Factor (U2F): History, Evolution, Advantages
• Web Authentication: How Is Web API Basic Authentication Used?
• PEAP (Protected Extensible Authentication Protocol)
• CAPTCHA: Meaning, Types & How They Work
• Authentication Server: Definition, Architecture & Operations
• Understanding Adaptive Authentication and How It Works
• Authentication Protocols 101: Definition, Types, and When to Use
• How Does Facial Recognition Work and Is It Secure?
• Authentication: Definition, Methods, Importance, and Processes
• What Is Passwordless Authentication & How Does It Work?
• WiFi Authentication Errors and Methods to Solve Them
• Cross Site Tracking: Defining Browser Tracking and Prevention
• Voice Passwords: Definition, Security & How They Work
• Dual Authentication: A Necessary Extra Layer of Security
• Identification & Authentication: Similarities & Differences
• Password Authentication Protocol (PAP) Security Explained
• Strong Customer Authentication (SCA): History & Compliance
• Central Authentication Service (CAS) Protocol Explained

AD/Active Directory

• Tips to Better Leverage Your Active Directory
• Single Sign-On: The Difference Between ADFS vs. LDAP 
• How Okta Helps Automate User Provisioning for Active Directory
• LDAP vs. Active Directory: What's the Difference

Customer Identity and Access Management (CIAM)

• Defining Data Profiling: Processes and Usage
• Defining Customer Identity & Access Management (CIAM)
• How CIAM Solutions Help Protect Your Customers’ Data

Digital Transformation

• What Is the Cloud? Defining Remote Internet Infrastructures
• How Legacy Apps Are Moving to the Cloud: Office 365
• What Is Hybrid Cloud Architecture and How Can We Use It?
• What Is Cloud Native Architecture: A Guide
• Arriving at a Hybrid IT Definition
• How To Plan a Successful Cloud Migration Strategy
• What Is SaaS? Defining Software as a Service
• The Rising Importance of Identity Proofing
• Behavioral Biometrics: Types, Technology & Industries
• Biometric Passport: Security, Data Protection & How They Work
• Understanding Digital Identity & How It Works
• Cross Site Tracking: Defining Browser Tracking and Prevention
• Age Verification System: Definition, Processes, and Usage
• 10 Signs of Identity Theft to Watch Out For
• Multi-Tenancy Cloud: Definition, Security & Benefits
• Okta – Defining Cloud Computing: Systems, Architecture, and Uses

Identity and Access Management (IAM)

• Anti-Money-Laundering (AML) Risk Approach Explained
• Identity Verification Defined and How Does It Work
• User Access Management Basics
• An Overview of Identity and Access Management (IAM)
• What is IDaaS? Understanding Identity as a Service and Its Applications
• Privacy, Security, Efficiency: The Benefits of a Cloud Identity Provider
• Setting Up IAM: Managing Permissions to Ensure Compliance
• How Identity and Access Management Quietly Powers Your Company
• How to Start Investing in Identity and Access Management
• What Is Identity Management and Access Control?
• The Importance of Centralized Identity Management
• The Changing Landscape of Enterprise Identity Management
• 4 Key Things You Should Know About Access Governance
• Identity Governance: What It Is & Why Your Business Needs It
• Access Token: Definition, Architecture, Usage & More
• What Is Access Control & How Crucial Is It to Cybersecurity?
• What Is Authorization? Definition & Comparison with Access Control
• Synthetic Identity Theft: Definition, Damages & Defense
• Fraud Monitoring: Definition, Importance & Defenses
• Fraud Prevention: Definition & How It Works
• Fake Identities: Damages, Data, and Defense
• Fake Employment Verification: Techniques & Defenses
• Extended Access Control List 101: Access & Privilege
• Entitlement Management Identity Governance Explained
• Digital Onboarding: Definition, Benefits & How It Works
• Digital Rights Management (DRM): Access Control Tech Defined
• Fingerprint Biometrics: Definition & How Secure It Is
• API Management: Publishing, Policies, and Access Control
• Defining PII (Personally Identifiable Information)
• Information Classification: Definition & Internal Development
• Digital Signatures: What They Are & How They Work
• Understanding the Process of Identity Authentication
• What Is Identity Theft? Definition & Examples
• Customer Due Diligence (CDD) Process Defined
• Politically Exposed Persons (PEP): Definition & Risks
• Access Control List: Definition, Types & Usages
• What Is an SDK? Software Development Kits Explained
• Bring Your Own Device (BYOD) Policy Best Practices
• Self-Sovereign Identity (SSI): Autonomous Identity Management
• Principle of Least Privilege: Definition, Methods & Examples
• LEI (Legal Entity Identifier): Creation, Usage & Benefits
• The KYC Verification Process: 3 Steps to Compliance
• Medical Identity Theft: Defense & Prevention Measures
• KYC (Know Your Customer) Definition, Guidelines & Regulations
• Identity Theft Protection: How It Works & Do You Need It?

IT Management

• MAN: Definition & How It Compares to a LAN
• Time to Live (TTL): Meaning, Purpose & Usage
• Data in Motion: How to Protect Information in Transit
• Understanding Proxy Servers and How They Work
• What is PCI? Understanding the Importance of PCI Compliance
• Understanding Traffic Bots & How to Stop Them
• Bad Gateway Errors: Why They Happen and 5 Solutions
• What is a Network Access Server?
• Why Your Company Needs an Identity Provider
• How Identity Governance Protects Your Business
• ICMP Protocol (Internet Control Message Protocol): A Guide
• HMAC (Hash-Based Message Authentication Codes) Definition
• IDS vs. IPS: Definitions, Comparisons & Why You Need Both
• HTTP Error 431: Definition, Status, Causes & Solutions
• SD-Wan: Defining a Software-Defined Wide Area Network
• What Is Cached Data? Why & How Should You Clear It?
• HLS Streaming: Definition, Usage, Pros & Cons
• What Is 1.1.1.1 & Does It Really Make Your Internet Safer?
• What Is BaaS (Backend as a Service)? Definition and Usage
• Black-Box Testing: Definition, Types & Techniques
• What Is Edge Computing & Why Does it Matter?
• Fault Tolerance: Definition, Testing & Importance
• Generic Routing Encapsulation (GRE) Tunnel Defined
• Low Orbit Ion Cannon (LOIC): Definition, Damage & Defense
• Origin Servers: Definition, Usage & Edge Server Comparison
• OSI Layers: Understanding the OSI Model & Its 7 Layers
• HTTP vs. HTTPS: Definition, Comparison & Security Implications
• What Is MTU (Maximum Transmission Unit)?
• MX Record: Definition, Usage & Protections
• PAN (Personal Area Network) Definition & Overview
• What Is Round Trip Time? Overview, Formula & Usage
• Serverless Computing: Uses, Advantages, and Disadvantages
• Reverse Proxy: What Is a Reverse Proxy and Why Use One?
• What Is Latency? Definition, Impact & How to Reduce
• Correlation ID: Definition, Functionality and Uses
• Virtual Hosting: Types, Architecture, Uses & Benefits
• Server Name Indication (SNI): Definition & Usage
• Web Application Firewall: Definition, Usage & Necessity
• Warrant Canary: Definition, Evolution & Impacts
• DNS Over HTTPS: Remote DNS Resolutions by HTTPS Protocol
• SPF Record Checks: How to Check SPF Records and Why You Should
• SMS Gateway: Definition, Uses, and How They Work
• Anonymous IP Browsing: Types, Risks, and Detection
• Ping Trace Techniques for Network Connectivity Troubleshooting
• SSL Offloading 101: Definition, Processes & Objectives
• Internal IP Address Defined: Purpose & Uses
• Augmented Intelligence (AI): The Future of Cognitive Security
• What Is a Systems Administrator & What Do They Do?
• GDPR Compliant
• What Is a Digital Certificate? Definition & Examples
• What Is Middleware? Definition, Guide & Examples
• What Is a Virtual Machine? Definition & Guide
• What Does a CISO (Chief Information Security Officer) Do?

Lifecycle Management

• Scale Securely: Establishing Universal Directory Policies
• Understanding Lifecycle Management and Regulatory Compliance
• Managing the User Lifecycle: Device Provisioning Made Easy
• What Is Role-Based Access Control (RBAC)?
• Role-Based Access Control vs Attribute Based Access Control

Single Sign-on (SSO)

• What to Look for When Choosing a Single Sign-On Solution
• How to Choose Your SSO Strategy
• Build a Strategy for Password Management
• Federated Identity Management vs. Single Sign-On: What’s the Difference?
• What Is Federated Identity?

Security

• Man-in-the-Browser Attack (MITB): Definition & Defense
• Wannacry Ransomware Attack: Definition, Damage & Defense
• Network Access Control (NAC): Securing Networks by Device
• Cybersecurity Work From Home Tips for Businesses and Employees
• Zoom Vulnerability: Definition & Defense Techniques
• Data Transfer Object DTO Definition and Usage
• Remote Desktop Services (RDS): Security Benefits and Uses
• What Is a Fork Bomb? Definition, Code, Prevention & Removal
• Understanding Private IP Ranges, Uses, Benefits, and Warnings
• SOX Compliance: Definition, Auditing & More
• Aphanumeric Characters and Alphanumeric Password Requirements
• What Is a Spam Bot? Definition & Defenses
• What Is a Teardrop Attack? Definition, Damage & Defense
• What Is a DNS PTR Record & What Is It Used For?
• The PlusToken Cryptocurrency Scheme: Architecture and Exposure
• Address Resolution Protocol (ARP): What It Is and How It Works
• Password Entropy: The Value of Unpredictable Passwords
• SSL Handshake (TLS Handshake) Explained
• What Is a DNS SOA Record & What Is It Used For?
• 3 Common Mistakes That Lead to a Security Breach
• Building Zero Trust Networks: Securing the Perimeter
• How to Set Up Privileged Access Management
• What Is Corporate Account Takeover and How Do We Prevent It?
• Why Is Cloud Security So Important?
• Reducing Your Attack Surface: A Guide
• What Is Least Privilege Access—and Why Do You Need It?
• What is an Attack Surface? (And How to Reduce It)
• Scareware: Definition, Identification & Prevention
• What Is a VPN & How Does It Work?
• Hashing vs. Encryption: Definitions & Differences
• What Is LDAP & How Does It Work?
• DMZ Network: What Is a DMZ & How Does It Work?
• DNS Poisoning (DNS Spoofing): Definition, Technique & Defense
• Asymmetric Encryption: Definition, Architecture, Usage
• ARP Poisoning: Definition, Techniques, Defense & Prevention
• Credential Stuffing: Definition, Techniques & Defense
• Public Key Encryption: What Is Public Cryptography?
• Security as a Service (SECaaS): Advantages & Services
• Ransomware Defined: How Does It Work & How to Prevent It
• IP Spoofing Unraveled: What It Is & How to Prevent It
• Penetration Testing: What Is It & Why Is Pentesting Required?
• Password Encryption: How Do Password Encryption Methods Work?
• Intrusion Prevention System: What Is An IPS? How Do They Work?
• Tokenization Explained: What Is Tokenization & Why Use It?
• RSA Encryption: Definition, Architecture, Benefits & Use
• Hashing Algorithm Overview: Types, Methodologies & Usage
• PGP: Defining Pretty Good Privacy & How PGP Encryption Works
• Cyber Kill Chain Defined: A Review of Cyber Kill Chain Steps
• Macro Virus: Definition, Operation, Prevention & Removal
• Steganography: What Is It and How Does Steganography Work? 
• Advanced Persistent Threat: Definition, Lifecycle, and Defense
• What Is Application Security & Why Is It Essential?
• Firewall: Definition, How They Work and Why You Need One
• CSRF Attack: Cross-Site Request Forgery Definition & Defense
• Security Information & Event Management (SIEM) 101
• Defining Buffer Overflow Attacks & How to Defend Against Them
• Clickjacking: Definition, Defense & Prevention
• Data Exfiltration: Definition, Damage & Defense
• Data Integrity: Definition, Importance & Security Impacts
• DDoS Attack 101: Definition, Techniques, Risks & Prevention
• What Is Deep Packet Inspection (DPI)? Definition & Usage
• Disaster Recovery: Planning, Strategies, Types & Procedures
• Defining DLP (Data Loss Prevention) & Exploring How it Works
• Emotet Malware: Definition, Damage, Defense & Prevention
• Evil Twin Attack: Fake WiFi Access Point Vulnerabilities
• Insider Threat: Definition, Prevention & Defense
• Defining Intrusion Detection Systems & How IDS Monitors Work
• Malvertising: Definition, Techniques & Defense
• What Is the Ping of Death (PoD)? Definition, Damage & Defense
• What Is the Morris Worm? History and Modern Impact
• What Is MyDoom Malware? History, How It Works & Defense
• RC4 Encryption Algorithm Stream Ciphers Defined
• Defining SYN Flood DDoS Attacks: Definition, Damage & Defense
• Stream Cipher 101: Definition, Usage & Comparisons
• RAT (Remote Access Trojan) Software Attacks Defined
• SASE: Secure Access Service Edge Defined
• Brute Force Attack: Preventing Trial-and-Error Logins
• Arbitrary Code Execution (ACE): Definition & Defense
• Cloud Computing Security: Your Comprehensive Guide
• Google Hacking (Google Dorking): Definition & Techniques
• Defining Hping Packet Generator as a Security Tool
• Fraggle Attack: Definition, Damage, Defense & vs. Smurf
• Network Vulnerabilities 101: Types and Prevention Methods
• Elliptic Curve Digital Signature Algorithm (ECDSA) Defined
• One-Way Hash Function: Dynamic Algorithms
• Password vs. Passphrase: Differences Defined & Which Is Better?
• Honeypots: Definition & Role in Cybersecurity Testing
• Social Engineering Attacks: Definition, Methods & Prevention
• What Is a Keylogger and How Can You Protect Yourself From One?
• Script Kiddies and Skiddies: Identifying Unskilled Hackers
• Attack Vector Paths: Definition, Common Exploits, and Protection
• What Is Cybersecurity? Definition, Threats & More
• What Is Cryptography? Definition & How It Works
• Slowloris DDoS Attack: Definition, Damage & Defense
• What Is a Smurf Attack? Definition & Defense
• SQL Injection: Definition, Damage & Defense
• IP Stresser (IP Booter) Definition & Uses
• WiFi Pineapple Definition & Pineapple Router Uses
• What Is a Honeynet? Definition, Usage & the Honeynet Project
• Mirai Botnet Malware: Definition, Impacts & Evolution
• Defining & Understanding the MITRE ATT&CK Framework
• Server-Side Request Forgery (SSRF): Definition & Defense
• Session Hijacking Attack: Definition, Damage & Defense
• Threat Intelligence 101: Mechanisms & Implications
• What Is Transport Layer Security & How Does It Work?
• Data Privacy: Regulations, Tips, and Compliance
• 6 Password Hacker Tools and Protecting Against Them
• Understanding the Metasploit Project and Why It's Useful
• Malicious Code: Types, Dangers, and Defenses
• Security Hacker: History, Types, Exploits, and Benefits
• Cybersecurity Work From Home Guide for Employers and Employees
• XSS Vulnerability 101: Identify and Stop Cross-Site Scripting
• Security Through Obscurity (STO): History, Criticism & Risks
• Privacy vs. Security: Exploring the Differences & Relationship
• Rooted Devices: Definition, Benefits & Security Risks
• Sniffing Attack: Definition, Defense & Prevention
• Bot Management Definition, Strategies & Best Practices
• Account Takeover Fraud: Definition and Defenses
• How Secure Is a VPN & Should You Still Use One?
• Secrets Management: Tools & Methods for Authentication
• WPA3 Security: Benefits, Vulnerabilities & Comparison to WPA2
• Coronavirus Malware: Cyber Threats Rising
• Cyber Hygiene: Definition & Best Practices
• DLL Hijacking Definition Tutorial & Prevention
• Tactics to Avoid Password Leaks
• RFID Blocking: Definition, How It Works & Why You Need It
• Secure Remote Access: Technology, Policies & Usage
• Video Verification: Definition, Technology, Risks & Benefits
• Ethical Hacking: What It Is & Examples
• End-to-End Encryption (E2EE): Definition & Examples
• What Is GPS Spoofing & How Do You Defend Against It?
• Crowdfunding Scams: Common Schemes & How to Avoid Them
• What Is Public Key Infrastructure (PKI) & How Does It Work?
• What Is a Cryptographic Nonce? Definition & Meaning
• CISSP: Certified Information Systems Security Professional
• Social Engineering: How It Works, Examples & Prevention
• What Is a Botnet? Definition, How They Work & Defense
• Wired Equivalent Privacy (WEP): Definition & Risks
• What is MD5? Understanding Message-Digest Algorithms

Compliance

• FISMA Compliance: Definition, Regulations & Requirements
• SOC 1 Business Process Control Audits and Compliance
• Understanding the California Consumer Privacy Act (CCPA)
• SOC Reports Explained: Service Organization Control Necessity
• SOC 1 vs. SOC 2: Differences, Execution, and Legalities
• SOC 2 Type 2 for Service Organizations: Fairness and Trust
• GRC Tools Defined and The Best GRC Tools and Platforms for 2021
• Enhanced Due Diligence: Definition, Checks and Procedures
• Sanctions Screening: Definition, Importance & Risks
• Customer Identification Program (CIP): Definition & Guidelines

General Web

• What Is Data Scraping? Definition & Usage

FAQ

• Okta FAQ