security

What is Zero Trust Security?

Zero Trust security is a new strategy for keeping enterprise data secure, rooted in the idea that you can no longer rely on the network perimeter to assess trust. In a Zero Trust model, people are the new perimeter, and identity is the core of maintaining a secure environment. An evolving landscape Historically, organisations have kept their data…

Putting the 8 Principles of Infrastructure Access into Practise

IT and security teams want to protect sensitive data and systems from online threats to preserve both the bottom line and their organisation’s reputation. This means securing access to cloud and on-prem infrastructure. But legacy techniques have largely failed users and IT administrators in this regard—it’s time for a modern approach. Why have…

What is WebAuthn?

In March 2019, the World Wide Web Consortium (W3C) announced that WebAuthn is now the official web standard for password-free login. With support from a broad set of applications (Microsoft Edge, Chrome, Firefox, Mobile), widespread adoption of WebAuthn is expected in coming years. In this post, we will explore the shortcomings of current…

What is ADFS?

Active Directory Federation Services (ADFS) is a Single Sign-On (SSO) solution created by Microsoft. As a component of Windows Server operating systems, it provides users with authenticated access to applications that are not capable of using Integrated Windows Authentication (IWA) through Active Directory (AD). Developed to provide flexibility,…

Understanding MFA Factors: You’re Not Using the Right Ones

With the rise in both the number and sophistication of today’s security threats, the benefits of multi-factor authentication (MFA) have become widely recognized, leading to increased adoption across enterprise and consumer apps. From a security standpoint, this is all good news. We know that passwords alone are not enough to secure your data, and…

7 Things to Consider Before Making the Switch to MFA

Passwords are hard. The (what feels like constantly) growing list of security requirements are intended to make passwords secure, but in many cases they’ve had the opposite effect. Complex passwords that meet all the requirements are often difficult to remember, so they’re reused across many sites. Users scribble them on sticky notes. They weave…

Archive