security

Quantum computing is a fast-emerging area of computer science that is upending the foundations of cybersecurity. It’s set to change how we secure our everyday communications, process credit cards, store data, and securely connect to websites. But it’s also likely to disrupt modern security as we know it. What is quantum computing? Conventional…

IT and security teams want to protect sensitive data and systems from online threats to preserve both the bottom line and their organisation’s reputation. This means securing access to cloud and on-prem infrastructure. But legacy techniques have largely failed users and IT administrators in this regard—it’s time for a modern approach. Why have…

In March 2019, the World Wide Web Consortium (W3C) announced that WebAuthn is now the official web standard for password-free login. With support from a broad set of applications (Microsoft Edge, Chrome, Firefox, Mobile), widespread adoption of WebAuthn is expected in coming years. In this post, we will explore the shortcomings of current…

With the rise of credential stuffing and similar attack methods, simple username and password authentication is not enough to deter bad actors.   According to the Verizon Data Breach Investigations Report, there were over 55,000 security incidents and 2,200 confirmed data breaches in 2018, with a whopping 81% of those incidents being tied to…

Active Directory Federation Services (ADFS) is a Single Sign-On (SSO) solution created by Microsoft. As a component of Windows Server operating systems, it provides users with authenticated access to applications that are not capable of using Integrated Windows Authentication (IWA) through Active Directory (AD). Developed to provide flexibility,…

With the rise in both the number and sophistication of today’s security threats, the benefits of multi-factor authentication (MFA) have become widely recognized, leading to increased adoption across enterprise and consumer apps. From a security standpoint, this is all good news. We know that passwords alone are not enough to secure your data, and…

Passwords are hard. The (what feels like constantly) growing list of security requirements are intended to make passwords secure, but in many cases they’ve had the opposite effect. Complex passwords that meet all the requirements are often difficult to remember, so they’re reused across many sites. Users scribble them on sticky notes. They weave…