What is Authentication? The Ultimate Authentication Playbook

With the rise of credential stuffing and similar attack methods, simple username and password authentication is not enough to deter bad actors.   According to the Verizon Data Breach Investigations Report, there were over 55,000 security incidents and 2,200 confirmed data breaches in 2018, with a whopping 81% of those incidents being tied to…

Understanding FIDO Standards: Your Go-To Guide

FIDO is an acronym that comes from the Latin fido, meaning ‘to trust’, which was popularised by Abraham Lincoln—who borrowed it to name his dog. It’s a fitting name for man’s best friend, and just as appropriate in the security world, where trust is key. A more technical reference, FIDO (Fast IDentity Online), emerged in 2012 and is backed by a…

FACT OR FICTION: SSO Is the Same as a Password Manager

    At Okta, we are highly invested in the latest ideas and practises around authentication and security—and that requires some myth busting. This blog is the first in a series of posts meant to tackle common misunderstandings and myths around Single Sign On. See below for our full list of the myths we've seen (and busted!) around SSO. Single…

What is ADFS (Active Directory Federation Services)?

Active Directory Federation Services (ADFS) is a Single Sign-On (SSO) solution created by Microsoft. As a component of Windows Server operating systems, it provides users with authenticated access to applications that are not capable of using Integrated Windows Authentication (IWA) through Active Directory (AD). Developed to provide flexibility,…

Understanding MFA Factors: You’re Not Using the Right Ones

With the rise in both the number and sophistication of today’s security threats, the benefits of multi-factor authentication (MFA) have become widely recognized, leading to increased adoption across enterprise and consumer apps. From a security standpoint, this is all good news. We know that passwords alone are not enough to secure your data, and…

What is Continuous Authentication?

Authentication is undoubtedly one of the most crucial aspects of cybersecurity today, but our understanding of how to verify users and their actions has been largely unchanged for decades. It always works the same: the user provides something they know (password), have (ID), or are (fingerprint) and if this input matches what the system knows…

7 Things to Consider Before Making the Switch to MFA

Passwords are hard. The (what feels like constantly) growing list of security requirements are intended to make passwords secure, but in many cases they’ve had the opposite effect. Complex passwords that meet all the requirements are often difficult to remember, so they’re reused across many sites. Users scribble them on sticky notes. They weave…

Decoding Customer IAM (CIAM) vs. IAM

The world of Identity and Access Management (IAM) is rarely controversial. But today, there is a battle brewing in how we - as an industry - talk about customer-facing use cases for IAM. Many are starting to refer to this as Customer IAM or Consumer IAM, both abbreviated as CIAM. CIAM does have some unique requirements. But that does not mean that…

The Importance of SSO in Enterprise IAM

In today’s identity management climate, single sign-on (SSO) capability is critical to the success of enterprise identity and access management (IAM). IT departments face growing demands: managing thousands of users, both internal and external, who each need access to an increasing number of cloud-based applications. Adding to this complexity is…

Archive

Follow Us
Share on Linkedin Share on Youtube