Bilgesu Erdem
The digital realm has recently witnessed a growing concern over compromised data. One alarming statistic highlights that breached passwords account for an estimated 81% of all digital intrusions. With individuals recycling passwords as many as 14 times, a single cracked code can expose a considerable portion of their online presence. This dependency on passwords presents an alarming weakness in current cybersecurity measures.
Passwordless Authentication: The Future or a Far Dream?
Passwordless technology promises to tackle these vulnerabilities head-on. But surprisingly, nearly half of all companies in 2021 refrained from integrating this innovative approach. The underlying reason? Most enterprises felt inadequately equipped in terms of expertise and teams for its implementation.
Enter companies like SecureW2, based in Seattle. They’ve streamlined the process, taking out the intricate steps needed to establish and sustain passwordless authentication systems. Their recent $80 million funding from Insight Partners stands testament to their pioneering role in this sector. Starting off as an open-source initiative for “non-Windows” identity systems, its founders, Tom Rixom and Bert Kashyap, identified a gap in the enterprise sector regarding passwordless solutions.
Their brainchild, SecureW2, now offers an array of passwordless mechanisms, one of which issues certificates, the next-gen replacement for passwords. These certificates facilitate access to Wi-Fi, ethernet, or VPN across diverse mobile and desktop platforms. SecureW2 has even integrated with cloud-based systems like Okta, fortifying policy-driven security throughout an organization.
Battling ‘Shadow IT’ with Zygon
On another front, Shadow, a cloud computing company, confirmed a data breach that exposed the personal information of over 530,000 clients. The breach was sourced back to an API from a SaaS provider. Such breaches shine a spotlight on the need for advanced SaaS security protocols.
Zygon, a budding French startup, has taken the initiative to review all SaaS applications a company uses. This doesn’t solely encompass mainstream services but also those lesser-known ones covertly employed without IT’s knowledge. This dual focus not only aims to cut costs but also bolsters SaaS security.
Zygon’s method involves analyzing employee email metadata, effectively identifying SaaS-related communications. This allows companies to keep tabs on the myriad SaaS applications, ensuring that security measures are not overlooked. Zygon’s decentralized approach assigns roles to specific SaaS administrators, enabling them to manage the utilization and security configurations of particular tools. This system also flags potential security risks, like multiple accounts for a single service or shared account usage, ensuring a robust defense against potential breaches.
The constant evolution of the digital domain demands an equivalent response in cybersecurity strategies. With password vulnerabilities and SaaS sprawls posing significant threats, solutions like passwordless authentication and rigorous application monitoring become essential. The onus now lies with companies to adopt these progressive methods, safeguarding their digital assets and ensuring a secure online environment for all.
