Blog

  • Poodle Vulnerability

    A security vulnerability affecting SSL 3.0, known as “POODLE”, was recently disclosed to the public. This is an industry-wide vulnerability which affects the SSL 3.0 protocol itself. SecureAuth IdP appliances are shipped with SSL 3.0 enabled to ensure backwards compatibility with legacy customer product, therefore are vulnerable to the POODLE exploit. At this time the

  • Single Sign-on Solutions Explained

    Single Sign On solutions are usually sought because they can reduce IT help desk costs and increase productivity. But there are also security benefits to consider as well. Single Sign On (SSO) can enable users to create much more complex passwords. This assumes that SSO users only have to remember one password, and that most

  • The Identity Issue: October 9, 2014

    The Identity Issue is a monthly newsletter brought to you by SecureAuth. It includes company and industry articles to inform our community of the latest in security news, trends and culture.   A Quick Guide to Authentication for VPNs  Typically utilized to grant wide access to protected resources when outside the organization’s physical walls, VPNs are

  • IDC – Dynamic User Authentication: Smarter Security to Protect User Authentication

    Request a Free Copy of This Report In this paper, Pete Lindstrom, Research Director, Security Products at IDC explores the emerging trends in technology, authentication and the threat landscape that are driving a need for stronger user access control. He then walks through the traditional authentication factors of something you know, something you have, and

  • Intelligent Multi Factor Authentication – The Next Level

    The Borderless Enterprise As organisations grapple with ever increasing challenges around BYOD and information everywhere, the authentication process becomes ever more important as we move further into the realms of the borderless enterprise. Traditional Multi Factor authentication is now recognised as a minimum requirement in protecting an organisation. Inevitably, as measures are put in place,

  • Is SecureAuth Impacted by the “Bash Bug” Vulnerability (CVE-2014-7169)?

    A critical vulnerability has been reported in the GNU Bourne Again Shell (Bash) by security researchers. Known as Bash Bug or Shellshock, the GNU Bash Remote Code Execution Vulnerability impacts GNU Bash versions 1.14 through 4.3. This flaw allows attackers to provide specially crafted environment variables containing arbitrary commands that can be executed on vulnerable

  • Two Factor Authentication for VPN Trends and Use Cases

    According to a story by the Harvard Business Review, contract workers will one day comprise 25% of the total U.S. workforce. But what does this have to do with VPN Authentication? Everything. Another trend is mobile workers. According to Gartner, 89% of companies have a BYOD policy, and the Bureau of Labor Statistics estimates that 24% of

  • A Quick Guide to Authentication for VPNs

    How Secure Is Your VPN? The Virtual Private Network (VPN) has been a staple of corporate productivity since the 1990s for employee remote access.  Typically utilized to grant users wide access to protected resources when outside of the organization’s physical walls, VPNs are vital for corporate productivity, while at the same time present a thorn

  • The Identity Issue: September 4, 2014

    The Identity Issue is a monthly newsletter brought to you by SecureAuth. It includes company and industry articles to inform our community of the latest in security news, trends and culture.   Risk-based Authentication and More with IdP 8.0  To augment the security of the authentication process, risk-based authentication takes into account several factors in calculating

  • Are Passwords a Thing of the Past?

    This article published last week from the BBC: http://www.bbc.com/news/technology-28891938  quotes Dr. Ant Allan – an authentication expert at Gartner, and outlines some of the future alternative methods of authentication that could be used as a substitute for the traditional password. The article discusses password alternatives, such as biometrics – which we’re already starting to see