In recent years, Office 365 has become one of the leading cloud-based business applications. In fact, recent numbers show there are over 60 million commercial users of Office 365 and Microsoft are adding roughly 50,000 small businesses to the offering each month. With this high adoption, it is no wonder why it has become one of the most requested applications for Single Sign-On (SSO), edging out the predominate SaaS offering, Salesforce.
Ever notice something about surveys? While there are plenty out there about the threats rising on the IT landscape, there isn't always useful information about the controls and techniques leaders are using to stop them. And that's what we really want to know, right? Finding out where other organizations are struggling and where they're succeeding, and how they're approaching attacks, can provide a roadmap to strengthening your own security program.
One of the largest challenges that organizations face when implementing multi-factor authentication is user adoption. Balancing user experience against security has always been a difficult task and seems to be getting harder every day for security organizations around the globe. One of the largest hits to multi-factor adoption has been against SMS (AKA Text Message) delivery of One-Time Passcodes.
The general consensus appears to be that two factor authentication is the answer to our authentication needs. Be that from usage of consumer sites in our personal lives or as part of our daily requirements when signing into enterprise infrastructure and applications at work.
It is refreshing to finally see a continued movement away from applications relying solely on usernames and passwords. This is a fantastic step in the right direction in protecting our own identity information from being misused.
Have you ever tried to get some critical work done, only to be challenged by the system to change your password? Have you ever been locked out because you can’t remember which of your passwords goes with which application? Have you ever succumbed to the temptation to write your passwords down, security policies be damned? And has ‘forgot my password’ become part of the login process for less frequently accessed sites and applications?
You’re not alone. There are even new names for what we’re all feeling, ranging from “password fatigue” all the way to “password rage.”
At SecureAuth, we know that constant innovation is needed in security to stay ahead of the evolving threat landscape. Recently, we added some crucial features to our RADIUS server support: IP based threat detection, Geo-Location, and Geo-Velocity – all parts of SecureAuth adaptive authentication. The reason is simple, to stop attackers from using stolen credentials to access critical resources like a corporate VPN.
To understand why these features are crucial to a security strategy, let’s look a little deeper into the anatomy of an attack.