Ever notice something about surveys? While there are plenty out there about the threats rising on the IT landscape, there isn't always useful information about the controls and techniques leaders are using to stop them. And that's what we really want to know, right? Finding out where other organizations are struggling and where they're succeeding, and how they're approaching attacks, can provide a roadmap to strengthening your own security program.
At SecureAuth, we are committed to providing world class strong authentication, with adaptive capabilities, in as many diverse integrations as possible. SecureAuth is dedicated to providing modern, well vetted, and easy to implement Software Development Kits (SDKs) for some of the largest programming languages in wide use at all organizations. With this mission in mind, I was offered the opportunity to help build an SDK for a modern language that we have fallen in love with at SecureAuth: Go (AKA: golang).
The general consensus appears to be that two factor authentication is the answer to our authentication needs. Be that from usage of consumer sites in our personal lives or as part of our daily requirements when signing into enterprise infrastructure and applications at work.
It is refreshing to finally see a continued movement away from applications relying solely on usernames and passwords. This is a fantastic step in the right direction in protecting our own identity information from being misused.
Have you ever tried to get some critical work done, only to be challenged by the system to change your password? Have you ever been locked out because you can’t remember which of your passwords goes with which application? Have you ever succumbed to the temptation to write your passwords down, security policies be damned? And has ‘forgot my password’ become part of the login process for less frequently accessed sites and applications?
You’re not alone. There are even new names for what we’re all feeling, ranging from “password fatigue” all the way to “password rage.”
At SecureAuth, we know that constant innovation is needed in security to stay ahead of the evolving threat landscape. Recently, we added some crucial features to our RADIUS server support: IP based threat detection, Geo-Location, and Geo-Velocity – all parts of SecureAuth adaptive authentication. The reason is simple, to stop attackers from using stolen credentials to access critical resources like a corporate VPN.
To understand why these features are crucial to a security strategy, let’s look a little deeper into the anatomy of an attack.
Earlier this year SecureAuth released a Splunk dashboard that allows Splunk users to get fantastic visualization of their authentication data. (Download free Splunk) Recently when visiting with one of the nation’s most respected children’s hospitals we talked with Mike Brunell on the IT Security team about how they are using the SecureAuth Splunk dashboard to gain actionable data about their environment.