inWebo Blog: Exploring Authentication, Identity, Privacy, and Security

Should you buy MFA from IAM vendors?

Best-of-breed or packaged, how would you like your MFA?

Posted by | inWebo Blog: Exploring Authentication, Identity, Privacy, and Security | No Comments

MFA is in the air!

I attended the Gartner IAM Summit in Vegas this week. Great conference, lots of smart and inspiring people. Multi-Factor Authentication (aka MFA or 2FA or 2-factor…) was a frequent topic of discussion, both in the analysts sessions, who did brilliant projections of the market trends – future, present, and past – and in the Access Manager vendors’ booths.

MFA is in the air! It’s hard these days to find any Access Manager that doesn’t come with some MFA features. 2 years ago, it was difficult to find any Access Manager with MFA. Why such a dramatic change? Is packaging MFA with IAM the ultimate approach, as opposed to a best-of-breed one? What are the pros and cons for both approaches from an architecture and a procurement strategy perspective?

Read More

MFA moving to mobile

Why Is Mobile Best Suited for 2FA – Or Not

Posted by | inWebo Blog: Exploring Authentication, Identity, Privacy, and Security | No Comments

We use routers to move IP packets across the Internet and toasters to get crispy bagels. There are all kinds of brands, versions, and management features, but overall, routing and toasting each use a single technology. Authentication does not, especially when it comes to multi-factor (MFA or 2FA). Why is that, and is Mobile the platform where authentication will eventually converge? Read More

Risks, Compliance, Standards, and MFA

Risks, Compliance, Standards, and MFA

Posted by | inWebo Blog: Exploring Authentication, Identity, Privacy, and Security | No Comments

In most organizations, security solutions (and in particular MFA, multi-factor authentication) are not requested by the security department or even IT, they are mandated by the risks & compliance team. Indeed, although protecting information systems against intrusions and using specific technology for that sounds obvious, very few companies deploy a protection in anticipation. They more than often delay it until they are required to – or until they are hit so badly that they nearly go out of business (giving recent examples would make this blog post considerably too long).

Read More

Two Birds (Escher)

2FA Or 2SV. Not Just A Tech Talk.

Posted by | inWebo Blog: Exploring Authentication, Identity, Privacy, and Security | No Comments

Organizations have many different ways of implementing multi-factor authentication (MFA). In particular, some organizations have reused preexisting authentication mechanisms such as Active Directory in their MFA implementation, some have not. However, the applications protected by MFA or the devices used for MFA can’t really explain the variety of MFA implementations. What is it then? History? Geography? Random? More importantly than the reason, what are the benefits and implications of the various approaches?

Read More

Risk-Based Authentication

Why Take Chances? An Approach to Risk Based Authentication

Posted by | inWebo Blog: Exploring Authentication, Identity, Privacy, and Security | No Comments

A few years ago, the security industry made (another) brilliant marketing move. When the forces reluctant to multi-factor authentication threw what they thought would be their trump card, “But authentication creates friction!”, some leading vendors, instead of polishing their products to improve the user experience, just embraced the argument Read More

Browser-based authentication

Why Browser Based Authentication Makes Sense

Posted by | inWebo Blog: Exploring Authentication, Identity, Privacy, and Security | No Comments

Multi-factor authentication has become a lot less expensive in the last 5-7 years due to the possibility to replace hardware tokens with mobile Apps, aka “soft tokens”. inWebo was one of the pioneers of this (r)evolution as early as 2008. But this missed a hard fact: since the generalization of WiFi, users accessing applications protected by multi-factor authentication do it almost exclusively from their own device(s) Read More

Las Vegas CES

The Consumerization Of Enterprise MFA

Posted by | inWebo Blog: Exploring Authentication, Identity, Privacy, and Security | No Comments

The odds are that you were first exposed to some form of advanced authentication as an employee when you were given a key-chain token to connect to the company VPN or webmail, or as a customer when you received a code in a short text asking you to confirm a transaction. Although these look like completely different technologies, they have exactly the same single purpose Read More