Why CISOs should consider a CARTA approach
What does CARTA (from Gartner) stand for?
CARTA = Continuous Adaptive Risk and Trust Assessment
Zero Trust as a key pillars of CARTA’s approach (Gartner)
One can wonder what’s the difference between CARTA and the Zero Trust model. Both frameworks share several common attributes as they aim to reduce risk and improve access and attack protection.
But CARTA takes the Zero Trust network security model further with among others: adaptive security decisions, contextual access control and continuous monitoring, assessment, discovery and risk prioritization.
Why switch to the Gartner CARTA model
Cloud, Mobile technology and Internet of Things (IoT) are all part of the digital transformation with a common impact: they make static approaches to enterprise security completely irrelevant. As such, to assess, prioritize and remediate vulnerabilities and risks, there is no doubt in the fact that a dynamic and continuous approach is needed.
CARTA's roadmap is a useful way to implement a security program that will defend an ever-expanding attack surface, which is often perimeterless.
Transform user authentication with a CARTA approach
Building a strategy based on the CARTA approach involves looking for products and services that can provide a resilient response to advanced threats and improve the user experience.
Gartner has identified 4 main forces that drive the user authentication market: Cloud, mobile, experience, digitalization. And, as illustrated in the figure below, CARTA is a core component of user authentication.
inWebo MFA aligned with CARTA security model
Although there is no distinct solution for building a Zero Trust environment, Multifactor authentication (MFA), or strong authentication, is a key component to achieving Zero Trust. But for that, it is important to go for a MFA that is natively 2 factor - most legacy “MFA” tools are really only “+1FA” tools.
inWebo MFA is a real 2 factor solution that, thanks to its patented technology, provides the highest level of security on the market while improving the user experience.
72% of organisations are considering adopting a Zero Trust policy in the future or have already done so
Cloud security is becoming an increasingly important investment as companies rapidly adopt cloud services, increasing their exposure to phishing and other attacks. Multifactor Authentication (MFA) is an excellent cloud security tool for professional workforces.
Delivered in SaaS mode, inWebo MFA can be implemented not only on all cloud applications, but also on VPN, PAM, SSO and IAM. A single solution is enough to secure all data entry points, whether internal or external.
Smartphonesless MFA / MFA
MFA strategies usually come with a focus on smartphones. But “mobile MFA” can be a constraint for organizations, users and integrators. inWebo’s technology is the only MFA solution that features a browser token, also known as Deviceless MFA.
This means that end users can authenticate and access their apps, network and data only by using any browser, without the need to have a physical key, a smartphone or company-owned computer, or to install specific hardware or software.
Another advantage of Deviceless MFA is that the same browser can be used by different users who will each have their own authentication. This is very useful on shared computers in order to maintain a high level of connection security and distinguish the various users using the accesses.
One of the challenges of MFA solutions is clearly the login experience. IT teams are looking for a way to provide a fluide and simple user authentication experience for greater user acceptance and to prevent users from bypassing security policies.
85% of IT professionals want their organisation to reduce the number of passwords used on a daily basis
A passwordless connection can be made by means of biometric authentication or by using a PIN code, which is more cyber user-friendly and easy to remember.
Our latest news
A user-friendly login experience (UX) that is as secure as it is simple is often taken for granted, but it is not always easy to achieve. This article...
Passwords alone were once the most secure way to protect important data and documents. This is not the case today. Passwords offer only a limited protection against unauthorised access...
FIC 2022: inWebo presents its new CIAM solution for orchestration and adaptive multi-factor authentication
FIC, the European cybersecurity event, is back from 7 to 9 June 2022 in Lille. The occasion for inWebo to present to the public its new Identity and Access Management offer built on the basis of the...