Future of Work News Free eNews Subscription

Need to Break Phishing Hooks? Release the Secret Double Octopus

By

IT teams fine-tune security measures constantly to prevent attacks. Still, for the amount of investment put into cybersecurity, bad actors manage to cause chaos by tricking users into giving up secrets through sophisticated phishing attacks.

Phishing attacks are commonly seen in the form of email in an attempt to receive personal information and passwords. With MFA being more widely implemented, attackers are expanding phishing attempts against enterprises by leveraging man-in-the-middle tooling and push fatigue strategies to bypass traditional MFA.

The reason attackers manage to get in even with traditional MFA implemented is simple. Traditional MFA still contains passwords and most passwords get managed by users. Users with these secrets are susceptible to phishing attacks.

This requires customers with password-centric directory infrastructure to move in a new direction with MFA – maybe toward passwordless authentication. Secret Double Octopus’ phishing-resistant passwordless authentication eliminates passwords from users’ authentication process, which effectively removes them as targets.

SDO’s Octopus Authenticator offers phishing-resistant capabilities, whether online or offline, that enterprises can leverage immediately without the need to re-architect applications or identity directory infrastructure. Most importantly, with the platform, one cause of cyberattacks and data breaches is eliminated with a 360-degree passwordless authentication solution for the workforce.

“We are unveiling these critical capabilities for our customers to fight back the phishing menace,” said Shimrit Tzur-David, co-founder and chief security officer of SDO. “Our first step is to decouple the user from passwords, so IT can increase agility and control on the path to modernizing the identity infrastructure.”

The release enables elimination of end user use of passwords with biometric mobile push, FIDO2 and legacy smart card certificates while working with password directories.

As a result, enterprise applications and services work as they did, but meeting passwordless and phishing-resistance requirements such as the Presidential Executive Order M-22-09’s phishing-resistant MFA mandates.




Edited by Erik Linask
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
Author Info
Greg Tavarez

Future of Work Contributor

Click here to read full bio

SHARE THIS ARTICLE

Related Articles

4 Key GFI Products Now Powered by AI

By: Greg Tavarez    4/23/2024

GFI announced the integration of its CoPilot AI component into four of its core products.

READ MORE

A Winner's Mindset: Alan Stein Jr. Helps Businesses Build Winning Teams

By: Alex Passett    4/22/2024

At SkySwitch Vectors 2024 in downtown Nashville, Tennessee, last week, the keynote speaker was Alan Stein Jr. He stylishly presented to the Vectors au…

READ MORE

Atomicwork and Cohere Partner on AI-Powered Workplace

By: Greg Tavarez    4/22/2024

Atomicwork launched its innovative digital workplace experience solution, co-developed with Cohere.

READ MORE

Hybrid Work Fuels Demand for SASE, Zero-Trust Security

By: Greg Tavarez    4/16/2024

Around 80% of respondents said hybrid work is driving the need for SASE and zero-trust networking tools, according to an Aryaka report.

READ MORE

Akooda Announces New AI-Powered Enterprise Search Platform

By: Tracey E. Schelmetic    4/15/2024

Operations intelligence solutions provider Akooda recently announced its AI-powered Enterprise Search platform, which it noted was designed to allow e…

READ MORE
VIEW ALL