Future of Work News

Need to Break Phishing Hooks? Release the Secret Double Octopus


IT teams fine-tune security measures constantly to prevent attacks. Still, for the amount of investment put into cybersecurity, bad actors manage to cause chaos by tricking users into giving up secrets through sophisticated phishing attacks.

Phishing attacks are commonly seen in the form of email in an attempt to receive personal information and passwords. With MFA being more widely implemented, attackers are expanding phishing attempts against enterprises by leveraging man-in-the-middle tooling and push fatigue strategies to bypass traditional MFA.

The reason attackers manage to get in even with traditional MFA implemented is simple. Traditional MFA still contains passwords and most passwords get managed by users. Users with these secrets are susceptible to phishing attacks.

This requires customers with password-centric directory infrastructure to move in a new direction with MFA – maybe toward passwordless authentication. Secret Double Octopus’ phishing-resistant passwordless authentication eliminates passwords from users’ authentication process, which effectively removes them as targets.

SDO’s Octopus Authenticator offers phishing-resistant capabilities, whether online or offline, that enterprises can leverage immediately without the need to re-architect applications or identity directory infrastructure. Most importantly, with the platform, one cause of cyberattacks and data breaches is eliminated with a 360-degree passwordless authentication solution for the workforce.

“We are unveiling these critical capabilities for our customers to fight back the phishing menace,” said Shimrit Tzur-David, co-founder and chief security officer of SDO. “Our first step is to decouple the user from passwords, so IT can increase agility and control on the path to modernizing the identity infrastructure.”

The release enables elimination of end user use of passwords with biometric mobile push, FIDO2 and legacy smart card certificates while working with password directories.

As a result, enterprise applications and services work as they did, but meeting passwordless and phishing-resistance requirements such as the Presidential Executive Order M-22-09’s phishing-resistant MFA mandates.

Edited by Erik Linask

Future of Work Contributor

Related Articles

RingCentral DaaS: Hardware Management via Single-Vendor Procurement

By: Alex Passett    1/25/2023

The new Device-as-a-Service (DaaS) offering from RingCentral provides a plethora of benefits to customers, including lower upfront hardware costs from…


Kroger Better Utilizes Associates' Talents with Google Cloud and Deloitte Assistance

By: Greg Tavarez    1/25/2023

Kroger is working with Google Cloud and Deloitte to create two purpose-built applications to enhance associate productivity.


Responsible Technology Becomes Pressing Need

By: Greg Tavarez    1/23/2023

Almost three-fourths of business leaders believe that "responsible technology considerations will eventually come to equal business or financial consi…


Unified Office to Exhibit at Future of Work Expo Florida 2023

By: TMCnet News    1/23/2023

Future of Work Expo explores how artificial intelligence and machine learning can improve business applications, communications, collaboration, contac…


Windstream Partners with AWS for Better Virtual Meeting Experiences

By: Stefania Viscusi    1/20/2023

Windstream Communications, has partnered with Amazon Web Services, Inc. (AWS) to provide users of its Enterprise OfficeSuite Live with a way to meet s…