Kiss passwords G00dby3

Issue 2 2021 Editor's Choice

Cisco Secure unveiled the future of simple and effective security with infrastructure agnostic, passwordless authentication by Duo. Integrated seamlessly into the existing Duo authentication experience used by more than 25 000 organisations globally, Duo passwordless authentication will enable enterprise users to skip the password and securely log into cloud applications via security keys or biometrics built into modern laptops and smartphones.

The consequences of using passwords are well known. Passwords are easily compromised and difficult to manage, costing enterprises billions of dollars annually. Users are inundated with passwords in their personal and professional lives. Password reset requests comprise the lion’s share of IT help desk tickets, resulting in lost productivity for users and increased support costs for the business.

Duo passwordless authentication is part of Cisco’s zero trust platform, securing access for any user, from any device, to any IT application or environment. The product is designed to be infrastructure agnostic, paving the way to a passwordless future while ensuring that enterprises can seamlessly protect any combination of cloud and on-premises applications without requiring multiple authentication products or leaving critical security gaps.

“Cisco has strived to develop passwordless authentication that meets the needs of a diverse and evolving workforce and allows the broadest set of enterprises to securely progress towards a passwordless future, regardless of their IT stack,” said Gee Rittenhouse, senior vice president and general manager of Cisco’s Security Business Group. “It’s not an overstatement to say that passwordless authentication will have the most meaningful global impact on how users access data by making the easiest path the most secure.”

Duo passwordless authentication will:

Simplify and strengthen authentication for accessing cloud applications protected by Duo single sign-on (SSO), third-party SSO and identity providers, by leveraging security keys and platform biometrics such as Apple FaceID and TouchID, and Windows Hello. Pairing passwordless authentication with Duo SSO enables organisations to consolidate hundreds of passwords and authentications into one easy login for users to cloud applications.

Provide one security tool for all authentication scenarios thanks to Duo’s compatibility with hundreds of applications and identity providers, with no infrastructure change required.

• Reduce the risk of password-related threats and vulnerabilities such as phishing, stolen or weak passwords, password reuse, brute-force, man-in-the-middle attacks and password database compromise.

• Add layers of security to the authentication with device health and behaviour monitoring controls via Duo’s secure access product suite, further reducing risk in the event a biometric is stolen or not effective.

• Reduce administrative burden of password-related help desk tickets and password resets.

“Cisco is well-positioned to accelerate the adoption of passwordless authentication as enterprises seek to alleviate the password-related headaches that for years have plagued their users and IT teams,” said Jay Bretzmann, programme director for Identity & Digital Trust and Cloud Security, IDC. “While the transition will be a process for organisations due to legacy infrastructure, passwordless authentication is a key stepping stone to enabling a zero-trust security architecture and a feature that organisations must begin looking into.”

Workforces are ripe for the adoption of passwordless authentication. According to the 2020 ‘Duo Trusted Access Report’, 80% of mobile devices used for work have biometrics configured, up 12% the past five years.

Duo passwordless authentication leverages the Web Authentication (WebAuthn) standard, based in asymmetric cryptography, enabling biometrics to be securely stored on and validated by the device, locally, as opposed to a centralised database. Duo helped drive WebAuthn’s ratification as an official web standard and adoption across platforms as a member of the World Wide Web Consortium (W3C) working group.

“Passwordless is a journey requiring incremental changes in users and IT environments alike, not something enterprises can enable overnight,” said Wolfgang Goerlich, advisory chief information security officer, Duo Security at Cisco. “Duo can help enterprises transition their environments and workforces securely and minimise user friction while simultaneously increasing trust in every authentication.”

Duo’s security practices are built on ISO 27001, NIST’s Cyber Security Framework and AICPA’s Trust Service Principles, and are designed to meet GDPR and other privacy laws around the world. Duo is committed to the highest level of security for its customers – both public and private, and currently holds SOC2 Type II, ISO27001:2013, ISO27017:2015, and ISO27018:2019 certifications, as well as being FedRAMP authorised.

Duo passwordless authentication will be available for public preview in the second half of 2021.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

FortiGuard labs reports disruptive shift of cyber threats
Issue 1 2021 , Editor's Choice
Threat intelligence from the second half of 2020 demonstrates an unprecedented cyber-threat landscape where cyber adversaries maximised the constantly expanding attack surface to scale threat efforts around the world. Adversaries proved to be highly adaptable, creating waves of disruptive and sophisticated attacks.

Read more...
The year resilience paid off
Issue 8 2020 , Editor's Choice, Security Services & Risk Management
Hi-Tech Security Solutions spoke to Michael Davies about business continuity and resilience in a year when everything was put to the test.

Read more...
Retail solutions beyond security
Issue 8 2020, Axis Communications SA, Technews Publishing, Hikvision South Africa , Editor's Choice, CCTV, Surveillance & Remote Monitoring
The need for security technology to deliver more than videos of people falling or stealing from retail stores is greater than ever.

Read more...
Smart healthcare
Issue 2 2021 , Editor's Choice
In the past year, hospitals, elder care and other healthcare facilities have found themselves overwhelmed with new patients, COVID-19 regulations and other side effects of the pandemic. As efforts focused ...

Read more...
Platform-based access management solution
Issue 2 2021, ASSA ABLOY South Africa , Editor's Choice
Available in South Africa and throughout sub-Saharan Africa, new Incedo Business connects all your security software and hardware within one platform. You can easily scale it up or down, based on your needs, to keep your people moving and your business growing.

Read more...
FS Systems celebrates 50 years
Issue 2 2021 , Editor's Choice
This year, FS Systems celebrates 50 years in the fire detection and enterprise security market, successfully executing projects in over nine countries in Africa and LATAM.

Read more...
Formative AI and distributed cloud among four megatrends revealed at MIPS 2021
Issue 2 2021, Milestone Systems , Editor's Choice
Almost 4000 participants representing end customers, technology partners and media from across the globe attended the first virtual MIPS conference, held over two days in March 2021.

Read more...
200 000 daily access transactions
Issue 2 2021, Impro Technologies , Editor's Choice
The University of KwaZulu-Natal’s legacy access control system was suffering from increasingly limited support, both in terms of hardware and software, with maintenance becoming a pressing concern as it on-boards approximately 9000 new students each year across five campuses.

Read more...
Do not take the bait
Issue 2 2021 , Editor's Choice
Banks are unable to fully protect consumers from falling prey to the tactics used by fraudsters to obtain confidential information such as banking details, card information and one-time-pins.

Read more...
INTERPOL supports the Coalition Against Stalkerware
Issue 2 2021 , Editor's Choice
The International Criminal Police Organisation (INTERPOL) is set to enhance the ability of the global law enforcement community by allowing them to investigate the use of stalkerware and support victims who require assistance.

Read more...