{"id":91479,"date":"2020-07-02T11:00:29","date_gmt":"2020-07-02T18:00:29","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/?p=91479"},"modified":"2023-05-15T23:11:05","modified_gmt":"2023-05-16T06:11:05","slug":"world-authentication-identity-oyster","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/02\/world-authentication-identity-oyster\/","title":{"rendered":"The world is your authentication and identity oyster"},"content":{"rendered":"

This blog post is part of the Microsoft Intelligence Security Association guest blog series<\/a>. To learn more about MISA, go here<\/a>.<\/em><\/p>\n

The world is your authentication\/identity oyster<\/h3>\n

If you\u2019re older than 10 years of age you\u2019ve undoubtedly heard the phrase \u201cThe world is your oyster.\u201d This basically means that you are able to take the opportunities that life has to offer. Nothing could be more accurate in the description of technology of the world today. Now if we take some liberties with that phrase, we could also say that \u201cthe world is your authentication\/identity oyster.\u201d There are countless options available to the organizations as to how they want to execute on their vision.<\/p>\n

Too long we\u2019ve been collectively saddled with the prospect of passwords as one of the default authentication protocols. This has proven itself to be a standard in many respects. We\u2019ve been taught for decades that passwords are some level of security that can be implemented to protect websites and so forth. This is an unfortunate notion that we need to dispel.<\/p>\n

The problem here is that passwords have come to a point where they need to be replaced with an advanced system of security for authentication. Let\u2019s take this as an example: If someone knows a password it by no means ensures who that person is who is utilizing it. Yes, there is some understanding of trust as to who has the use of said password, but over the years I\u2019ve learned that this is by no means a guarantee. As an example, 86 percent of breaches were financially motivated, according to the 2020 Verizon DBIR.<\/p>\n

When attackers managed to compromise a website they will re-use the credentials that they capture in a bid to increase their access to other websites simply because they understand that people are creatures of habit and will reuse the same password in multiple places in a bid to reduce the mental fatigue that comes with trying to remember them all. Even when I check in my own password manager application, I\u2019ll note that I have over 900 passwords alone. It is too little surprise that people still write them on post-it notes to this very day.<\/p>\n

There are so many options available to remedy our password predicament. MFA is an excellent example of how to move forward with a better solution to authentication. When we look at something such as MFA we have to understand that there is a culture shift involved. Eighty percent of security breaches involve compromised passwords. People can be hesitant and resistant to change but will embrace that change when security has been democratized.<\/p>\n

If it is easy for a non-technical person to use, then they will adopt that and then by extension improve the security of your organization. Case in point, my mother can use the Duo app as an example to authenticate to her email and other applications. When you have applications written for engineers by engineers in the hands of the layperson you can imagine how that will end. The security tools need to be easy to use.<\/p>\n

If you\u2019re using a push-based application or even something with the W3C WebAuthN open standard, which can leverage an API to replace passwords, you can improve the security of your organization by removing passwords from the mix. Using technologies such as this in conjunction with Azure AD<\/a> as an example will reduce the risk to an organization. You would have authenticated users access to your systems without having to wonder if the person with the password logging in from a coffee shop in London, New York, or Toronto is in fact who you assume they should be.<\/p>\n

The tools are at your disposal today to improve your security posture, reduce risk, and ultimately costs when users can self-manage. When security technology has been democratized it leads to wider adoption by techno-savvy users and luddites alike.<\/p>\n

Ready to get started?<\/strong> Sign up for a free trial at signup.duo.com<\/a>.<\/p>\n

Want to learn more about Duo and Microsoft together?<\/h3>\n