Zero-Trust Network Access
Zero-Trust Network Architecture. ZTNA. Moving the security from perimeter-based to user+resource based.
OAuth 2.0 has simplified authentication and authorisation for many applications, shifting from custom code to simple library import. However, as more applications come to rely on it, this makes its weaknesses more interesting. An attacker can gain access to a broader set of data via a smaller set of tactics and techniques. First lets understand the threat areas, and then, the best current practices for addressing them.
Joint Ventures: Good Business strategy, complex access strategy. Does one VPN to the other? Dual accounts? Zero Trust Federated Identity FTW!
The myth of the VPN, the Firewall as the only and best method of remote access has lived for 20 years. Let’s retire it together.
I discuss the myth, and, an outbound-only, no firewall reconfiguration method, no client method of achieving your goals of happier productive users accessing their data and applications.
Single Sign On with Microsoft Dynamics. First decide what this means, to who it means what.
Then find a way to federate their natural, native identity providers together.
A philosophy that allows you to reduce cost, increase security, and increase user engagement and satisfaction. All 3 at once. Sounds crazy?
Trust-On-First-Use for enrolling multi-factor authentication.can improve your security for lower cost.
Sounds like a win to me!
VPN slow? It might be your friends using YouTube and Spotify. Ration bandwidth? Split Horizon? We recommend door #3: Zero Trust, Internet Exposed, Direct.
A sudden influx of remote workers is stressing the VPN. That stateful device struggles. Consider a future switch to Zero-Trust, secure remote access with it.
Somewhere in your basement lurks a challenge. A web application that people need, but you don’t trust. Maybe its your timesheet or vacation planner. Maybe its your HR policies portal. But you know if it meets the Internet that you’ll be in… Read More »Secure Exposed Access: Zero-Trust Legacy Online With High Security and No Work
Implement a srong, simple, secure authentication system, including support for 2-factor authentication, without triggering named-user license costs.
Idenity: Authentication a user in a simple, secure way, with two-factor authentication, and allowing the user to interact with API are the key to success.
Whether your app is municipal, industrial, financial, or just vacation-booking-HR, it needs a strong, 2-factor auth system. Else you teach bad habits.
Passwords. bits of plain text that end up everywhere in automated systems. etcd. A `secure` way to share secrets. The Internet. A place that everything is guaranteed to end up. This is a toxic brew, read on!
Bad code can come in through our own import statements and software process. Do you run an egress firewall to protect the world from yourself?