04.16.2020 - Pros and Cons of Using an IDaaS Solution
Identity as a Service (IDaaS) is an authentication service provided by a third party via the cloud. Third-party providers offer various services like IDaaS through web connections so a company can outsource these services rather than managing them in-house. IDaaS is used to verify who users are and whether they have permission to access files, software or other resources. An organization can pay a subscription fee to the provider for cloud-based IDaaS applications. ...
10.16.2019 - KuppingerCole Analyst Executive View: Optimal IdM and The OptimalCloud™
The IDaaS market has evolved over the past few years and is still growing, both in size and in the number of vendors. However, under the umbrella term of IDaaS, we find a variety of offerings. IDaaS, in general, provides Identity & Access Management capabilities as a service, ranging from Single Sign-On to full Identity Provisioning for both on-premise and cloud solutions. These solutions also vary in their support for different groups of users – such as employees, business partners, and customers – their support for mobile users, and their integration capabilities back to on-premise environments. ...
10.15.2019 - Customer Experience Starts at Your Registration Screen
Social sign-ons are not meant to and should not be used to protect sensitive assets. Of greater concern is that data sharing is a two-way street. When a company uses single sign-on, it gets information such as email addresses and geographical locations from the social network; however, it also may be giving information about its users’ behaviors back to the social network. Businesses should understand which user information they are sharing when they agree to the terms of the social network.
09.17.2019 - Behavioral Biometrics Explained
A useful and growing field in the area of identity authentication is biometrics. The three major accepted factors for identification are knowing something, having something and being something. A person can identify themselves through demonstrating a secret piece of knowledge such as a password or PIN, producing an access card, fob or key or presenting something that is a part of them, like their fingerprint. The last category is what we mean when we talk about biometrics. ...
07.30.2019 - Authentication 101: Your Basic Guide to Authentication
01.25.2019 - Solutions Review Presents: The Top CIAM Vendors to Watch in 2019
Where to begin listing Optimal IdM’s accomplishments in 2018? Gartner named them to the Access Management, WorldWide Magic Quadrant and the Access Management Critical Capabilities reports. They partnered with TypingDNA to incorporate behavioral biometrics into their MFA, adding an even smoother authentication option to their arsenal. Optimal IdM partnered with Omada earlier this year to leverage identity governance data. Additionally, Gartner recognized Optimal IdM in the “Finding the Right Consumer IAM Products” report. 2019 is a year of promise for Optimal IdM and their CIAM. 
...
01.17.2019 - Typing Biometrics and Other Multi-Factor Authentication Methods: When Passwords Are Not Enough
81% of data breaches are from weak, default or stolen passwords. Leveraging MFA when it’s offered lessens the attack vector for digital identity impersonation attempts. This paper looks at existing MFA options, including biometric typing technology, examines decision factors for MFA and discusses the difference between various authentication methodologies. ...
11.30.2018 - HTTP Header Session Protection
The HTTP protocol was designed as a transport protocol to fetch and return content and to display HTML or other functions. But, HTTP wasn’t designed with authentication security top of mind. Approximately 40% of data breaches originate from attacks on web apps. And many of these breaches are preventable. HTTP header session protection as a part of your SSO solution should be at the forefront of your mind. Access to web/SaaS applications obviously initially requires successful authentication. After your username and password are accepted, authentication between the user and web service (client/server) session is usually maintained by cookies. The cookie allows the server, after successful authentication, to identify and trust the client during the session to allow seamless access to the web service. Many web services are front ends to databases, consumer data and/or corporate user specific data. An attacker, therefore, would just need to steal the cookie to hijack the current authenticated session. HTTP headers provide another layer of security for employees and consumers to guard against a number of attack vectors — including man-in-the-middle attacks (MIM), many cross-site scripting (XSS) attacks, session hijacking, and more. Cross-site scripting (XSS) has been a popular attack vector. In fact, it’s reported that XSS is the most common exploited vulnerability in web applications. XSS are high risk vulnerabilities where a type of code injection is used to hijack a legitimate users’ session. This isn’t a password breach, but a breach in the web session where the user has already successfully authenticated and is interacting with a web service. The HTTP session is hijacked and the attacker is now impersonating a legitimate authenticated user. Users are vulnerable everywhere to these threats but are especially susceptible within public unsecured WiFi networks where attackers can easily extract session cookies. Certainly, you would always also prefer an HTTPS session over an HTTP session, but that won’t necessarily help mitigate some XSS security issues. You need multiple layers of protection. HTTP header session protection is an essential component of a secure web services session; however, HTTP header session protection won’t protect against weak and reused passwords, brute force attacks, phishing attacks and other attacks against the passwords themselves. To mitigate password threats, implement strong authentication using multifactor authentication (MFA). Optimal IdM has a rock solid, agile MFA solution that was named Best MFA Solution of the Year in the GSN Homeland Security Awards. Microsoft reports that only 4% of SaaS storage apps and 3% of SaaS collaboration apps support all HTTP headers session protection. It’s irresponsible for organizations to ignore such large, yet solvable, attack vectors. Today’s sophisticated threat landscape for web and SaaS SSO applications require a vendor who can support modern, strong authentication by leveraging multiple HTTP session protections. Optimal IdM is that vendor. Further, Optimal IdM’s SSO solutions session support protections and encrypt data in transit and at rest. Additional Recommendations ...
08.6.2018 - The Last Watchdog Interview: How Typing and Swiping Nuances Can Verify Your Identity
Q&A: How your typing and screen swiping nuances can verify your identity Optimal IdM speaks with Byron Acohido at The Last Watchdog about behavioral biometrics, specifically using a person’s typing habits as a second form of authentication ...
07.25.2018 - Optimal IdM Partners with Biometric Firm TypingDNA To Extend MFA Offering
Optimal IdM, a leading provider of Identity and Access Management (IAM) solutions, today announced it has partnered with TypingDNA to bring customers a secure biometric option as part of their multi-factor authentication (MFA) solution. TypingDNA’s behavioral biometrics can identify people based on how they type either on a mobile or desktop platform. This is a secondary form of login authentication for users who enter their email address and password. “Having this kind of behavioral authentication extends our MFA offering and strengthens our portfolio,” said Chris Curcio, VP of Channel Sales and Partnerships at Optimal IdM. “We are very excited about our partnership with TypingDNA because of the ease of use and quick implementation they bring to our customer’s current applications.” Raul Popa, CEO of TypingDNA, had this to say about the new partnership, “We are delighted to join Optimal IdM in the mission to accelerate the availability of a ‘no more painful’ authentication. An increasing number of people are and will be authenticated by something they already are naturally doing, such as typing.” ...
