Articles on Authentication

Below are my perspectives on Authentication, drawn from my work as a security leader and practitioner.

• Authentication What to Do With Products Without SSO?
  Single Sign-On (SSO) acts as a crucial chokepoint for modern defense, centralizing authentication to enforce security measures and monitor access. When purchasing SaaS products without SSO,...
• Cloud Withholding Single Sign-On from SaaS Customers is Bad for Business and Security
  Many SaaS vendors restrict Single Sign-On (SSO) to their most expensive enterprise tiers, a practice that undermines the security of smaller customers. This pricing strategy is misguided, as SSO is a...
• Cloud Untangling the Complexity of SaaS Ownership in the Enterprise
  The ease with which employees can adopt SaaS applications creates a visibility and governance gap for IT and security teams. Addressing this complexity involves documenting roles and...
• Privacy Unemployment Insurance Fraud and Identity Theft: Up Close and Personal
  Scammers are using stolen personal information to file fraudulent unemployment claims, opening bank accounts in victims' names to receive payments. Victims typically discover the fraud when they...
• Authentication Cybersecurity Advice for Political Campaigns
  Short-lived political campaigns rarely build formal security programs and often assume they're too small to attract serious attackers, but campaigns across the United States have been targeted by...
• Social Engineering How to Send Customer Emails That Don't Look Like Phishing
  Customer emails that look like phishing weaken the recipient's ability to distinguish real messages from fraud. Secure customer email must shift the burden from the recipient's eye to authentication...