Articles on Authentication

Below are my perspectives on authentication, drawn from my work as a security leader and practitioner.

• Authentication What to Do With Products Without SSO?
  Single Sign-On (SSO) acts as a crucial chokepoint for modern defense, centralizing authentication to enforce security measures and monitor access. When purchasing SaaS products without SSO,...
• Cloud Withholding Single Sign-On from SaaS Customers is Bad for Business and Security
  Many SaaS vendors restrict Single Sign-On (SSO) to their most expensive enterprise tiers, a practice that undermines the security of smaller customers. This pricing strategy is misguided, as SSO is a...
• Cloud Untangling the Complexity of SaaS Ownership in the Enterprise
  The ease with which employees can adopt SaaS applications creates a visibility and governance gap for IT and security teams. Addressing this complexity involves documenting roles and...
• Privacy Unemployment Insurance Fraud and Identity Theft: Up Close and Personal
  Scammers are using stolen personal information to file fraudulent unemployment claims, opening bank accounts in victims' names to receive payments. Victims typically discover the fraud when they...
• Authentication Cybersecurity Advice for Political Campaigns
  Political campaigns face attacks from cybercriminals and nation-state actors who steal credentials, intercept communications, and exploit weak IT configurations. Countermeasures include enabling...
• Authentication Face Recognition and Locking Your System: You Say Goodbye and I Say Hello
  Facial recognition login features like Windows Hello can automatically unlock a computer moments after you've locked it if the camera spots your face. Implementing a slight delay before facial...