NEW YORK--(BUSINESS WIRE)--Beyond Identity, the leading provider of passwordless, phishing-resistant MFA, today announced the formal release of ‘Zero Trust Authentication’ (ZTA) as a subcategory of zero trust technology, together with the launch of the Worldwide Zero Trust Leadership series of events that will run throughout 2023. Bringing together industry-leading security technologies and integrators, Beyond Identity, Palo Alto Networks, CrowdStrike, Optiv, World Wide Technology, Guidepoint Security, BeyondTrust, Ping Identity and Climb Channel Solutions will enable organizations to move towards secure authentication designed to advance the zero trust strategies of global 5000 companies.
Zero Trust Authentication has been developed in response to the failure of traditional authentication methods – a problem exacerbated by the increasing number of cyberattacks. Adopting Zero Trust Authentication will allow organizations to overcome the limitations of passwords and legacy multi-factor authentication (MFA) and implement more robust security strategies. To achieve this, the Zero Trust Authentication approach includes components such as Beyond Identity's risk scoring and continuous authentication capabilities, which significantly enhances the level of protection offered.
"In working with leaders across the security ecosystem, it became apparent to us that the industry needs to formally bring identity and access management into the security fold to continuously deliver the highest level of security around users and devices,” said Tom Jermoluk, Chief Executive Officer and Co-Founder of Beyond Identity. “We are bringing together the leaders from the essential technology categories to ensure authentication decisions are risk based and continuously informed with signals from the wealth of existing cybersecurity tooling. Through close technology collaboration and now go-to-market collaboration in this Zero Trust Leadership series, we are delivering strong authentication built for an ‘always on’ zero trust world coupled with the practical advice and best practices so that enterprises can finally close identity and access management vulnerabilities.”
"Year after year, Identity and authentication vulnerabilities remain the single largest source of ransomware and security breaches, so something has to fundamentally change to close this vulnerability and enable organizations to meet the security mandates issued by the White House, NIST and CISA,” said Dr. Chase Cunningham, better known as a co-creator of the Zero Trust Extended framework and as Dr. Zero Trust. “The Zero Trust Authentication approach eliminates weak authentication factors and optimizes user and device access decisions with risk signals from a variety of installed cyber security tooling because Zero Trust is a team sport, and this enables organizations to effectively shut the door on the single largest initial attack vectors adversaries routinely rely on."
The Zero Trust Leadership Series kicks off with the ‘The Bridge to Zero Trust’ virtual event on March 15th, 2023, which will bring together zero trust industry leaders, including CISOs from leading organizations, technology providers, advisors and solution providers. Attendees will learn how to combine identity, authentication, network architecture, endpoint detection and response technologies to strengthen their cybersecurity efforts and gain practical insights and best practices that will enable Identity and Security teams to stay ahead of attackers and out of the headlines and advance their zero trust security efforts.
Among the organizations supporting Zero Trust Authentication are identity leaders Ping Identity and Beyond Trust, cybersecurity leaders Palo Alto Networks and CrowdStrike, security integrators World Wide Technology and Optiv, technology distributor Climb Channel Solutions, and industry associations including the Cloud Security Alliance and the FIDO (Fast Identity Online) Alliance.
“Delivering continuous verification of identity — user and devices — is essential to meeting the promise of zero trust,” said Jay Bretzmann, Research Vice President, Security Products at IDC. “Beyond Identity has taken the approach to utilize signals from security infrastructure in near real-time to raise the security standard and capitalize on existing security infrastructure investments in EDR and SASE tools.”
“Accelerating effective and leading cybersecurity programs requires a zero trust approach,” said Marcos Christodonte II, Global CISO of CDW. “The notion of Zero Trust Authentication represents a significant advancement in authentication security—coupling identity-centric and network-centric capabilities to provide a comprehensive, policy-driven approach that continuously safeguards data and systems amidst a tenacious cyber threat landscape.”
Zero Trust Authentication Requirements
Beyond Identity, together with zero trust leaders, has defined a set of practical requirements that any organization can use to measure their current identity practices and adopt to insulate their workforces and customers from everyday attacks. These include:
1. Passwordless – No use of passwords or other shared secrets, as these can easily be obtained from users, captured on networks, or hacked from databases.
2. Phishing resistant – No opportunity to obtain codes, magic links, or other authentication factors through phishing, adversary-in-the-middle, or other attacks.
3. Capable of validating user devices – Able to ensure that requesting devices are bound to a user and authorized to access information assets and applications.
4. Capable of assessing device security posture – Able to determine whether devices comply with security policies by checking that appropriate security settings are enabled, and security software is actively running.
5. Capable of analyzing many types of risk signals – Able to ingest and analyze data from endpoints and security and IT management tools.
6. Continuous risk assessment – Able to evaluate risk throughout a session rather than relying on one-time authentication.
7. Integrated with the security infrastructure – Integrating with a variety of tools in the security infrastructure to improve risk detection, accelerate responses to suspicious behaviors, and improve audit and compliance reporting.
Beyond Identity is the only solution addressing all key zero trust authentication requirements. Together with its partners, it is bringing this practical advice directly to customers and channel partners, starting with the virtual event, to major events like RSA and Black Hat, and key cities across North America and Europe over the balance of 2023. For the industry at large, it's delivering a category-defining book, titled Zero Trust Authentication, which details the specific capabilities, requirements, policies and best practices to materially advance zero trust.
About Beyond Identity
Beyond Identity is revolutionizing digital access for organizations looking to improve protection against cyber attacks and deliver the highest levels of security for their workforces, customers and developers. The company’s suite of passwordless, phishing-resistant, and Zero Trust Authentication solutions improves security and user experience. The platform delivers continuous risk-based authentication incorporating signals from the zero trust ecosystem to ensure only valid users and secure devices gain or maintain access to critical resources. Companies like Snowflake, Unqork, and Roblox rely on Beyond Identity’s highly available cloud-native platform to thwart attacks and advance their zero trust strategies. To learn more about Beyond Identity’s FIDO2 certified multi-factor authentication (MFA) solutions, visit beyondidentity.com and stay connected with us on Twitter, LinkedIn, and YouTube.
Partner and Industry Quotes:
“Palo Alto Networks is dedicated to providing our customers with best-in-class cybersecurity platforms and services that are backed by industry-leading threat intelligence and state-of-the-art automation,” said Pamela Cyr, vice president Technical Partnerships at Palo Alto Networks. “A Zero Trust strategy should consider the full ecosystem of controls that organizations rely on for protection, and authenticating identity is step one in achieving better security outcomes. By collaborating with Beyond Identity, we’re giving customers choice in their approach to authentication security that aligns with our commitment to providing next-generation cybersecurity.”
WWT: “As the world shifts towards Zero Trust, we require innovative technology that enables customers to meet cybersecurity objectives. At WWT, we have a passion and vision for advanced technology that moves the needle for businesses toward a brighter and more secure digital future. We look forward to collaborating with Beyond Identity on this to encourage organizations to modernize their infrastructure, defend against routine password and MFA bypass attacks, and stay ahead of hackers.” - Chris Konran, Area Vice President, Global Cyber, World Wide Technology
Cloud Security Alliance: “Companies today are struggling to understand user identity and to the security risk posture of all of the devices they use, opening applications and users themselves up to a myriad of security vulnerabilities,” said Jim Reavis, CEO of Cloud Security Alliance. “By incorporating information from security technologies already deployed, companies moving to Beyond Identity's Zero Trust Authentication solution can close these vulnerabilities and strengthen their overall security posture.”
Optiv: “Optiv is committed to helping organizations minimize risk with strategic and technical cybersecurity expertise, solutions and services. We identify our clients’ unique business challenges and advise, deploy and operate complete cybersecurity programs fit to their needs. Through our partnership with Beyond Identity, we’re innovating a new approach to authentication security to protect critical assets and accelerate solutions.” - James Bonifield, Practice Leader for Digital Access Management at Optiv
Climb Channel Solutions: “Zero Trust is the sum of identity assurance plus device security. Since passwords are hackable and the cause of over 70% of all current breaches, organizations simply cannot achieve Zero-Trust objectives if they use traditional passwords.” said Dale Foster, CEO of Climb Channel Solutions, a leading edge technology distributor. “As a leading distributor of cybersecurity solutions, we look for best-in-class solutions present a sizeable market opportunity for the thousands of value-added resellers we serve, and we believe Beyond Identity’s Zero Trust Authentication solution as just such a solution to a clear, growing and unmet market need.”
FIDO Alliance: “To achieve Zero Trust, most organizations are going to have to rethink their approach to identity and authentication. The FIDO Alliance is setting the standard for phishing-resistant, cryptography-based authentication and looks for technology leaders to bring innovative, implementation-ready solutions to market that utilize our foundational capabilities. Beyond Identity’s solutions are a great example of how FIDO standards can be combined with other enterprise-ready features to advance the zero trust security agenda.” - Andrew Shikiar, Executive Director and CMO, FIDO Alliance.
BeyondTrust: “BeyondTrust is committed to offering a seamless approach to preventing data breaches related to stolen credentials, misused privileges, and compromised remote access - empowering organizations to easily scale privilege security as threats evolve. When it comes to authentication, a zero trust approach ensures all access is appropriate, managed, and documented, regardless of how the perimeter has been redefined, and authentication plays an important role in enabling these requirements. We look forward to working together with Beyond Identity, a member of our Technology Alliance Partner Program, to help educate the market on how zero trust strategies can be used to achieve cybersecurity goals. This partnership with Beyond Identity will help spread this message so we can ensure comprehensive protection against cyberthreats.” – Rob Spee, SVP, Global Channel and Alliances, BeyondTrust
Ping identity: “We enable enterprises to deliver seamless and secure digital experiences to their employees and customers,” said Loren Russon, SVP of Products and Technology at Ping Identity. “We’re honored to collaborate in this zero trust leadership series to ensure organizations adopt secure authentication solutions necessary to safeguard against advancing threats in the digital world.”