• man in the middle attacks - Secret Double Octopus

Stopping Man-In-The-Middle Attacks with Cryptography

Man-in-the-middle (MiTM) attacks – where an attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other – are a very real threat, especially when it comes to authentication. Various solutions have been put forward to prevent, or at least manage, this threat. These have met varying levels of success, although it [...]

By |June 14th, 2018|Categories: Articles|Tags: |

Why Passwordless Authentication is Essential for VPN’s

As the modern workforce becomes increasingly more mobile, businesses are allocating more and more on resources to secure remote connections. For years, Virtual Private Networks, or VPNs, have been the standard bearer for remote access. VPNs allow users to transfer sensitive data across a public network as if their devices were directly connected to private one. The New Paradigm Unfortunately, the [...]

  • Identity and access management - secret double octopus

What to Look for in Identity and Access Management Solutions?

Effective identity and access management platform? System? is likely the single most important responsibility for today’s chief information security officers (CiSO). Information and Access Management, or IAM, is the bread and butter of securing a network, ensuring access to data and applications is controlled and uncompromising. IAM plays a vital role in a company’s overall security framework. Having an effective strategy [...]

By |June 11th, 2018|Categories: Articles|
  • Hardware tokens Vs Software Tokens - secret double octopus

Why Are Software Tokens a Better Option

Tokens form an important part of the authentication process. In our previous post, we looked at how tokens fit into this process, and the different types of tokens available. In this piece, we’ll take a closer look at hardware tokens versus software tokens, and take a glimpse into the future of which token is likely to be the most widely adopted [...]

By |June 5th, 2018|Categories: Articles|Tags: , |
  • Tokens Hard, Soft And What’s In Between - Secret Double Octopus

Tokens – Hard, Soft And What’s In Between

Proving your identity in order to authenticate yourself and gain access to some kind of system, is more of a challenge than most people realize. This process has to be designed so that on one hand it’s as easy as possible for the user of the system to gain access, while on the other it’s as difficult as possible for someone [...]

  • Certification as single point of failure - secret double octopus

Circumventing The Single Point of Failure – Goals in Authentication

Securing our online communications has always been an ongoing task, one that has to stay in-synch with our ever-expanding communication technology. For years, the basis of this security has been Secure Sockets Layer (SSL) cryptography, now in its more updated version of Transport Layer Security (TLS). These protocols work by generating keys for every connection made between parties (say, your internet [...]

  • No KNOWLEDGE proof - Secret Double Octopus

Zero Knowledge Proof – What Peggy Knows About Victor

Zero knowledge proof authentication is the basis of modern-age authentication. It allows for the highest level of security, by ensuring passwords, transactions and conversations don’t get compromised when transferred over an unsecured connection. In this article we will look at zero knowledge proof to understand the need for it, how it works, and where it’s being utilized to verify parties today. [...]

  • What is Zero Trust authentication secret double octopus

What is Zero Trust Authentication?

“Zero Trust” is a concept that can revolutionize the way people interact with networks, and each other. At its core, it’s a different approach to network security, but its practical implications are far-reaching. In this article, we dive into Zero Trust Authentication, as well as clarify and understand the basics of the approach and the practical ramifications of it.   The [...]

  • Active directory and LDAP - Secret double octopus

LDAP, Active Directory and Federated Identity: What You Need to Know

Managing identities across an enterprise is one of the bigger challenges facing the world of digital security. In a company where large numbers of users access multiple applications in a diverse work environment, managers need reliable tools that allow smooth access for workers, while maintaining strong authentication standards.   Making Some Order When looking at the most common tools used in [...]

By |May 14th, 2018|Categories: Articles|Tags: , |
  • PCIs-new-regulations-Secret-Double-Octopus

Tackling the PCI’s New Authentication Regulations

The latest standards governing the world of digital payments have come into effect. On 1 February 2018, the new Data Security Standards of the Payment Card Industry’s (PCI) Council, or PCI DSS, came into effect. These new standards upgraded many protocols that used to be merely “best practices”, to full requirements. The updated PCI DSS is a significant shift from earlier [...]