As a security company that secures the most critical workflows for large organizations, we must hold a high security bar for our infrastructure. In this blog we share the Azure best practices we follow.
As more organizations move to cloud-based solutions, the importance of secure and compliant authentication methods has become increasingly critical. While passwordless authentication methods are the pinnacle of security, they have a reputation of being incredibly tedious to set up. Learn how EZSmartCard can help you improve security while removing onboarding friction with FIDO2, Azure CBA, and Passwordless Phone Authentication.
While Remote Desktop Protocol (RDP) is a convenient and efficient way to access remote systems, if it is not properly administered, it can be vulnerable to some attacks such as Man-In-The-Middle attacks caused by using the Trust on First Use (TOFU) model. In this blog post, we will discuss why RDP TOFU is a bad security model and why organizations should use SSL certificates instead.
EZCA enables Azure customers to have a secure and compliant Certificate Authority in Azure that connects to Intune allowing customers to issue device certificates without the need to run an on-premises ADCS Certificate Authority.
Now that organizations are securing their infrastructure by following Zero trust best practices, attackers are moving left in the pipeline and attacking GitHub. Earlier this month, Okta said that its private GitHub repositories were hacked. When the leaders in authentication and Identity Access Management (IAM) are hacked, it’s time to start taking things much more seriously.
With the move to passwordless and App based MFA, It is understandable that your staff might have concerns about installing the Microsoft Authenticator App, In this blog we will walk you through how to deal with this and secure your organization with strong MFA.
With the move to the cloud, the days of manually managing SSL certificates are gone. Now, Most organizations are moving to the ACME protocol. An easy to use protocol that automatically renews your SSL certificates preventing costly outages while freeing your engineers time to focus on other critical tasks.
As with many security tools, the origin of certificate transparency logs can be traced back to a cyberattack. The attack that can be credited with the creation of CT Logs is the 2011 DigiNotar attack. Now, Certificate Transparency logs enable organizations to have full visibility to all certificates issued for their domains.
With the exponential growth of online services, it has become impossible to manually rotate application certificates. Learn how you can automate your AAD Application certificate rotation with the new automatic Azure AD certificate rotation from EZCA.
SSH has become the weakest point in cloud security and hackers have noticed. Over the past few years we have seen an exponential increase of cyber attacks targeted to SSH. Organizations adopting zero-trust architecture must take a hard look at their existing identity management for SSH.