Beyond Identity announced integrations with additional single sign-on (SSO) solutions from CyberArk, Google Cloud, OneLogin by One Identity, Shibboleth, and VMware to accelerate enterprise and higher education adoption of completely passwordless MFA. These new integrations – which come on the heels of Beyond Identity announcing $100 million in Series C funding – further expand the industry’s most extensive ecosystem of identity and SSO providers committed to the advancement of passwordless MFA.
Passwords remain the most vulnerable link in the authentication chain and are involved in 80% of data breaches. Passwords are a compromised authentication method and an initial attack vector for ransomware and account takeover attacks. Adversaries employ phishing techniques to steal credentials or simply purchase previously stolen passwords to gain access. Recent high-profile security breaches, such as TransUnion South Africa, further underscore the fact that passwords are the root cause of cyberattacks.
The prevailing assumption is that MFA will protect organizations from password-based attacks. Unfortunately, attackers are easily bypassing existing MFA solutions at scale. To shore up the federal government’s cybersecurity defenses and deliver on President Biden’s Executive Order on Cybersecurity, the Office of Management and Budget (OMB) recently released a Zero Trust Architecture Strategy that requires agencies to stop using easily phishable MFA, including push notifications, one-time passwords over SMS, and voice-based systems. “Strong authentication” is a foundational component of any zero trust strategy, and the U.S. government now requires “passwordless MFA.”
“Beyond Identity’s approach aligns with the OMB’s recent guidance: passwordless MFA with no phishable factors,” said Kurt Johnson, Vice President of Strategy and Business Development at Beyond Identity. “We are thrilled to welcome cybersecurity leaders CyberArk, Google Cloud, OneLogin by One Identity, Shibboleth, and VMware into our technology ecosystem. We look forward to bringing secure and frictionless MFA to these important solutions with our Secure Work product that transforms the user experience while significantly bolstering defenses.”
Secure Work, one of three products built on Beyond Identity’s cloud-native platform, safeguards an organization’s SaaS apps, cloud resources, and critical data by eliminating passwords and restricting access to authorized and secure devices. It empowers zero trust by cryptographically binding a user’s identity to their devices with proven public/private key technology. The solution ensures every device has the correct security settings and required security software running at the time of login – before granting access. Beyond Identity’s advanced authenticator collects dozens of device security posture checks at the time of login. These granular security attributes can then be used to enforce security policies and stop risky users and devices from authenticating, protecting all critical resources.
Secure Work is designed for rapid deployment and low ongoing maintenance. Supplementing its prior SSO integrations with Auth0, ForgeRock, Microsoft ADFS and Microsoft Azure AD, Okta, and Ping Identity, Secure Work now integrates with:
CyberArk Workforce Identity Single Sign-On – CyberArk streamlines operations and gives one-click secure access to all enterprise apps and resources – across cloud and hybrid environments – from any location, using any device. Beyond Identity is certified by CyberArk and now listed on the CyberArk Marketplace.
Google Workspace – Google offers support for more than 15 popular SaaS providers, delivering secure SSO access to an extensive set of cloud and custom-built apps on desktops and mobile devices, including Google Workspace. Beyond Identity is now listed in the Google Cloud Partner Directory.
OneLogin Identity and Access Management Platform – OneLogin’s identity and access management platform provides policy-driven, context-aware access management and identity lifecycle management to ensure only authorized users are granted access to sensitive data. Beyond Identity is now a validated solution with a pre-built authentication and provisioning connector in the OneLogin Application Catalog.
Shibboleth Identity Provider – Shibboleth is an open-source project with a strong community of global users, including some of the most renowned higher education institutions. Beyond Identity integrates with Shibboleth’s flagship Identity Provider SSO solution, which scales rapidly, is easily customizable, and provides workforces with a personalized user experience.
VMware Workspace ONE Access – VMware delivers faster, more secure access to SaaS, web, and native mobile apps with MFA, conditional access, and SSO. Complementing its VMware Workspace ONE UEM interoperability, Beyond Identity is now listed on the VMware Marketplace and is interoperable with VMware Workspace ONE Access to provide secure, frictionless authentication by eradicating passwords and leveraging X.509 certificates without any certificate management. Administrators can assess the presence and current state of VMware Workspace ONE UEM on devices at login and continuously thereafter and deny access to devices not in compliance with policy. This device security posture data can be combined with 70+ device signals to create fine-grained authentication policy across all major SSOs.