Duo's Security Blog

MARCH 25, 2022

Problem: The Traditional VPN Is No Longer Enough Since the 1990s, virtual private networks (VPNs) have been well-suited for the purpose they were built for – to grant employees temporary access to corporate networks and resources when they weren't logging in from an office.

VPN 86

VPN Architecture Authentication Software 86

SC Magazine

MARCH 1, 2021

A recent report from Zscaler found that VPNs are still overwhelmingly popular: 93% of companies surveyed reported that they have used them in some capacity. VPNs are also relatively cheap compared to other popular forms of access.

VPN 128

VPN Technology Marketing Media 128

eSecurity Planet

APRIL 26, 2024

Network security architecture is a strategy that provides formal processes to design robust and secure networks. This article explores network security architecture components, goals, best practices, frameworks, implementation, and benefits as well as where you can learn more about network security architecture.

Architecture 112

Architecture Network Security Firewall Risk 112

Cisco Security

OCTOBER 15, 2021

” For some environments, this can unfold as easily as a compromised username and password being used to infiltrate a virtual private network (VPN) to access network resources. Proactively assess and address security risks and identify required risk mitigation via a secure development lifecycle approach.

Ransomware 121

Ransomware Architecture Engineering Threat Detection 121

Duo's Security Blog

NOVEMBER 18, 2021

Additionally, the rapid shift to work from home resulted in thousands of RDP users and RDP-enabled machines connecting from outside the traditional network perimeter, thereby increasing the risk of cyber threats and data exposure. End users do not have to launch a VPN client as the traditional extra step when gating access to RDP hosts.

VPN 54

VPN Authentication Architecture Internet 54

eSecurity Planet

AUGUST 22, 2023

The technologies for secure remote access can range from VPNs and multi-factor authentication to more advanced access and zero trust controls. Strong passwords, two-factor authentication, firewalls, encryption, and monitoring systems are just a few of the tools and procedures used to maintain security.

Passwords 84

Passwords Authentication Encryption VPN 84

Security Boulevard

FEBRUARY 2, 2024

Introduction Ivanti, an IT management and security company, has issued a warning about multiple zero-day vulnerabilities in its VPN products exploited by Chinese state-backed hackers since December 2023. to gain access to ICS VPN appliances. to gain access to ICS VPN appliances.

VPN 64

VPN Risk Architecture Firewall 64

Duo's Security Blog

MARCH 30, 2023

A few specific reasons to move to the Duo Universal Prompt The Universal Prompt is Duo's latest authentication interface that enables easier, and more secure authentication for users. Improved User Experience – The Universal Prompt is a major redesign with new styling and a workflow-based authentication experience.

Authentication 53

Authentication Software Risk VPN 53

SC Magazine

MAY 7, 2021

Zero Trust requires that all users are authenticated, authorized, and continuously assessed for risk to access corporate applications and data. Legacy VPN, and related technologies, aren’t just slow, they’re characteristic of technologies that rely on implicit trust. Cerillium CreativeCommons CC BY 2.0.

VPN 64

VPN Technology Mobile Surveillance 64

Duo's Security Blog

APRIL 20, 2023

Totaling up to billions of Australian Dollars at risk each year from hackers and various online scams, it's crucial that organisations (and individuals!) With Duo, the University team stood up integrations within days instead of the predicted weeks or months , protecting their apps and VPN.

Phishing 67

Phishing Social Engineering Authentication Engineering 67

NopSec

APRIL 3, 2024

The application behavior varies depending on the authentication status of the attacker. An unauthenticated user can only read the first three (3) lines of a file, however authenticated users can read the entire file system. Fortinet FortiGate SSL VPN RCE CVE-2024-21762 I think SSL VPN RCE may be my favorite combination of acronyms.

VPN 45

VPN Authentication Architecture Software 45

Security Boulevard

AUGUST 16, 2022

Risk-based authentication (RBA) is quickly growing in popularity amongst identity and access management solutions. The reason is simple: it allows for improved customer experience by reducing friction in authentication journeys while maintaining appropriate security levels. The classic outcomes of risk in authentication.

Authentication 52

Authentication Risk Engineering VPN 52

SC Magazine

MARCH 1, 2021

A recent report from Zscaler found that VPNs are still overwhelmingly popular: 93 percent of companies surveyed reported that they have used them in some capacity. Access to VPNs is also relatively cheap compared to other popular forms of access.

VPN 52

VPN Technology Marketing Media 52

The Last Watchdog

MAY 14, 2021

Early SD-WAN solutions “were built only to replace an MPLS-VPN with an Internet-based VPN,” Ahuja says. All of these tools became extremely necessary to ensure that you could authenticate the user before allowing them access to the right resources in the network,” Ahuja says.

Firewall 138

Firewall Mobile VPN Digital transformation 138

eSecurity Planet

MARCH 14, 2021

Impluse SafeConnect offers automatic device discovery and can support anywhere from 250 to 25,000 endpoints and up with its scalable appliance architecture. It offers a rule-based architecture to automate access based on use cases. CyberGatekeeper also offers a VPN and intrusion detection system. Top NAC solutions.

Education 104

Education Authentication Healthcare Engineering 104

SecureWorld News

FEBRUARY 9, 2024

People, process & technology framework A successful IAM program requires all three dimensions—people, process, and technology—working in concert to enhance the user experience, fuel efficiency gains, and minimize enterprise risk. Technology: Technology is the foundation for an IAM program delivery within a layered security architecture.

IoT 91

IoT VPN Architecture Risk 91

SC Magazine

MAY 18, 2021

Such efforts involved encryption, two-factor authentication, secure network access and cloud-based networking. And while the court system’s VPN could ostensibly accommodate a safe of 2,500 staffers, McCarthy said its true capacity may actually have been as little as 500. Click here for more coverage of the 2021 RSA Conference.

VPN 52

VPN Encryption Authentication CISO 52

Malwarebytes

MAY 23, 2023

The #StopRansomware guide is set up as a one-stop resource to help organizations reduce the risk of ransomware incidents through best practices to detect, prevent, respond, and recover from them, including step-by-step approaches to address potential attacks. Anomalous VPN device logins or other suspicious logins.

Ransomware 60

Ransomware Backups Social Engineering Accountability 60

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. The agencies warn of risk to elections information housed on government networks. The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon.

VPN 141

VPN Government Authentication Advertising 141

Cytelligence

JULY 30, 2020

In almost all cases , some form of RDP/RDG or VPN was utilized to allow access to corporate resources. However, Cytelligence found that in many cases security best practices were either only partially implemented or entirely overlooked , resulting in failures. . Implement MFA on VPN solutions. . Is RDG the solution? .

VPN 40

VPN Technology Architecture Internet 40

eSecurity Planet

FEBRUARY 23, 2024

Example of Azure gateway’s authentication information upon combining app proxy and app gateway 4. Enhanced Security ALGs boost network security by implementing strong user authentication and authorization processes. This approach protects sensitive information while reducing the risk of security breaches or unauthorized access.

Firewall 96

Firewall VPN Network Security Architecture 96

Duo's Security Blog

DECEMBER 12, 2023

As organizations migrate their workloads to cloud infrastructure platforms, new security risks can emerge. Certain risks may expose critical infrastructure to cyberattacks, enabling malicious actors to gain unauthorized access to critical business information and potentially causing large-scale data breaches.

Data breaches 79

Data breaches Authentication Passwords Risk 79

eSecurity Planet

MARCH 14, 2023

In this simple environment network security followed a simple protocol: Authenticate the user : using a computer login (username + password) Check the user’s permissions: using Active Directory or a similar Lightweight Directory Access Protocol (LDAP) Enable communication with authorized network resources (servers, printers, etc.)

Network Security 92

Network Security Firewall Penetration Testing Encryption 92

eSecurity Planet

MARCH 22, 2023

Virtual Private Network (VPN) : For remote access, remote desktop protocol (RDP) no longer can be considered safe. Instead, organizations should use a virtual private network (VPN) solution. Better network security access controls can improve security and decrease cost and risk.

Firewall 104

Firewall Network Security Penetration Testing Encryption 104

Cisco Security

OCTOBER 20, 2022

Couple that with hybrid work , IoT, the move to the cloud, and more emboldened attackers, and organizational risk increases exponentially. Adopting a zero trust model can dramatically reduce this risk by eliminating implicit trust. This way, they can put in place multi-factor authentication (MFA) that frustrates attackers, not users.

Authentication 110

Authentication Architecture Technology VPN 110

eSecurity Planet

DECEMBER 8, 2023

DNS communicates in plain text and, without modification, DNS assumes that all information it receives is accurate, authentic, and authoritative. To protect the protocol, best practices will add additional protocols to the process that encrypt the DNS communication and authenticate the results.

DNS 110

DNS DDOS Firewall Architecture 110

eSecurity Planet

DECEMBER 7, 2023

AES encryption can be commonly found in communication protocols, virtual private network (VPN) encryption, full-disk encryption, and Wi-Fi transmission protocols. Encryption protocols can also verify the authenticity of sources and prevent a sender from denying they were the origin of a transmission.

Encryption 109

Encryption Passwords IoT Firewall 109

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

Enterprises secured applications and digital assets through Single Sign On (SSO), Virtual Private Networks (VPN) or Web Access Management (WAM). But this architecture was designed for only a small number of employees to work outside of company headquarters — with limited access to applications beyond the on-premises network perimeter.

VPN 87

VPN Authentication Data breaches Architecture 87

Cisco Security

MAY 14, 2021

Josephina Fernandez, Director of Security Architecture & Research at Cisco. As a result, we are more flexible and agile than ever—but changes in how we access corporate applications have introduced a lot of complexity and risk. It is frictionless – meaning no VPN. Providing secure application access without a VPN.

VPN 85

VPN Architecture Authentication Passwords 85

Duo's Security Blog

AUGUST 3, 2023

Access management solutions, including single sign-on (SSO), multi-factor authentication (MFA), and privileged access management (PAM), can offer a comprehensive defense against threats. There should not be a need to rip and replace any existing security architecture, and thorough documentation should be provided.

Authentication 88

Authentication Risk Passwords Insurance 88

eSecurity Planet

MARCH 17, 2023

From there, these tools send alerts to security teams if and when risks are identified. With a VPN, users can securely access their enterprise network from various locations and devices; VPNs encrypt the private network’s data via various tunneling protocols to decrease the chances of a third-party attack on the public network.

Network Security 119

Network Security Penetration Testing Firewall Antivirus 119

Thales Cloud Protection & Licensing

MARCH 31, 2021

Trust is now a risk. There are two major considerations for us: enhanced authentication security, and user workflow efficiency. “In In the case of user efficiency, now with a full remote workflow for user authentication, all devices are authenticating over an enterprise VPN client.

Digital transformation 77

Digital transformation VPN Technology Architecture 77

Cisco Security

AUGUST 26, 2021

Only by integrating these tools into your larger security reporting and analytics infrastructure, and by leveraging actionable responses, can one reduce the threat risk to an organization. CyberArk reduces VPN risk with MFA enforcement on any VPN client that supports RADIUS; including Cisco Secure Firewall.

Technology 113

Technology Firewall VPN Authentication 113

Thales Cloud Protection & Licensing

APRIL 20, 2021

Verizon uncovered additional risks in employees’ use of home Wi-Fi networks and VPNs. Meanwhile, Verizon found in its MSI 2021 that less than half (47%) of respondents with a VPN installed on their devices activated it. These are foundational principles to design next generation security architectures.

Mobile 71

Mobile Architecture Data breaches Authentication 71

eSecurity Planet

SEPTEMBER 23, 2022

The document lists concrete measures to reduce the risk: Generate architecture and design documents. The guide invites technical teams to apply the following mitigations: Implement a well-balanced authenticated source code check-in process, such as good practices with GIT repositories and multi-factor authentication (MFA).

Software 139

Software Authentication VPN Architecture 139

eSecurity Planet

MAY 11, 2022

While replacing VPN access with zero trust has been a start, the network security vendor thinks that’s just the beginning, and it’s offering up its new Prisma Access product as a model. Even though the zero trust strategy has been a step up from existing VPN applications, ZTNA 1.0

VPN 111

VPN Data breaches Architecture Marketing 111

SecureWorld News

APRIL 30, 2023

DCAP systems can: Analyze access rights and identify excessive levels of user access Classify documents and separate those with sensitive information Evaluate employee behavior to identify any anomalies Offer tools for visualizing current risks Offer a ready-made risk reduction methodology DCAP systems operate inside the security perimeter.

Technology 79

Technology Unstructured Data Data breaches Information Security 79