Name: Combining the Old and the New: Best Practices for FIDO2 and PIV for Zero Trust
Start: 2022-09-22T16:00:00Z
End: 2022-09-22T16:00:44.000Z
Location: BrightTALK
Rating: 4.8

Axiad Cloud is an integrated and agile platform to manage the various set of credentials you need to protect your organization. It utilizes multi-factor authentication and PKI, Axiad Cloud goes beyond traditional MFA to protect your most sensitive data and help safeguard your network. You can achieve comprehensive identity security without unnecessary complexity or stretching resources.

To maintain resilience against modern cyber-attacks, modern enterprises need to support a wide range of authentication credentials: from X.509-based certificates to FIDO passkeys, from LDAP to OAuth, and from Kerberos to hardware-hosted tokens. Managing the lifecycles of these disparate credentials, from issuance to revocation or renewal, is no easy task. Some (like FIDO) were designed for individual user authentication, and some (like LDAP) were developed for large-scale IT admin automation. Unifying these different approaches in an advanced but simple credential management system is the path to resilient, enterprise-class authentication.   

Microsoft’s Entra ID is an industry-leading identity and access management solution that provides authentication and authorization services across a broad swath of products uses. Axiad is a leader in credential management for complex government and private sector use cases. In this webinar, these two teams will join forces to show how new Entra ID APIs for centralized passkey creation and management can be leveraged through advanced credential management solutions.

Attendees to this session will learn how Microsoft’s new Entra ID FIDO2 provisioning APIs can be harnessed by the Axiad Cloud credential management solution to deliver FIDO2 passkeys in the ways enterprises need them: in phishing-resistant forms; on behalf of IAM administrators; and in a unified, single-workflow system that works with other credential types.   
 
Key topics include:
• How Entra ID’s new FIDO2 APIs help manage passkeys so they can be pre-provisioned for users and create a simpler experience on first-time usage.  
• How to enable credential-agnostic authentication processes that are simple and scalable.  
• Best practices for integrating these two technologies into existing IT infrastructures.

This webinar is essential for IT security professionals, federal agency representatives, and anyone involved in designing or managing credentialing processes.

Simplifying Credential Management: FIDO2 + Entra ID + Axiad

Join us for an informative webinar on the latest advancements in secure identity management
for federal agencies. This session will delve into the processes and benefits of issuing PIV-
Compatible and derived credentials using Axiad Cloud, a FedRAMP solution, in conjunction with
YubiKeys. Attendees will gain a comprehensive understanding of how they can streamline the
credentialing process and ensure compliance with federal standards while enhancing security
and efficiency.
 
Key topics include:
- An overview of PIV-Compatible and derived credentials and their significance in federal identity management.
- Step-by-step guidance on leveraging Axiad Cloud for seamless credential issuance and lifecycle management.
- The role of Yubico authenticators to enhance security and provide phishing-resistant multi-factor authentication.
- Best practices for integrating these technologies into existing federal IT infrastructures.

This webinar is essential for IT security professionals, federal agency representatives, and
anyone involved in government credentialing processes. Join us to learn how to fortify your
security posture with cutting-edge solutions from Axiad and Yubico.

Confidentiality and Data Processing:
The information you provide in this form will be held in confidence by Yubico, Inc. and its Affiliates. Any personal information submitted in this form will be used by Yubico, Inc. and its Affiliates, for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with Yubico, Inc.

Enhancing Federal Security: Issuing PIV-Compatible Credentials

With the implementation of increasingly sophisticated cybersecurity technology, hackers have turned to social engineering to steal companies’ valuable data. The last couple of years have seen explosive growth in phishing attacks, many involving impersonation of employees. This makes authentic identities a cornerstone of any corporate cyber security posture. Carmax has implemented an identity and access management solution by partners Axiad and IDEMIA that uses IDEMIA’s PIV-based smart cards as a combined physical and digital access token, with certificate-based authentication (CBA) and identity and access management (IAM) system from Axiad. This talk discusses how this has been implemented by Carmax and how this passwordless, token-based solution can serve as an effective means for protecting sensitive corporate data.

Carmax: Combating Phishing with Integrated Physical and Digital Security

During this second webinar in our FIDO series, we focus on FIDO Passkeys. We break down the complexity of Passkeys and provide a holistic view of their role in authentication.

FIDO 101 E2: Demystifying Passkeys & Understanding Their Role in Authentication

Certificate-based authentication (CBA) has been a staple of governments and high security environments for decades, and remains a favorite amongst security experts due to its reliability and effectiveness in physical environments. However, when it comes to CBA on mobile, users have had little patience with its vendor requirements and cumbersome phone adapters. Now with Axiad and Yubico, there’s a new way to bring more security—and less friction—to mobile devices. 

Join Axiad and Yubico on March 30th to learn how your organization can achieve phishing-resistant authentication with CBA on mobile. We’ll discuss: 
• Phishing-resistant MFA trends and requirements
• FIDO and CBA, the only two technologies that deliver phishing-resistant authentication
• Why tech giants like Microsoft are investing in CBA with Microsoft Azure AD CBA
• How to deploy a YubiKey for authentication with a certificate provisioned and managed by Axiad Cloud

A New Way with CBA: Bringing Phishing-resistant Authentication to Mobile

FIDO is an acronym for “Fast Identity Online,” and the FIDO Alliance is a non-profit group whose mission is to develop authentication standards to help reduce the world’s over-reliance on passwords. With some of the largest companies and governments in the world having voted to standardize FIDO’s protocols, questions are naturally emerging on how (and when) to best leverage them.  

Join us on February 9 for a crash course on FIDO—what it is, how it could benefit you, and how to maximize your investment in it. In this 30-minute webinar, we’ll discuss:

• the history of FIDO and an overview of its key terms
• the fundamentals of authentication and multi-factor authentication (MFA), and their overlap with FIDO 
• top use cases for applying FIDO, and best practices for implementation
• potential misconceptions and downfalls, and when alternatives may be a better path forward

Read more: https://www.axiad.com/blog/guide-to-fido-and-fido-2-passwordless

FIDO 101 E1: Understanding FIDO and What It Can Do for You

The Peel Regional Police (PRP) team is the third largest municipal police service in Canada with 2,100 uniformed members and close to 875 support staff. Composed of five major divisions supported by community police stations, the team is responsible for a broad range of policing duties from airport security and traffic to community-related services and improving community safety and well-being. With such a broad range of environments and systems, the stakes are high when it comes to authentication. 
 
Join the Peel Regional Police and Axiad on December 8th to learn:
- The authentication challenges they face—and how yours might compare
- The tipping point that meant they needed to transition
- Their selection criteria and best practices for finding a new approach
- Why they selected Axiad as their vendor of choice 
- The challenges they foresee for the future

How the Peel Regional Police Found the Right Authentication Solution for Them

The Azure Active Directory CBA feature brings certificate-based, phishing-resistant authentication to the cloud. But how do you manage certificates for this new feature without the headaches of managing PKI? During this webinar, Axiad and Microsoft will show you how easy it can be to bring certificate-backed strong authentication to the cloud by using a completely cloud-native approach, and we’ll discuss how organizations can move from on-prem applications (i.e. AD FS) to Azure AD with help from Axiad Cloud.

Phishing-resistant Authentication in the Cloud with Azure AD and Axiad Cloud

With 84% of organizations having experienced an identity-related breach in the last year, investments in identity security are at an all-time high. On top of that, many are moving away from legacy approaches to authentication and toward a passwordless future.  

For organizations that have a heterogeneous IT ecosystem and varying internal requirements, the path to passwordless isn’t always clear. Due to this underlying complexity, security executives are often forced to take a fragmented approach to authentication, which can create significant user and administrative friction, high costs, and most importantly—gaps and inconsistencies that can be exploited by bad actors.

Join this 30-minute webinar with Axiad on July 21 to learn more about:
• How you can shift from a fragmented to a holistic approach to authentication
• Best practices for building an integrated authentication solution in your organization
• What to look for in order to remove friction without compromising on security
• How you can take a step-by-step approach to enterprise-wide passwordless orchestration

Holistic Authentication: Closing the Gaps in Your Passwordless Strategy

Over the past year, complex cyberattacks have skyrocketed—and it is no surprise that the U.S. defense industrial base and government contractors are primary targets. In this context, following the DoD Cybersecurity Maturity Model Certification (CMMC) is now more important than ever. Typically seen as phishing and account takeovers targeting digital identities, these attacks result in data exposure, denial of service, erosion of data integrity, and risk to critical assets. 

What if the solution was not to make passwords stronger, but rather to remove them entirely?
 
Join Axiad and Atos on April 14th to learn why passwordless phishing-resistant Multi-factor Authentication is the most secure and practical defense. 

We’ll discuss:  
1) General challenges of implementing CMMC identification and authentication controls
2) Actions to validate your workforce and machine identities in compliance with CMMC
3) What to look for in a phishing-resistant Multi-factor Authentication solution

Securing Government Contractors under CMMC with Phishing-resistant MFA

Cloud Authentication solutions are no longer just a trend, but the norm for organizations looking to modernize their cybersecurity. The essential question is how do you select a cloud platform that you can trust as if it were your own?

Enter: the Virtual Private Cloud (VPC). A model where each organization can benefit from the flexibility and scalability of the cloud, without having to compromise on security or compliance. The VPC serves as an extension of your own infrastructure, which only you can access, removing the concerns inherent to a mutualized cloud platform shared amongst thousands of customers.

Join Axiad on April 1st to learn how a VPC can help you avoid costly data breaches, while still reducing your costs and complying with strict mandates and regulations.

We'll discuss:
1) Benefits of a Virtual Private Cloud vs. a shared infrastructure
2) Why a VPC doesn't have to be time-consuming or costly
3) Questions you should be asking your cloud authentication vendor

Cloud Authentication: Why having your own Virtual Private Cloud matters

Enterprises have realized passwords are not secure enough to protect their data and information. However, they are struggling to get their workforce to move to passwordless once and for all. These adoption issues are often caused by the difficulty for users to issue, manage, and renew the various identity credentials required for passwordless. In many cases employees become discouraged and find workarounds in their security system instead of utilizing their credentials so they can remain productive.
 
Join cybersecurity experts Jerome Becquart, COO, Axiad, and Holger Schulze, CEO and Founder, Cybersecurity Insiders, to discuss why users will be more likely to adhere to security best practices if they are empowered to manage and renew their credentials without your IT team’s help. Learn how to successfully reach passwordless by putting users front and center:
 
- The current challenge of moving your workforce to passwordless authentication
- How remote and hybrid work have heightened these issues
- The impact of employees finding workarounds in your passwordless system
- Why a user-centric approach is the only way to break up with passwords for good

How to Break Up With Your Passwords Through User Empowerment

Passwords are not secure enough to protect essential business data and information – many enterprises are transitioning to passwordless authentication instead. However, this requires multiple identity credentials to secure all use cases which can be tedious for users to deploy and manage. Unless passwordless solutions put the user front and center, your business could be put at risk of cyberthreats. 
 
- What makes users the weakest link in your ecosystem as security becomes a barrier and is seen as a nuisance
- Why do enterprises need to choose solutions that empower users, limit friction, and reduce the work for IT teams
-	How to bring users on board with the enterprise's mission to become passwordless
-	How users are usually an afterthought when a solution is chosen and how it should be an integral part of the process of which solution is picked to sustain passwordless

What it takes to achieve complete passwordless

In today’s digital world, businesses are searching for ways to eliminate passwords and implement strong passwordless authentication across their use cases. IT leaders are looking to multi-factor authentication for many of their privileged and non-privileged users, such as hardware token or smartcards.  However, many applications still require passwords and need to be maintained by your system administrator. A strong PAM solution can act as the keys to your kingdom to ensure secure oversight for your privileged users and their credentials.
What do you need to consider when removing passwords and replacing them with MFA solutions? And which controls will you need in place for use cases that still need passwords? Join this discussion on today’s passwordless landscape with cybersecurity experts from Axiad and WALLIX. You’ll learn more about:

- Why you need to eliminate passwords from your infrastructure to ensure digital trust
- Which solutions can secure controlled, password-based access to IT resources for authorized users
- How to gain higher assurance by combining PAM and multi-factor authentication
- Why managing identity solutions in siloes could be detrimental to your IT team and end-users

Journey to Passwordless: Cohesive Authentication for Your Privileged Accounts

In this Axiad fire side chat, we will discuss the underlying issues that leave organizations open to cyberattacks, the technologies available to protect their assets, and how to prepare for increased compliance in the future.

Cybersecurity for Critical Infrastructure

​With the recent push to adapt to remote and hybrid working environments, enterprises have been challenged to accelerate their digital transformation. The effect has been far-reaching – from new threats of phishing and credential theft to the pressure to securely authenticate the growing number of remote workers, machines and devices on their network. Enterprises need to address these concerns with automated, scalable solutions that allow them to secure every identity in their digital ecosystem. This webinar will discuss:  
- Why taking a holistic approach to enterprise-wide authentication is more important than ever
- How streamlining the approval of digital processes can keep business moving forward
- The importance of considering machine identity management
- How to reduce the impact of phishing threats

Today It’s Different: Why a Holistic Approach to Identity Is Critical

With many organizations supporting a hybrid/remote workforce, deploying authentication solutions to dispersed users can be challenging. Users often lose their credentials, let them expire, or don’t follow security policies – all of which are exacerbated when organizations implement more credentials to meet varying business needs.
 
Organizations are looking for better and more efficient ways to improve security, while encouraging users to adopt best practices and enhance productivity. Airlock, an Axiad Cloud feature, enables users to comply with company-assigned directives, such as issuing a new credential, updating a certificate, or taking the latest security training by shaping user behaviors. YubiEnterprise Services helps organizations procure and distribute Yubico’s phishing-resistant hardware security keys to remote and in-office workers. Attend the webinar to learn:
-How Axiad and Yubico empower organizations to adapt to the security demands of a hybrid/remote workforce
-Expert insights on driving teams to adopt security best practices and overcome the logistical challenges that come with it
-What Axiad and Yubico can do to help bridge legacy multi-factor authentication (MFA) to passwordless authentication

Confidentiality and Data Processing:
The information you provide in this form will be held in accordance with applicable privacy laws by Yubico, Inc. and Axiad, Inc. for their performance of this webinar, and as such, you agree to being contacted and receiving relevant marketing materials.

Your personal data is retained by Yubico and Axiad only as needed in accordance with their respective data retention practices. Please refer to Yubico’s and Axiad’s respective websites for more information about their privacy policies.

Shape user behavior to drive MFA best practices with Axiad Airlock and YubiKeys

Securing all your users and implementing a Zero Trust strategy isn’t easy. A strong authentication strategy is a critical starting point, and doing so with FIDO2 is a smart step forward. But what are some practices to deliver on enterprise-wide strong authentication? Can FIDO2 fit the bill, or do we need more tools in our authentication toolbox? How are FIDO2 and certificate-based authentication like PIV different?
 
Join Axiad and FIDO on September 22 to learn how your business can provide secure access without passwords. We’ll discuss:

- Why organizations around the globe are increasingly leveraging FIDO2
- How FIDO2 differs from PIV
- Strategic considerations and best practices for FIDO2 implementation
- Actions you can take to secure every person, machine, and digital interaction in your ecosystem

Combining the Old and the New: Best Practices for FIDO2 and PIV for Zero Trust

Cyber Security

Authentication

Password Management

Identity Management

Identity Services

Cyber Attacks

FIDO

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Get powerful help desk and support insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on the help desk and support strategies that effect business value and growth.

Help Desk and Support

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Combining the Old and the New: Best Practices for FIDO2 and PIV for Zero Trust

Presented by

About this talk

More from this channel