Story image

Duo adds next-gen 'human' MFA identity access management offering to lineup

19 Oct 16

Duo is hoping to help resellers break ‘the circle of compromise’ after signing an exclusive distribution deal for NoPassword across Australia and New Zealand.

NoPassword, from Silicon Valley start-up WiActs, is an multi-factor authentication identity access management offering which removes passwords from the equation, instead using biometrics and other ‘frictionless hidden features’.

WiActs dubs NoPassword ‘a human multi-factor authentication solution’. The use of geo-fencing is a key differentiator for the product, with users able to set access policies down to a specific building.

Kendra Ross, Duo director and co-founder, says NoPasswords, which can be put into an MSSP offering, provides resellers with the chance to add a next-generation multi-factor and identity access solution to their solution set, with a low cost of entry and solid margins.

“It fills a gap in the market, the revenue streams look good and it sits comfortably alongside other security offerings and also mobile device management offerings and a number of other technology stacks they might have,” Ross says.

“They’re complementary to them and offer another bolt on to their solution which is very simple and easy to get up and running so there’s a low cost of entry for them into the market.”

She says ‘very good’ margins are available for NoPassword.

“It is a consumption based solution so it is an opportunity to build out an annuity model off the base of this.”

Ross says the offering creates public private key encryption and uses hidden information and device information a ‘secret’ password, or exchange, between the public and private key.

Users can chose which human aspects, such as facial recognition and biometrics, are used.

A 2015 Verizon Cyber Security Report showed 85% of data breaches are caused by stolen credentials.

“What we’ve seen is that the number of breaches happening has resulted because everybody is being told to use more complex passwords.

“But because they’re using more complex passwords, it becomes harder to remember them and the default standard these days seems to be one or two passwords across multiple applications.”

She cites the example of the Dropbox breach, a Dropbox employee’s reuse of the same password lead to more than 60 million passwords and user names being breached.

The employee’s LinkedIn account was breached and the password reused to access Dropbox’s corporate network – and the user credentials.

“It’s a cascading effect across all of these breaches,” Ross says. “The stock standard response from an enterprise will be make your password more complex, but that is just basically creating a circle of compromise.

“We need to approach this in a different way.”

While password managers were created to help the issue, they too require a master password.

“We’re trying to do away with that as a form of authentication.

“What we’re trying to do is make it simple for the user and less complex,” Ross says.

“By directly addresssing the reasons behind cyber-attacks, NoPassword significantly improves cyber-security through eliminating the risk of stolen credentials, phishing and social engineering,” WiActs says.

Ross says the offering is ‘a huge opportunity’.

“I don’t think this has been done easily, well or at a level that is affordable for most people. There are some very complex – and very good – identity management solutions out there, but they are extremely expensive and quite cumbersome.

“This makes it quite simple and the simpler it is the more users will sign on for it.”

The product is expected to appeal to the SMB market initially, with enterprises already well served. However, Ross says over time, she expects NoPassword to gain a foothold in enterprises as well.

HPE promotes 'circular economy' for end-of-use tech
HPE is planning to show businesses worldwide that throwing old tech and assets into landfill is not the best option when it comes to end-of-use disposal.
InternetNZ welcomes Govt's 99.8% broadband coverage plan
The additional coverage will roll out over the next four years as part of the Rural Broadband Initiative phase two/Mobile Black Spots Fund (RBI2/MBSF) programme expansion.
Dr Ryan Ko steps down as head of Cybersecurity Researchers of Waikato
Dr Ko is off to Australia to become the University of Queensland’s UQ Cyber Security chair and director.
Radware joins Chillisoft’s expanding portfolio
The cloud DDoS prevention, app delivery controller, and web app firewall expert is another step toward a total enterprise security portfolio.
Commerce Commission report shows fibre is hot on the heels of copper
The report shows that as of 30 September 2018 there were 668,850 households and businesses connected to fibre, an increase of 45% from 2017.
Wearables market flourishing - fuelled by smartwatches
A market that has stuttered in the past now has a bright forecast as adoption of wearable technology continues to thrive.
The tech that helped the first woman to sail around Australia
Lisa Blair used devices from supplied by Pivotel to aid her in becoming the first woman to circumnavigate Australia non-stop.
Why there will be a battle for the cloud in 2019
Cloud providers such as AWS, Azure, and Google will likely find themselves in a mad scramble to gain additional enterprise customers.