Join executives from July 26-28 for Transform’s AI & Edge Week. Hear from top leaders discuss topics surrounding AL/ML technology, conversational AI, IVA, NLP, Edge, and more. Reserve your free pass now!
Enterprise security continues to journey toward a new future defined by passwordless and biometric technology.
Working alongside the FIDO alliance, industry giants like Apple, Microsoft, and Google are all experimenting with passwordless authentication solutions to phase out the use of passwords and to provide users with protection against credential-based attacks, social engineering attempts, and phishing scams.
As part of this trend, open-source identity-based Infrastructure Access Management (IAM) provider Teleport, announced the launch of Teleport 10, the latest version of Teleport Access Plane.
The new solution will offer enterprise users passwordless access to key resources including servers, databases, Kubernetes clusters, and internal web apps without the need for usernames, passwords, private keys, or other exploitable secrets.
Instead, users will be able to use biometric tools like TouchID, Windows Hello and Yubikey BIO so they won’t have to worry about the theft of passwords or login credentials.
Moving beyond the limits of password-based security
Teleport 10’s launch comes shortly after the organization announced it had achieved a valuation of $1.1 billion following a $110 million Series C funding round.
The new release is the latest example of technology providers attempting to phase out password-based authentication to stop credential-based attacks that have wreaked havoc over the past few years.
When considering that there are over 15 billion passwords exposed on the dark web, it is that password-based security has failed to protect users from malicious threat actors.
“Because passwords, usernames, private keys and even browser cookies can be copied lost or stolen, collectively they are the number one cause of data breaches. According to the Verizon Business 2022 Data Breach Investigations Report, the most common causes of data breaches can be traced to either human error or malcontent,” said Teleport CEO and Co-Founder, Ev Kontsevoy.
“Once bad actors gain access to an organization’s infrastructure through static credentials, they can then pivot within the system and access as much sensitive information as possible,” Konsevoy said.
Kontsevoy says that Teleport 10 aims to address this routine exploitation by authenticating users with biometric identity-based access management.
Using non-electronic physical attributes of employees to login is more secure because this information can’t be stolen, lost or shared in the same way.
As of today, Teleport 10 is now “the first ” Unified Access Plane based on the FIDO alliance’s WebAuthn standard and illustrates a trend toward biometric infrastructure access management.
A brief look at passwordless authentication and privilege access management
With the writing on the wall for password-based security, it is unsurprising that the global passwordless authentication market is growing rapidly, with researchers valuing the market at $12.79 billion in 2021 and anticipating it will reach a value of $53.64 billion by 2030.
While Teleport’s new solution technically falls within this market, as an identity and access management provider, the organization is not only competing against DIY access solutions and VPNs, it’s also competing against Privileged Access Management (PAM) solutions like CyberArk.
CyberArk’s Privileged Access Manager provides enterprises with a solution to store privileged identities in a secure repository, and to authenticate users via a single web portal.
Earlier this year, CyberArk announced it raised $502.9 million in revenue last year, and also announced the launch of a new venture capital fund, CyberArk Ventures with $30 million to drive investment in wider cybersecurity startups.
Another competitor and 2022 Gartner Magic Quadrant leader in the PAM market is Delinea, which offers a solution called Secret Server designed to discover privileged accounts.
Secret Server enables users to store privileged credentials in an encrypted vault, while offering provisioning and deprovisioning to help rotate credentials safely and efficiently. Delinea recently announced raising $200 million in annual recurring revenue last year.
However, Kontsevoy argues that Teleport’s lack of reliance on passwords, and use of biometrics is what distinguishes the provider from other competitors.
“Teleport is the only identity-based infrastructure access solution on the market. Most access solutions rely on secrets like keys and passwords to grant access. But secrets are not identity, and can be stolen,” Kontsevoy said.
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.
Source: Read Full Article