Zero Trust Authentication is designed to negate the shortcomings of traditional authentication methods with features including passwordless capability and phishing resistance. Credit: Olivier Le Moal / Shutterstock Multifactor authentication (MFA) provider Beyond Identity has announced the launch of Zero Trust Authentication — a sub-category of zero trust security that the firm says aligns verification with zero-trust principles. Zero Trust Authentication has several key features including passwordless capability and phishing resistance that allow businesses to verify the identities of people and devices with zero-trust-level certainty, according to Beyond Identity. Without such enhanced verification capacities, organizations cannot truly implement zero trust security, it said.Palo Alto Networks, CrowdStrike, Optiv, Ping Identity, the Cloud Security Alliance, and the FIDO (Fast Identity Online) Alliance are among the organizations supporting Zero Trust Authentication, which has been designed to negate the shortcomings of traditional authentication methods. Beyond Identity said it will be bringing practical Zero Trust Authentication advice to customers and channel partners via international and local events across 2023, while its category-defining book, Zero Trust Authentication, details the specific capabilities, requirements, policies, and best practices.Authentication remains one of the more painstaking issues faced by CISOs with effective identification and authorization of users/devices often impacted by challenges spanning interoperability, usability, technical limitations, and vulnerabilities.7 requirements of Zero Trust AuthenticationBeyond Identity lists seven requirements for Zero Trust Authentication that differentiate it from traditional authentication. These are: Passwordless: No use of passwords or other shared secrets which can easily be obtained from users, captured on networks, or hacked from databases.Phishing resistant: No opportunity to obtain codes, magic links, or other authentication factors through phishing, adversary-in-the-middle, or other attacks.Capable of validating user devices: Able to ensure that requesting devices are bound to a user and authorized to access information assets and applications.Capable of assessing device security posture: Able to determine whether devices comply with security policies by checking that appropriate security settings are enabled, and security software is actively running.Capable of analyzing many types of risk signals: Able to ingest and analyze data from endpoints and security and IT management tools allowing policy engines to assess risks based on factors such as user behavior, the security posture of devices, and the status of detection and response tools.Continuous risk assessment: Able to evaluate risk throughout a session instead of relying on one-time authentication.Integrated with security infrastructure: Integrating with a variety of tools in the security infrastructure to improve risk detection, accelerate responses to suspicious behaviors, and improve audit and compliance reporting.Current authentication methods are failing“Current authentication methods are failing badly,” Jasson Casey, CTO at Beyond Identity, tells CSO. “The traditional approach to security was to establish a perimeter around the network and trust users and devices within that perimeter. However, this approach is no longer sufficient. With a range of cloud-based resources and users working or accessing resources from anywhere, the perimeter-based model failed.”With a zero-trust approach, there is no network-based perimeter, and no implicit trust is granted, Casey adds. Instead, each user and device need to prove they are trustworthy, therefore, Zero Trust Authentication is a core element of any complete zero-trust strategy, Casey argues. “Simply stated, if an organization implements most of the zero-trust elements perfectly but continues to rely upon failed methods of authentication, their efforts will not yield the intended result — stopping adversaries from breaching systems, taking over accounts, or deploying ransomware.” Adopting Zero Trust Authentication allows organizations to implement modern, robust security strategies by overcoming the limitations of passwords and legacy multifactor authentication (MFA), assuming the principle of never trusting and consistently verifying, Casey says. “The approach enables several benefits for organizations including a higher level of security by reducing the attack surface and making it more difficult for attackers to move within the network. In addition, it enables more flexible working arrangements as employees can work remotely while maintaining high security. Lastly, it helps organizations to remain compliant with constantly updating regulations by providing a secure, auditable security framework.” Related content news Multibillion-dollar cybersecurity training market fails to fix the supply-demand imbalance Despite money pouring into programs around the world, training organizations have not managed to ensure employment for professionals, while entry-level professionals are finding it hard to land a job By Samira Sarraf Oct 02, 2023 6 mins CSO and CISO CSO and CISO CSO and CISO news Royal family’s website suffers Russia-linked cyberattack Pro-Russian hacker group KillNet took responsibility for the attack days after King Charles condemned the invasion of Ukraine. By Michael Hill Oct 02, 2023 2 mins DDoS Cyberattacks feature 10 things you should know about navigating the dark web A lot can be found in the shadows of the internet from sensitive stolen data to attack tools for sale, the dark web is a trove of risks for enterprises. Here are a few things to know and navigate safely. By Rosalyn Page Oct 02, 2023 13 mins Cybercrime Security news ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations By Lucian Constantin Oct 02, 2023 4 mins Hacker Groups Ransomware Cybercrime Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe