Stolen or leaked credentials lead cyber attackers into the corporate network without any hurdles. WatchGuard strengthens its identity and access management with additional functions such as a password manager and a dark web monitor service for improved implementation of zero trust policies.
With the recently introduced "AuthPoint Total Identity Security“-Bundle builds WatchGuard Technologies its offer in the field of identity and access management in a targeted manner. The new service package expands the already established multi-factor authentication (MFA) "WatchGuard AuthPoint" with a dark web monitor service and a suitable password manager. Through the coordinated interaction of these functionalities along the risk-based zero trust policies of WatchGuard Unified Security Platformarchitecture, managed service providers can effectively show off with modern IT security concepts. The corresponding services can be provided quickly and easily via WatchGuard Cloud and scaled as required.
Credentials – the most used attack tool
🔎 The AuthPoint password manager was specially developed for use in companies (Image: WatchGuard).
“Stolen or leaked credentials are one of the top causes of data breaches. However, the use of passwords remains commonplace and is the most widely used form of user authentication in organizations,” said Carla Roncato, vice president of identity at WatchGuard.
“Although multi-factor authentication is now a business requirement, most organizations still struggle with weak passwords, passwords that are reused across multiple accounts, shared admin access, and data leaks and business applications that are becoming apparent on the dark web that don't support MFA. AuthPoint Total Identity Security can help here and, thanks to advanced password management functions and dark web monitoring, protects beyond the classic MFA functionality and single sign-on web access.”
Important parameters for securing digital identities
With WatchGuard's new all-in-one package, problems related to compromised credentials can be significantly reduced - thanks to consistent monitoring of credentials and proactive alerts in the event of a password leak on the dark web. In addition, AuthPoint Total Identity Security offers users an easy-to-use tool for generating complex passwords that are automatically used via browser extensions for Microsoft Edge, Google Chrome, Apple Safari and Firefox and are protected via Master Password.
By storing the credentials for each application in a password manager, the user only needs to create and remember a single complex master password. Not only is this user-friendly, but it is crucial in reducing the risk of phishing and social engineering attempts.
Important functional building blocks of "AuthPoint Total Identity Security"
Authentication Point MFA Service
Delivered via WatchGuard Cloud, AuthPoint MFA makes it easy to configure and manage offline and online verification methods. Access policies for end devices, VPN structures and web applications can be easily implemented and implemented. Likewise, nothing stands in the way of setting up single sign-on application portals for a wide variety of customer installations on the MSP side.
Dark web monitoring service
The AuthPoint Dark Web Monitoring service proactively notifies customers when compromised credentials from monitored domains appear in relevant or new credential databases. The corresponding notification is then sent both to administrators and directly to the users affected by the security breach, so that they can quickly update their passwords before the accounts are further targeted by attackers. Up to three domains can be monitored with a single license.
Password manager
The AuthPoint password manager was specially developed for use in companies and ensures the establishment of a higher standard for passwords in the long term. This not only means more control over the quality of passwords. It also reduces the number of password reset requests. Users no longer have to remember individual passwords, but benefit from the safe, which is protected with a master password. When users want to access an application, the respective password can be retrieved using the AuthPoint mobile app for iOS and Android and/or browser extension. The registration data is filled in automatically in the sense of a smooth and at the same time secure single sign-on based on strong passwords.
Targeted support in the form of:
- "Corporate Vault": For frequently used applications that are not subject to single sign-on, it is easy to add login data and create strong passwords. Also, administrators can share credentials for sharing an application.
- "Private Vault": Login data can also be added and secure passwords generated for personal applications. If the employee leaves the company, this information can be exported and used in another password manager.
“In the new 'AuthPoint Total Identity Security' package, WatchGuard not only combines two elementary building blocks for protecting digital identities with the password manager and multifactor authentication, but also enables us to monitor login data. In this way, we can validly resolve the risks associated with passwords for the benefit of our customers. After all, no one is immune to the associated danger. A single compromised password is enough for a successful ransomware attack. AuthPoint Total Identity Security is therefore exactly the kind of product that companies need now and in the future.”
More at WatchGuard.com
About WatchGuard WatchGuard Technologies is one of the leading providers in the field of IT security. The extensive product portfolio ranges from highly developed UTM (Unified Threat Management) and next-generation firewall platforms to multifactor authentication and technologies for comprehensive WLAN protection and endpoint protection, as well as other specific products and intelligent services relating to IT security . More than 250.000 customers worldwide rely on the sophisticated protection mechanisms at enterprise level,