The Password That Collapsed a Company: What We Can Learn from the KNP Logistics Ransomware Attack
“A ransomware attack on the group’s IT systems had such a devastating impact that the group concluded it could not continue to trade,” – BBC KNP Logistics (formerly known as...
What is the difference between MITM and AITM?
A traditional Man-in-the-Middle (MITM) attack primarily involves an attacker passively intercepting a communication channel to eavesdrop or steal static credentials, such as passwords. The Adversary-in-the-Middle (AITM) attack takes this a...
Understanding Authentication Strengths in Conditional Access
As cyberattacks become more targeted and identity becomes the core of security strategy, IT administrators are rethinking how users authenticate to sensitive resources. Organizations widely adopt Multi-Factor Authentication (MFA) to...
What Are the EAP Method Requirements For WPA3-Enterprise?
The only EAP method allowed in WPA3-Enterprise 192-bit mode is EAP-TLS, which uses X.509 certificates for client and server-side authentication. No other EAP authentication types are permitted, since they lack...
Is RadSec Necessary if I Already Use EAP-TLS?
EAP-TLS is a powerful certificate-based authentication technique that has been extensively used due to its high security posture. It enables mutual authentication between the client and server and secures credentials...
Why is Mutual Authentication Important in Secure Communication?
Mutual authentication is important in secure communication because it is a process where both entities verify each other’s identities before establishing a connection. In a network environment, the client and...
Why Should I Use EAP?
The Extensible Authentication Protocol (EAP) provides a standard framework for authenticating users and devices to a network. It uses various authentication methods, such as tokens, smart cards, digital certificates, and...
What is the difference between TLS and EAP-TLS?
TLS and EAP-TLS might seem identical initially since they depend on encryption and certificate-based authentication. TLS and extensible authentication protocols-transfer layer security (EAP-TLS) are often discussed in network security. They...
What are the three components in the 802.1X system?
The 802.1X system has three primary components: the supplicant, the authenticator, and the authentication server. The supplicant is the part of the device that requests access, the authenticator is the...
Is EAP-TLS The Same as PEAP?
Extensible Authentication Protocol-Transport Layer Security (EAP-TLS ) and Protected Extensible Authentication Protocol (PEAP ) are both authentication protocols used in the 802.1x framework, but they are not the same. The...
What Is The Gold Standard Of Network Security?
Extensible Authentication Protocol-Transfer Layer Security (EAP-TLS) is considered the gold standard for network security. It allows digital certificates to be deployed on WPA2-Enterprise with 802.1X authentication. EAP-TLS uses asymmetric cryptography...
How Does WPA3 Improve Wi-Fi Security Compared To Previous Protocols?
Wireless Protocol 3 (WPA3) improves Wi-Fi security compared to the WPA2 protocol, as it provides individual data encryption, side channel protection, and a more robust authentication mechanism through its 192-bit...
What is 802.1x Authentication Used For?
802.1x Authentication is a network security standard that grants access to wired and wireless networks by validating authorized users and devices. The 802.1X protocol is the IEEE Standard for Port-Based...
Understanding NIST SP 800-171 3.5.2: Device Identification & Authentication
NIST SP 800-171 is a cybersecurity framework that protects Controlled Unclassified Information (CUI). It applies to organizations handling sensitive government data and has been widely adopted as a best practice...
Your Guide To Wi-Fi Security
Wi-Fi is now a necessity. However, its convenience also makes it a prime target for cyber threats. As the number of Wi-Fi-enabled devices skyrockets, so do security risks. Attackers exploit...
What is MAC spoofing, and how does it affect Wi-Fi security?
MAC spoofing is when an attacker tricks a network by faking a device’s unique ID (MAC address) to gain unauthorized access or disrupt communication. This attack can happen in different...
2024 Security Analysis of PEAP-MSCHAPv2
These days, wired and wireless (Wi-Fi) networks are ubiquitous. Organizations need these connections to perform critical business functions, but these connections are susceptible to various ever-evolving cyber threats. As a...
Network-as-a-Service (NaaS): Explained
NaaS, or Network as a Service, is a cloud-based networking model that modifies how businesses handle and use their networks. Instead of having a lot of network equipment on-site, you...
WPA3-Enterprise: Should you Adopt It?
WPA (Wi-Fi Protected Access) was created in the early 2000s when IT professionals quickly realized that WEP (Wired Equivalency Protocol) had terrible security vulnerabilities. WPA2 was ratified in 2004 as...
Is RadSec Necessary for Eduroam?
Students and staff who visit other colleges and universities frequently encounter challenges accessing safe Wi-Fi networks. Without an integrated system, they may encounter connectivity challenges, different login procedures, or concerns...
Complete Guide to Android 802.1X
In this article, we’ll examine a crucial authentication method for keeping your Android devices secure while connecting to networks. It’s called 802.1X authentication. This specific security approach ensures only the...
The Dangers of Self-Signed Certificates
Self-signed certificates continue to pose critical risks to organizations prioritizing secure communication. While they may seem convenient for quick deployments, their inherent vulnerabilities can lead to severe security and operational...
How Safe Is The EMF Exposure From Wi-fi?
Most people use Wi-Fi, which emits electronic and magnetic fields (EMF). But are the EMFs from Wi-Fi dangerous? The short answer is no, but we'll dig into the question further.
Drawbacks of NPS in a Cloud Environment
Organizations want different technologies to work well together and integrate smoothly so they can be used more efficiently. The combination of Microsoft Azure and Network Policy Server (NPS) frequently generates...
WPA vs WPA2- The Better Wifi Authentication
Wireless networks are omnipresent. You may have access to many wireless networks, whether in a neighborhood coffee shop, a school, or home. However, it’s hard to tell which ones are...
How To Use RadSec For A Secure Roaming Network
RadSec is an 802.11x protocol designed to securely transfer information from a RADIUS through TCP (Transmission Control Protocol) and TLS (Transport Layer Security) for protected communications. At a basic level,...
What Is RADIUS Certificate-Based Authentication?
As cyber security risks increase and secure access to network resources is required, organizations are adopting different authentication methods. RADIUS certificate-based authentication is one of those methods that increase the...
4 Best Practices For Eduroam Deployment
Scholars and students often visit different campuses for internships, seminars, conferences, and other events. Accessing secure Wi-Fi at foreign campuses has always been a challenge for these individuals who require...
Best EAP Method to Configure a Secure WiFi Network
Extensible Authentication Protocol (EAP) is a strong security layer and authentication framework used in Wi-Fi networks. It provides various methods to verify the identities of users and devices before granting...
Passwordless Magic Link Authentication: Explained
Want to know how magic links work? Read on to know more about magic links other passwordless authentication methods for network security.
You Don’t Need LDAP for 802.1X Anymore
Without protection, your organization’s network is vulnerable to cyber attacks. The 802.1X protocol heightens network security by introducing RADIUS servers for authentication, and Lightweight Directory Access Protocol (LDAP) has commonly...
Using Multi-Factor Authentication for Network Security
Many inquiries that we receive reference Multi-Factor Authentication (MFA) and how it can be used to improve the network security. MFA is a process that requires more than one form...
Which Devices Support Passpoint and OpenRoaming?
OpenRoaming & Passpoint Wi-Fi makes the use of mobile devices on the go more secure. Find out what devices and OS support Passoint.
Expanded Windows Hello for Business + Yubikey Login
SecureW2 has developed two solutions that offer major functionality upgrades to Windows Hello for Business: A Yubikey Management Solution that allows you to use your Azure AD or AD directory...
(Solved) Android 11 Samsung “Deep Sleep” Wi-Fi Connectivity Issue
Android devices have long had an “app sleep” feature designed to reduce power usage for infrequently used apps, and it’s not a new problem that it can cause apps to...
What is Microsoft NPS?
In an era dominated by cloud-centric solutions, Microsoft NPS sets out as an on-premise network security tool for Windows Server. Its primary goal is centralizing network regulations, user identities, and...
How to Use Yubikeys for VPN
Yubikeys are a useful and secure tool for protecting yourself from data theft. They add a layer of authentication and can be used with other authentication methods to further protect...
FreeRADIUS vs. Cisco ISE
Cyber-attacks cost small businesses an average of $84,000 to $148,000, and 60% of those attacked go out of business in 6 months. As organizations continue to grow, it becomes more...
Device-Based vs User-Based RADIUS Lookup
If all the users in your network fit into one single group, RADIUS authentication would be simple. Alas, things aren’t that easy; administrators often find themselves needing to specifically distinguish...
WPA2-PSK is Not Good Enough
In this day and age, employees are accessing their corporate resources wherever they can get a strong wireless signal, whether it be a public hotspot, an airport, or a friend’s...
Why NTLM Authentication is Vulnerable
One of the biggest problems with Windows environments is the insistence to continue to build upon older systems despite the emergence of cloud solutions. Attackers can easily gain access to...
Everything You Need to Know About PEAP Security
Since most transactions and communication are done over networks today, the security of these networks can’t be overlooked. Securing your network connections has never been more critical, as the data...
A Security Analysis of WPA-Personal
In the continuous effort to strengthen wireless network security, Wi-Fi Protected Access (WPA) represents a significant turning point. Data transmission over airwaves is becoming increasingly common in the ever-expanding digital...
Does Rotating Preshared Keys Improve Security?
Wifi Protected Access 2 – Pre-Shared Key (WPA2-PSK), a wireless security standard from 2004, is still used by many organizations today. And although it’s safer than its predecessors, WPA2-PSK relies...
Designing a Zero Trust 802.1x Network
As hackers get more sophisticated and hands-on, network security strategies have to adapt to meet the new challenge. An old idea that has recently been given new life is the...
Passwords vs. Digital Certificates For RADIUS Authentication
Businesses understand the importance of passwords for private data security but might not realize that using a network with passwords poses many security threats. As hacking techniques become more advanced,...
Deploy Yubikeys For Secure Wi-Fi in WPA2-Enterprise Network
Security keys are useful tools for hardening your devices with an additional factor of authentication. Did you know that same protection can be extended to your network? SecureW2, a Yubico...
Is EAP-TLS Safer than PEAP-MSCHAPv2 in 2024?
The short answer is: Yes. Organizations that are interested in moving from the unsecure PEAP-MSCHAPv2 protocol to the superior EAP-TLS protocol might be worried about huge infrastructure overhaul or the...
What is WEP Security?
As we all know, wireless networks simplify numerous business procedures while providing trustworthy security. As a result, a user must be familiar with wireless networks and how they might facilitate...
RADIUS Server Authentication: Explained
A RADIUS server prevents unauthorized access to your network - and, thanks to services like Cloud RADIUS, this powerful authentication tool is more accessible than ever.
Is there an Alternative to Windows NPS?
Microsoft’s Network Policy Server (NPS) is a AAA RADIUS server used for a number of different types of network connections. It can be used for wireless authentication, VPN connections, dial-up,...
What’s the Difference between OpenRoaming and Passpoint?
Advances in Wi-Fi infrastructure are coming at a rapid-fire pace these past few years, and it’s a little difficult to keep up. Some of the most exciting news has been...
Windows RADIUS Server Pros and Cons
There are thousands of deployed instances of Windows RADIUS Server across the world, but users still debate its capabilities to keep their large networks intact and secure, giving rise to...
5 Network Access Control (NAC) Best Practices
Cybercrimes have been a cause of concern for organizations in recent times, especially when they are expanding remotely. Even nations’ policymakers have expressed concern about the surge in cybersecurity attacks over the...
How to Configure Azure AD CBA
With the introduction of Azure AD CBA, Microsoft has taken steps to move past using passwords - and your organization can, too.
Enabling RADIUS MAC Auth Bypass for IoT
Enabling RADIUS MAC Auth Bypass for IoT devices can alleviate cyber threats and help improve your network security. Here's How
Setup Microsoft Defender for Cloud Conditional Access App Control
Managed PKI solution for Microsoft Defender for Cloud Conditional Access App Control
Coworking Wi-Fi Security Best Practices: How to Protect Shared Networks
Coworking spaces are on the rise with the increase in the number of remote workers. Many organizations have moved towards coworking as the shared office model offers similar benefits as that of a...
5 Ways to Protect iOS Networks From Password Sharing Risks
If you are an Apple device user, you must know about the Airdrop feature, which lets you share files. You can also use the Airdrop feature to share your WiFi...
Troubleshoot Okta RADIUS Internal Server Error
Okta is one of the leading Identity and Access Management (IAM) service providers for enterprises around the globe. They provide a great user experience, but sometimes you might encounter some...
The Best Cloud RADIUS Server For Authentication
Due to the COVID-19 pandemic, employees are working from home now more than ever before. According to a Stanford study, an incredible 42 percent of the U.S. labor force now...
Compare Apple MDMs: JAMF vs. Mosyle
Apple devices are becoming increasingly popular for enterprises as they are feature-rich and user-friendly. Over 81% of employees use company-owned or BYOD Apple devices to access their corporate network, which...
WPA2-Password Safety In An Enterprise Network
When you try to connect to a Wi-Fi network and are asked for a password, do you ever find it hard to figure out what to do? You’re not by...
Why is EAP-TTLS/PAP Not Safe in 2024
When designing a new network, there are countless features to consider that significantly impact the organization at large. Few functions of the network impact users more than the authentication method...
WEP vs. WPA vs WPA2- The Better Wifi Authentication
One key component of wireless security is encryption, which is the process of encoding data before it is transmitted over the air. Only authorized parties with the correct decryption key...
MAC Auth Bypass In 802.1X Network: An Overview
A look at how RADIUS MAC Auth Bypass and MAC Address Filtering can help secure and manage your IoT devices.
Complete Guide to iOS 802.1X
Securely connecting iOS devices to a network can be a difficult task, especially since the Covid-19 pandemic sped up the inevitable rise of hybrid work environments. Network security must be...
How to Create Network Policies Based on Intune Device Compliance
Intune's device compliance attribute is a powerful tool for managing the devices on your network. Here's how you can turn it into a robust network policy with SecureW2.
Can you Authenticate RADIUS with YubiKeys?
As YubiKeys achieve widespread adoption, the industry keeps finding more and more uses for the powerful little device. One of the more interesting use cases for YubiKey is AAA/RADIUS authentication....
Do RADIUS Servers use AD?
Do you know what facilitated back-office IT functions for any business twenty years ago? It was Active Directory, Microsoft’s user directory system. Because Active Directory simplified the task for organizations to...
NAC Vendors: Cisco ISE vs. Aruba Clearpass
The rise in the popularity of remote work has caused a massive portion of the workforce to stay home. This is made possible by advanced BYOD devices with top-notch technical...
How AAA Servers Work
WPA2-Personal is common in homes and cafes – a security type requiring a preshared key (PSK). But some networks cannot be secured with a password, they want a username and...
The History of RADIUS Authentication Protocol: IEEE 802.1X
The Internet has been one of our most transformative and fast-evolving technologies. According to Satista.com, the internet user base increased from 413 million in 2000 to nearly 4.9 billion in...
Jamf vs. Intune: The Best Way to Manage Apple Devices
The rise in hybrid work culture has increased the usage of mobile devices such as smartphones and tablets for corporate purposes. Organizations must strengthen the security of these devices to...
A Deep Dive into the Security of WPA2-PSK
In Wi-Fi security, one protocol stands out for its widespread adoption and significant role in protecting data: WPA2-PSK. This protocol, short for Wi-Fi Protected Access 2 – Pre-Shared Key, has...
How Does WPA-Enterprise Secure Your Network
Securely authenticating network users is a fundamental aspect of network security and is the source of significant challenges for many network administrators. Authentication security has never been more important; In...
How To Solve the NPS Error Code 66 in Meraki?
The RADIUS server plays a vital role in the authentication within a network infrastructure. NPS (Network Policy Server) is Microsoft’s own RADIUS solution that performs a similar role of filtering...
How To Test MITM Attacks And Protect Networks
A man-in-the-middle (MITM) attack is a highly effective type of cyber attack that involves a hacker infiltrating a private network by impersonating a rogue access point and acquiring login credentials....
How To Use RadSec For A Secure Roaming Network
Integrating a RADIUS server with your network security infrastructure is a wise decision. RADIUS or AAA (Authentication, Authorization, and Accounting) servers guard your network against unauthorized access by verifying individual...
MacOS AD Bind Issues Post Microsoft Kerberos Update
On October 11th, 2022 Microsoft pushed an update to enforce domain controller validation for Active Directory. The purpose of this update is to shore up a security bypass vulnerability that...
List of Devices Supporting 802.1x
It is hard to imagine life without Wi-Fi, both in personal or professional spaces but we can not deny that it has parallelly caused the transmission of more and more...
LDAP Authentication with Azure AD
LDAP (Lightweight Directory Access Protocol) authentication can confirm user identities across a network. It uses a centralized directory system for user authorization and authentication. On the other hand, Microsoft offers...
Understanding Phishing-Resistant MFA in Azure AD
On an average day, most employees have to log into numerous different applications and resources at work. The influx of applications necessary for work has led to an exponential increase...
What’s the Difference between RADIUS, TLS, and EAP-TLS?
There are many components involved in running a secure network. It’s very easy to get bogged down by different terminology and be confused about what exactly each component does. This...
How To Set Up 802.1X Using Azure AD
You can configure 802.1X using Azure AD by syncing it with an LDAP server or enrolling every device with an x.509 certificate.
Windows Defender Credential Guard and PEAP MS-CHAPv2
In today’s evolving world of cybersecurity, protecting data and user credentials is of utmost importance as it is the biggest threat to an organization’s security. Microsoft has implemented two security...
FreeRADIUS with Google LDAP: How Does it Work?
Is an authentication system built around FreeRADIUS with Google LDAP more economical? Learn the truth about this setup here.
What is the Most Secure Method of Wi-Fi Authentication?
The first layer of defense for a wireless network is the authentication process. With a strong authentication barrier, an organization can feel confident that only approved network users are able...
PEAP-MSCHAPv2 Vulnerability Allows For Credential Theft
In 2013, Microsoft released a report of a known security vulnerability present within Wi-Fi authentication. The 802.1x authentication protocol known as PEAP-MSCHAPv2, a widely supported standard, can be exploited to...
2024 Guide to Android Network Settings
Android network settings are critical for ensuring a seamless connectivity and security for users. These settings cover a variety of parameters controlling VPN connections, mobile data, and Wi-Fi, among other...
How to Enable MFA for Google Workspace
Cyber-attacks are becoming more sophisticated, with hackers exploiting every available option to infiltrate your network. One-step authentication methods, such as using a login ID and password, are no longer enough...
Troubleshooting Commonly Encountered Okta Sign-In Errors
Okta is one of the leading identity and authentication platforms compatible with both cloud and on-premise directories. They provide a great user experience, but sometimes you might encounter networking errors...
High Level Comparison Of User Certificate vs. Device Certificate
The popularity of digital certificates has been soaring day by day with the advancement of cloud technology. It has already replaced the traditional usage of credential-based protection in various IT...
How To Enable RADIUS CBA On Google Workspace?
If the cybersecurity community could be compared to a court, the jury has reached its verdict: it’s time to move past outdated pre-shared keys as a means to network authentication....
An Overview Of RADIUS Certificate-based Authentication
With an increasing number of cybersecurity risks and the necessity for secured access to network resources, organizations are implementing various authentication methods. RADIUS certificate-based authentication is one of these techniques,...
MAC Spoofing Attacks Explained: A Technical Overview
New cyberattacks and breaches are reported every day in our news feeds. Cybercriminals target people as well as large corporations and other businesses. One of the many techniques hackers employ...
How To Configure 802.1X for Ubiquiti UniFi
In an era where network infrastructures must run smoothly, protecting sensitive data and securing connections is crucial. Ubiquiti UniFi is a market leader in networking solutions, providing a dependable and...
How to Resolve NPS Reason Code 22
Remote Authentication Dial-in User Service (RADIUS) is integral to network infrastructure, especially for authentication, authorization, and accounting (AAA) purposes. NPS (Network Policy Server) is Microsoft’s RADIUS server, replacing its age-old...
EAP-TLS vs. EAP-TTLS/PAP
Choosing the right authentication protocol is more than a matter of security. Authentication is the critical check ensuring only rightful users can access certain data or networks. The decision between...
What is NAS-ID?
The Network Access Server (NAS) is the frontline of authentication – it’s the first server that fields network authentication requests before they pass through to the RADIUS. The NAS Identifier...
How Does SSH Certificate Authentication Work?
Secure Shell (SSH) certificate authentication provides a robust method for authenticating users and hosts connecting to an SSH server. As a protocol, SSH prevents unauthorized parties from accessing systems remotely....
How to Configure RADIUS on Windows 2016: A Detailed Guide
A WPA-2 Enterprise network is incomplete without a RADIUS server, thanks to its triple role of Authentication, Accounting, and Authorization (AAA). Any robust network security demands all three functions for...
EAP-TLS Explained: How It Works and Why It’s Secure
Extensible Authentication Protocol–Transport Layer Security (EAP-TLS) is an IETF open standard defined in RFC 5216. More colloquially, EAP-TLS is the authentication protocol most commonly deployed on WPA2-Enterprise networks to enable...
A Complete Guide to Configuring Microsoft RADIUS Server
Need a solution for your network authentication, authorization, and accounting (AAA) requirements? RADIUS has been around for decades, used by thousands of organizations. Without a RADIUS server, authentication would have...
802.1X EAP-TLS Authentication Flow Explained
For many organizations, the IEEE 802.1X authentication mechanism for Port-Based Network Access Control is the first line of defense against outside attack. It’s also one of the most commonly targeted...
Should WPA2-Enterprise Be Used For My Home Network?
Securing home wireless networks has never been as important. An increase in remote work requires more people to handle sensitive business data at home. On top of this, our lives,...
EAP-TLS vs. PEAP-MSCHAPv2: Which Authentication Protocol is Superior?
Ensuring network users are able to securely authenticate to the wireless network is paramount to the overall safety and security of your organization. So many attacks are aimed at exploiting...
How to Use IEEE 802.1x Authentication for a Wired or a Wireless Network
IEEE 802.1x authentication is a standard for port-based network access control. It essentially requires devices to authenticate themselves before gaining access to network resources. This standard is versatile, working seamlessly...
What is PKI-as-a-Service (PKIaaS)?
Public Key Infrastructure (PKI) keeps data secure, authenticates identities, and ensures end-to-end encryption. It plays a vital role in securing digital communications and involves a set of roles, policies, hardware,...
4 Ways to Secure Wi-Fi Connectivity
Wi-fi networks are ubiquitous as more and more users connect to networks remotely for work, access data and applications, and manage IoT devices. As their popularity grows, so do the...
What is a PKI Token?
Today’s world relies heavily on online interactions, such as collaborating with family, friends, and colleagues on social media or checking our bank accounts. However, this ease of use raises security...
Mitigate the Risks of a Pre-Shared Keys-Based Network
Wi-Fi security is designed to safeguard data as it traverses the airwaves in wireless networks. Wi-Fi Protected Access (WPA) emerged as a response to the glaring deficiencies of its predecessor,...
LEAP Authentication and How It Works
Wi-Fi connection integrity is critical for organizations securing sensitive data or individuals protecting personal information. This requirement has created many authentication methods, each attempting to balance usability and security. LEAP...
Best Wi-Fi Security Settings MacOS
In a world driven by digital connection, safeguarding the security of our Wi-Fi networks is critical, especially for Mac users. Despite its strong standing, the macOS environment is not immune...
What is an X.509 Digital Certificate?
X.509 certificates are forms of identification that leverage public-private key cryptography. They are a secure replacement for passwords.
What is Cryptographic Agility and Why Does it Matter?
Cryptography is a cornerstone of securing information systems. It involves encoding data to ensure only authorized parties can access it. By converting data into an unreadable format, cryptography protects sensitive...
Best Practices for Enrolling Users for WPA2-Enterprise
Wifi is essential in daily life and is critical for any business today. At home, we use a single static password to protect your wifi. This security is called WPA2-Personal....
HIPAA Compliant Wireless 802.1X
The Health Insurance Portability and Accountability Act (HIPAA) has impacted the way healthcare organizations operate since its introduction in 1996. Its goal, ultimately, was to protect patient data by imposing...
Digital Signatures: Explained
An effective Zero Trust architecture is built on a foundation of identity context. Digital signatures support a Zero Trust initiative by cryptographically assuring the identity of the signee, answering questions...
Can PKI Replace Passwords?
There is a new trend that’s taking the IT world by storm: Passwordless Authentication. NordPass estimates that the average user has between 70 and 80 passwords. That’s why people so...
What is a Hardware Security Module?
More than ever, businesses and organizations have a responsibility to secure their data. Highly adaptable organizations have begun to implement a PKI as a means to upgrade network security. According...
How to Address MAC Randomization for Cloud Networks
Mac Address Randomization is an increasing trend among device manufacturers that are quickly becoming the industry standard. While it can help in reducing the risks of data breaches and spying...
Is Okta A RADIUS Server?
A RADIUS server operates through connecting to a central database to inform who is allowed to connect to your network. It is a simple and easy-to-configure authentication solution that cannot...
Google Workspace Network Security Best Practices
Considering the massive amount of revenue loss that can occur with just a single security breach and the continued prevalence of cyber attacks, organizations need to be emphasizing network security...
Should I Bind Non-Windows Devices to Active Directory?
Digital certificates are starting to take over as the preferred method of network authentication because of their proven superiority to passwords in security and user experience. Many organizations are wanting...
Configuring MFA with AD FS
It’s widely held knowledge that using a single factor for authentication to wireless networks is less than secure and easily exploitable by hackers. Many organizations recognize this and utilize Multi-Factor...
Tying IP Addresses to Azure Active Directory Users
Effectively tracking and managing identity context is one of the most important aspects of a secure Azure-based network. Without accurate identity context, it’s near impossible to determine if someone is...
Zero Trust Strategy Best Practices With AD CS
Zero trust is a burgeoning security practice among cybersecurity-focused organizations. The main concept behind zero trust is limiting a user’s resources to only what they need access to. For example,...
Setting up Secure BYOD Wi-Fi for K-12 Students
The days of getting in trouble for bringing technology into class are long gone. Many school districts actually rely on students to bring their own devices in order to incorporate...
Simplify Certificate Enrollment with AD CS
Many organizations recognize the inherent cybersecurity weakness of credential-based authentication and have made the switch to certificates as a result. The decision to move away from reliance on credentials is...
Issuing Certificates to Corporate-Owned Devices with Okta
Large organizations face a common problem when it comes to authentication: managing a variety of credentials for an assortment of different web applications. Each different application requires a unique set...
How to Setup Microsoft Enterprise PKI
The definition for a Public Key Infrastructures (PKI) varies among cyber security professionals, but is generally considered a collection of components that give everything an organization needs to issue and...
SolarWinds Compromise
Earlier this month, SolarWinds was breached by (who experts theorize to be) the hacker Russian organization, Cozy Bear. This attack has left 18,000 organizations potentially compromised with 250 of which...
Top 3 Pitfalls of Authenticating with OAuth
What is OAuth? Let’s demystify OAuth by starting with a definition. At its core, OAuth provides clients secure access to a server’s resources on behalf of a resource owner. OAuth...
G Suite + FreeRADIUS for WiFi Authentication
IT experts are stressing network security now more than ever, especially considering the massive amount of revenue loss that can occur with a security breach and how 10 million attacks...
Configuring FreeRADIUS for EAP-TLS Authentication
FreeRADIUS is one of the most widely used RADIUS authentication providers, with customers ranging from top enterprises to universities. While FreeRADIUS is certainly an effective authentication tool, cybersecurity hinges on...
Okta Vs. LDAP
For many years, LDAP has been the dominant protocol for secure user authentication for on-premise directories. Organizations have used LDAP to store and retrieve data from directory services and it...