A Krakow-based company called Secfense has developed and introduced to the market a User Access Security Broker – a technology that allows for easy and global adoption of multi-factor authentication (MFA). Secfense broker can be implemented on any number of applications without interfering with the application’s code. The first large enterprises such as BNP Paribas bank and PKP Intercity, are already using this innovative tool.
Password problem in enterprises
After so many years passwords are still a key element in securing and confirming your online identity. This is becoming a bigger problem every year since passwords are very easy to compromise.
Cybersecurity in the remote work era
In the era of remote work, more and more organizations are switching from passwords to identity verification based on multiple methods other than passwords, the so-called multi-factor authentication (MFA). This is caused by the fact that MFA is currently recognized as one of the most effective ways to protect organizations against phishing and credential data theft.
Multi-factor Authentication integration costs
Due to the high cost and the difficulty of integrating MFA with applications, this authentication approach is most often used only in the most critical areas. This means that only some parts of the IT infrastructure are protected with strong authentication while most applications and systems are still protected only by weak passwords. Therefore despite attempts companies still remain vulnerable to attacks.
The complexity of MFA adoption
“Until now, the implementation of MFA within the entire organization was expensive, complex, time-consuming, and often even impossible. No bank, enterprise, or institution with a complex technological stack was able to meet this challenge,” says Marcin Szary, CTO and co-founder of Secfense. “We decided to change that and developed a technology that solves this problem. User Access Security Broker solves the problem of difficult adoption of MFA and makes it easy to use multi-factor authentication on any app.”
Secfense increases the level of security globally
You can summarize Secfense proposition in two points:
- Quick and easy adoption of any authentication method to any number of apps without interfering with their code.
- Easier and stronger authentication with the end goal of eliminating password-based authentication.
Elimination of passwords (therefore passwordless authentication), and the certainty that the person behind the screen is authorized to use the application and its resources (and not the bad actor that stole the credentials). These are some of the advantages of the use of Secfense’s User Access Security Broker.
Company representatives assure that the broker increases the organization’s security by protecting against the effects of phishing (including stolen sessions from logged-in users, and man-in-the-middle attacks).
Another value of Secfense technology is that it works in synergy with all the MFA suppliers that are already in use in the organization. Secfense broker can be deployed anywhere, regardless if applications are in containers, public clouds, or private data centers.
“The User Access Security Broker blends in with the existing infrastructure. It gives you full control over the entire user session – not only the authentication phase. What’s especially important – it frees from so-called vendor lock-in, thanks to which all existing and all future authentication standards (such as FIDO), are at your fingertips, ” explains Marcin Szary.
The only thing that holds companies from using the best available authentication standards is the support from the applications themselves. This is exactly what the Secfense User Access Security Broker helps with. It connects applications with authentication standards with no coding.
How does the User Access Security Broker work?
One thing that usually confuses people and needs to be clarified is that the User Access Security Broker is not an MFA solution. Secfense is not yet another 2FA. As the founders say, there’s an abundance of methods on the market so there was no point to compete with that. What was missing, until now, was an easy integration of existing and future methods with applications these methods are meant to protect.
Secfense’s competitive landscape
Secfense goes well beyond strong authentication and enters areas populated by services such as VPN, identity management systems (IAM), and privileged access management systems (PAM).
Secfense broker learning phase
When a user “goes through” a Secfense broker in the login process, the tool creates an authentication certificate and does not lose control of the user’s session since then. This allows the broker to enter something that goes beyond strong authentication – i.e. continuous authentication. The Secfense broker verifies whether the same, authenticated person is still sitting behind the computer screen, the authors of the solution explain.
Secfense and Passwordless Authentication
Secfense solution is, as its representatives assure, also the fastest and easiest way for companies to fully transform into passwordless, i.e. the authentication process without the use of a password. Depending on the strategy adopted by the client, it is possible to marginalize passwords thanks to the use of more sophisticated authentication factors. It’s even possible to give up passwords completely if the client decided to do so. The administrator can also configure the Secfense broker so that as soon as suspicious behavior occurs, the user will immediately lose access to resources or be forced to reauthenticate.
Zero Trust with Secfense
The new technology also supports a security model based on Zero Trust principles, ensuring the security of people, devices, and applications regardless of location. Thanks to Secfense broker, every person accessing the enterprise network is constantly monitored. The organization, in turn, always knows who the user sitting on the other side of the monitor is.
The first large Secfense implementations
The User Access Security Broker has already been implemented by some big enterprise clients including BNP Paribas Polska bank and PKP Intercity. The bank appreciated the Secfense solution for its flexibility, independence, and quick scalability:
“We are faced with new challenges every day. We must always be one step ahead of the attackers and know what they are going to do before they do it. We are convinced that the User Access Security Broker will bring security to a new level, both for those working at the office and from home. For us, working with Secfense is an opportunity to exchange experience with developers who put great value on out-of-the-box thinking.” Krzysztof Słotwiński, Business Continuity and Computer Security Officer at BNP Paribas Bank Polska.
Let’s make a short recap.
Secfense has been operating in the cybersecurity industry since 2018. It was founded by two professionals, Marcin Szary and Tomasz Kowalski, who for almost two decades have been focusing on IT solutions built for enterprises, with an emphasis on cybersecurity and identity management. The company’s technology is developed by an international team and supported by investors and mentors, among others from the Bitspiration Booster VC fund. It is also a grant beneficiary under the Intelligent Development Operational Program 2014-2020. To learn more about the company’s highlights and most important product milestones please visit the Secfense timeline.
This article was originally published in Polish in IT WIZ magazine. You can find the original version here.