Beyond Identity Expands Integrations With Leading SSO Providers

Invisible, unphishable multi-factor authentication (MFA) provider Beyond Identity today announced integrations with additional single sign-on (SSO) solutions from CyberArk, Google Cloud, OneLogin by One Identity, Shibboleth, and VMware to accelerate enterprise and higher education adoption of completely passwordless MFA. These new integrations – which come on the heels of Beyond Identity announcing $100 million in Series C funding – further expand the industry’s most extensive ecosystem of identity and SSO providers committed to the advancement of passwordless MFA.

Passwords remain the most vulnerable link in the authentication chain and are involved in 80% of data breaches. Passwords are a compromised authentication method and an initial attack vector for ransomware and account takeover attacks. Adversaries employ phishing techniques to steal credentials or simply purchase previously stolen passwords to gain access. Recent high-profile security breaches, such as TransUnion South Africa, further underscore the fact that passwords are the root cause of cyberattacks.

The prevailing assumption is that MFA will protect organizations from password-based attacks. Unfortunately, attackers are easily bypassing existing MFA solutions at scale. To shore up the federal government’s cybersecurity defenses and deliver on President Biden’s Executive Order on Cybersecurity, the Office of Management and Budget (OMB) recently released a Zero Trust Architecture Strategy that requires agencies to stop using easily phishable MFA, including push notifications, one-time passwords over SMS, and voice-based systems. “Strong authentication” is a foundational component of any zero trust strategy, and the U.S. government now requires “passwordless MFA.”

“Beyond Identity’s approach aligns with the OMB’s recent guidance: passwordless MFA with no phishable factors,” said Kurt Johnson, Vice President of Strategy and Business Development at Beyond Identity. “We are thrilled to welcome cybersecurity leaders CyberArk, Google Cloud, OneLogin by One Identity, Shibboleth, and VMware into our technology ecosystem. We look forward to bringing secure and frictionless MFA to these important solutions with our Secure Work product that transforms the user experience while significantly bolstering defenses.”

Secure Work, one of three products built on Beyond Identity’s cloud-native platform, safeguards an organization’s SaaS apps, cloud resources, and critical data by eliminating passwords and restricting access to authorized and secure devices. It empowers zero trust by cryptographically binding a user’s identity to their devices with proven public/private key technology. The solution ensures every device has the correct security settings and required security software running at the time of login – before granting access. Beyond Identity’s advanced authenticator collects dozens of device security posture checks at the time of login. These granular security attributes can then be used to enforce security policies and stop risky users and devices from authenticating, protecting all critical resources.

About Beyond Identity

Beyond Identity is fundamentally changing how the world logs in with a groundbreaking invisible, unphishable MFA platform that provides the most secure and frictionless authentication on the planet. We stop ransomware and account takeover attacks in their tracks and dramatically improve the user experience. Beyond Identity’s state-of-the-art platform eliminates passwords and other phishable factors, enabling organizations to confidently validate users’ identities. The solution ensures users log in from authorized devices, and that every device meets the security policy requirements during login and continuously after that. Our revolutionary approach empowers zero trust by cryptographically binding the user’s identity to their devices and analyzing hundreds of risk signals on an ongoing basis. The company’s advanced risk policy engine enables organizations to implement foundationally secure authentication and utilize risk signals for protection, rather than just for detection and response.