Oct 12 2021

VMworld 2021: Why Factor-Based Authentication Is the First Step to Zero Trust

Among the takeaways from the annual event: Organizations must think differently about security in an era of distributed work.

Businesses have endured seismic changes over the past 20 months as they refashion their workplaces in the wake of an emerging consensus that workforces will be more distributed and less centralized for the long term.

At VMworld 2021, this year’s installment of the annual event for customers, analysts and partners of VMware, attendees learned how these shifts are affecting them — especially in the areas of end-user experience, data management and security — and how they can respond effectively with the right technologies and policies.

To help organizations manage it all, VMware highlighted its Anywhere Workspace line of solutions, introduced in April, which support hybrid work environments. Anywhere Workspace brings together several existing VMware solutions under a single banner: Workspace ONE, which provides unified endpoint management, desktop and application virtualization, plus a variety of employee experience and productivity solutions; Carbon Black Cloud endpoint security; and secure access service edge, which secures software-defined WANs.

The company also announced the rollout of VMware Cross-Cloud Services, a set of integrated services that enable organizations to build, run and secure applications across multicloud environments.

VMware CEO Rangarajan Raghuram said the Cross-Cloud Services initiative reflects the company’s recognition that “multicloud is the model businesses are going to use for the next 20 years,” as well as VMware’s determination to build software that will accelerate companies’ cloud journeys, save them money and set them free to choose any cloud.

How to Keep Employees Secure with Factor-Based Authentication

Security was also a key theme throughout VMworld, and it’s no wonder: IBM’s Cost of a Data Breach Report for 2021 found that an average breach costs organizations about $4.24 million — and that for organizations lacking mature zero-trust security strategies, the cost is more than $5 million.

Traditional perimeter security, the chief alternative to zero trust, “has not stood the test of time,” explained Paul Schrynemeeckers, a senior engineering consultant with CDW, because threat actors have become adept at “gaining a foothold in corporate networks through compromised systems or stolen credentials.” Consequently, Schrynemeeckers said, “organizations are investing a lot in security outside their domain, such as factor-based authentication, and are seeking to get a more holistic view of their security landscape inside and outside the environment.”

Unlike perimeter-based security, which trusts people and devices already inside a network, zero trust is a framework that requires users and devices to verify their identity to access different network resources, even if they’re already inside, explained Nelson Carreira, an enterprise architect with CDW.

LEARN MORE: Get access to a wide range of cybersecurity solutions for your organizations.

A key step toward zero trust, Carreira said, is deploying factor-based authentication, which requires users to authenticate their identity with more than just a username and password, most often by responding to a push notification on their phone. Organizations can now easily deploy factor-based authentication through an integration between VMware’s Workspace ONE and the Okta Identity Cloud.

“It’s actually not complicated for users,” he said. “You can test what the workflow will look like before implementing it organizationwide, and once it’s implemented properly, the experience is very easy for users.”

For example, an adult-beverage company that has employees all over the world needed to increase its security posture but had struggled in a previous attempt to roll out factor-based authentication. “So we implemented the integration between Okta and Workspace ONE,” Schrynemeeckers explained. “We implemented both factor-based authentication and mobile single sign-on, and we took time to discuss what the workflow would look like with MFA so they understood how it would look in different use cases. We rolled it out slowly, to small groups at first, so there wasn’t a big impact.”

Follow all of our coverage during the conference here, or follow our coverage on Twitter @BizTechMagazine.

Getty Images/ NoSystem images