Expanding Zero Trust and cybersecurity mandates require FIDO2-based authentication across public cloud, private cloud, and air-gapped networks
ST. PETERSBURG, Fla., April 26, 2023 - Cybersecurity leaders Swissbit and SurePassID today announced a joint solution that allows government agencies and large enterprises to accelerate their Zero Trust initiatives while complying with phishing-resistant user authentication requirements.
Swissbit's new iShield Key Pro hardware authentication device, combined with SurePassID Authentication Server's unmatched scalability and availability, enables the rapid deployment of phishing-resistant, passwordless multi-factor authentication (MFA) across public cloud, private cloud, and air-gapped networks. Cybersecurity administrators can add FIDO2-based authentication quickly and easily to domain logins and web, mobile, and legacy applications, without incorporating insecure and costly public cloud gateways or orchestration layers. The joint solution also addresses access scenarios where FIDO2 is not available, automatically falling back to a compliant HMAC-based one-time password (HOTP) authentication method without any interruption to the user experience.
"Phishing-resistant, passwordless user authentication is a vital need for public and private sector enterprises that are seeking to meet their Zero Trust requirements and extend their cybersecurity infrastructures," said Claus Gründel, general manager of Swissbit's Embedded IoT Solutions division. "Swissbit and SurePassID deliver the joint solution needed to seamlessly deploy FIDO2-based authentication to all users, from those remotely logging into cloud applications and workplace systems to those on-premises and using applications and devices within high-security facilities."
"Adopting FIDO2 across network topographies must be done with Zero Trust principles in mind, because existing cloud-based authentication solutions and public cloud gateways are not appropriate for user authentication in private clouds and air-gapped networks," said Mark Poidomani, founder and CEO of SurePassID. "Our joint solution with Swissbit provides phishing-resistant, passwordless user authentication natively and wherever it is needed, along with the global scalability and 99.999 % availability that government agencies and large enterprises require."
To secure access to critical data and applications, various United States federal laws require government agencies and contractors to implement Zero Trust and phishing-resistant, passwordless user authentication as outlined in the White House's "Improving the Nation's Cybersecurity" (EO 14028) and the Office of Management and Budget (OMB)'s "Federal Zero Trust Strategy" (M-22-09). FIDO2 provides a convenient and cost-effective alternative to personal identity verification (PIV) or common access (CAC) cards, the only other form of phishing-resistant MFA.
Swissbit and SurePassID's joint solution provides an array of features that streamline iShield Key Pro deployments for large numbers of users across heterogenous networks, such as automated provisioning and deprovisioning and centralized credential management. Other features that address the requirements of government agencies and large enterprises include core security features such as a secure software bill of materials (SBOM) and default protection of secrets in Microsoft Key Vault, comprehensive logging and audit trail for all aspects of user authentication, and available premium 24/7/365 support.
"Swissbit and SurePassID believe that phishing-resistant, passwordless MFA should be ubiquitous," said Gründel. "Our joint solution provides the capabilities, robustness, and price points that will enable widespread adoption of FIDO2-based authentication throughout the private and public sectors."
Swissbit AG is the leading European manufacturer of storage, security and embedded IoT solutions for demanding applications. Swissbit combines its unique competences in storage and embedded IoT technology with its advanced packaging know-how. This expertise allows our customers to reliably store and protect data in industrial, NetCom, automotive, medical and fiscal applications as well as across the Internet of Things (IoT).
Swissbit develops and manufactures industrial-grade storage and security products "Made in Germany" with high reliability, long-term availability, and custom optimization.
Swissbit's storage range includes SSDs with PCIe and SATA interface such as mSATA, Slim SATA, CFast™, M.2 and 2.5" as well as CompactFlash, USB flash drives, SD Memory Cards, micro SD Memory Cards and managed NAND BGAs like e.MMC. Security products are available in various application-specific editions as USB flash drives, SD Memory Cards, and micro SD Memory Cards.
Swissbit was founded in 2001 and has offices in Switzerland, Germany, USA, Japan and Taiwan. Swissbit owns the registered trademarks Swissbit® and Hyperstone®.
For further information, please visit www.swissbit.com
SurePassID is the leading provider of user authentication solutions for IT/OT systems and critical infrastructure. The company's platform is highly extensible, highly scalable, and highly available, and can be deployed wherever secure user access is needed - on-premise, in the cloud, within air-gapped networks, or across embedded systems and the Internet of Things. SurePassID's customers include federal law enforcement agencies, Top 5 defense contractors, and Fortune 10 healthcare companies. SurePassID sells its solutions direct and via a global network of resellers and integrators. Visit surepassid.com to find out more.