Enterprise Network Security Blog from IS Decisions

Azure MFA Server vs. Azure AD MFA: What’s the difference?
With Microsoft’s announcement to discontinue MFA via the Microsoft MFA server and a rebranding to Microsoft Entra ID (formerly Azure AD), many organizations are at a crossroads: embrace the cloud-based Azure AD MFA or maintain on-premise authentication. This decision isn’t one-size-fits-all. While cloud migration may be the ideal path for some, others need an on-premise … Continued

Is there a business case for cloud repatriation?
In the ever-evolving landscape of IT infrastructure, the pendulum often swings between embracing the cloud and reconsidering the benefits of on-premise solutions. This phenomenon, known as cloud repatriation, continues to spark discussion among organizations seeking the optimal balance between cost-effectiveness,…

The new FTC MFA requirement: Here’s what auto dealers need to know
After the FTC’s latest update to the Gramm-Leach-Billey Act (GLBA), any organization, including auto dealerships, that processes and stores customers’ personal financial data must meet several compliance requirements as of June 9, 2023. A key part of those requirements: a…

How does MFA prevent man-in-the-middle (MiTM) phishing attacks?
For cybercriminals, the appeal of phishing is simple: it’s reliable. At no cost, attackers can target as many employees as they want to gain access to a user account. It’s a numbers game, and they need only fool a single…

Two-factor authentications in schools: The essential guide
Like any other sector, education heavily relies on digital infrastructure, making it a hot spot for malicious activities. Check Point’s 2022 Mid-Year Report reinforces the urgency to secure educational institutions, highlighting a crazy 44% surge in cyber-attacks specifically aimed at…

What is TISAX certification? Here’s what you need to know
When Tesla’s model S came out in 2015, Elon Musk called it “a very sophisticated computer on wheels.” With cars increasingly more electronic device than machine, car makers are starting to act like software companies. We see a prime example of that shift in auto makers’ efforts to secure the vast amounts of personal and … Continued

A guide to the (revised) FTC Safeguards Rule’s new FTC MFA requirement
According to the FTC’s latest update to the Gramm-Leach-Billey Act (GLBA), many organizations now face new compliance requirements, including the FTC MFA requirement. In an effort to protect sensitive consumer data and curtail rampant data compromises, the FTC recently revised the requirements detailed in the Safeguards Rule, a subset of GLBA. Under these new guidelines, … Continued

Why 2FA for financial services is (still) so important
The large-scale cyber attack on JP Morgan Chase in 2014 exposed the vulnerability of financial institutions’ digital infrastructure. As a result of the historic attack, hackers gained access to the personal information of 76 million households and 7 million small…

UserLock named winner of selective Expert Insights award
We’re pleased to announce UserLock has won Expert Insights’ Editor’s Choice award in the Identity and Access Management category. Expert Insights is a leading resource for cybersecurity news, research and analysis. Their highly-selective Editor’s Choice award, limited to just six IAM…

Best 2FA authenticator apps with push notifications of 2023
Between remote work and evolving cyber threats, an additional layer of security beyond the password is not a “nice to have.” One of the most effective methods to safeguard your user accounts is two-factor authentication (2FA). 2FA requires users to…

Quickly approve 2FA push notifications with the UserLock Push App
We’re excited to announce the public release of UserLock 2FA push notifications via the UserLock Push app. Here’s how push notifications make MFA frictionless for your team. MFA is a must for security, but it can’t get in the…

Simplify MSP licensing and billing with the UserLock MSP console
Learn how the UserLock MSP Console simplifies your MSP licensing and billing. We’re pleased to announce the public release of the MSP console for UserLock. Now, managed service providers (MSPs) can easily administer UserLock licenses from our intuitive, web-based licensing management platform. Why use the UserLock MSP console? The UserLock MSP console is specially designed for … Continued

Windows Domain 2 Factor Authentication (2FA)
Windows domains and Active Directory (AD) makes it easy for administrators to control a large number of business PCs and devices from a central location. Today, a huge percentage of enterprises continue to rely on Windows domain AD to manage assets, users, systems, policies, profiles, and rights. Given that, it’s increasingly important to protect user account … Continued

Six steps to multi device security in the age of BYOD
Why does bring your own device (BYOD) worry IT managers? It all comes down to a wider base of devices gaining access to network resources. But with remote and hybrid work here to stay, employees asking to use their own devices…

Why UserLock? Compare UserLock alternatives
UserLock is an access management and multi-factor authentication (MFA) solution created by IS Decisions. It offers IT teams enhanced protection, control, and visibility over user access in Windows Active Directory and cloud environments. UserLock provides a solution for key zero-trust…

A guide to MFA prompt frequency: How often should you require MFA?
Every year, cybercriminals have more opportunities to exploit vulnerable user accounts and gain unauthorized access to corporate networks. Stolen or compromised credentials pose one of the largest financial threats to organizations, at around $4.5m per data breach. Compromised login credentials…

How to evaluate common multi-factor authentication (MFA) methods
MFA is an organization’s best defense against the increasing cost of data breaches. The question for savvy IT pros is not if to apply MFA, but how? A key part of how you apply MFA is the method you choose…

Securing Active Directory logins in remote work environments
The boom in working from home is a bonanza for cyber attackers. Each time an employee connects to the corporate network from their home they create an access point that can often be exploited. With Windows Active Directory (AD) still being the core identity and access platform for businesses around the world, the single … Continued

Why cyber awareness training is essential for your employees
Cybersecurity, IT governance and data security are the number one business risk in 2023. As cybercriminals become more sophisticated with their attacks, it’s tempting to point fingers at who, or what, seems responsible. The reality is more nuanced. We need to treat these threats as a business-wide risk for which everyone takes responsibility. Nearly every … Continued

How to protect MFA against brute force attacks
Multi-factor authentication (MFA) undeniably boosts security – this much we know for sure. Yet it remains a complex technology that often ends up being a trade-off between security and convenience. Attackers know this, betting that defenders will either fail to…

The future of multi-factor authentication (MFA)
Today’s increasingly frequent and costly cyber threats underscore the importance of securing access to organizational assets. Around 70% of successful data breaches originate from stolen credentials or phishing attacks, demonstrating how weak access security offers cybercriminals an easy route into…

6 ways to beat MFA fatigue attacks
Multi-Factor Authentication (MFA) has long been recommended as the most effective way for organizations to reduce the risks that arise from password compromise. Correctly implemented, attackers find it anything from inconvenient to impossible to bypass. With MFA, it can seem…

UserLock vs Thales (SafeNet Trusted Access)
Securing system access through user authentication tools is essential to prevent data loss and security breaches. These tools confirm the identities of users who access cloud applications and user accounts, allowing access to only authorized individuals. Among the many potential…

Causes of data leaks & how to prevent them
We all want to feel confident that our critical data isn’t falling into the wrong hands. But as data becomes currency, cyber attacks on sensitive information are all the more common. In 2022, more than 400 million U.S. citizens were affected by data breaches. Data leakage can come from cyberattacks, human error, or external threats. … Continued

Understanding user provisioning and deprovisioning
Managing access to enterprise networks is a critical aspect of information security. Under the ongoing and severe threat of data breaches, organizations must employ sufficient identity and access management (IAM) to safeguard their systems. Proper user provisioning and deprovisioning is one way to improve security. Provisioning refers to onboarding new users: creating a user account, … Continued

Protect your business: the importance of corporate cyber security
According to Forbes, cyber security joins inflation and recessions as one of the 10 biggest threats to businesses in 2023. As widespread cyber attacks continue to dominate headlines, organizations are no longer treating corporate cyber security as just an IT…

11 simple ways to improve your organization’s access control & security
As an IT professional responsible for managing an organization’s cybersecurity, you understand the importance of cybersecurity for business. Today’s IT professional faces many security threats — from unauthorized access and user error to data breaches. To mitigate these threats, it’s…

The cyber attack report
Organizations around the world face an expanding cyber threat landscape. With at least 30,000 daily cyber incidents and a growing list of attack methods, protecting access to corporate networks has never been more critical. At IS Decisions, we’ve analyzed the…

UserLock vs. Okta
UserLock and Okta are two popular access security and access management solutions. Both platforms provide strong security features, such as multi-factor authentication (MFA), single sign-on (SSO), and contextual user access policies. But choosing the right solution can be a challenge.…

The best single sign-on solution for Active Directory
Managing multiple user identities and passwords can be a hassle for employees and IT departments. Allowing password sprawl to spread to multiple corporate and cloud services can also pose a significant security risk for an organization. That’s where single sign-on (SSO) comes in. SSO allows users to access multiple applications using just one set of … Continued