$4m is the average cost of a data breach***. Protect employee and customer digital identities with the most open Two-Factor Authentication (2FA) solution available.

Strategy Paper Trial Version

63% of breaches involved leveraging a weak, default or stolen password*

Data breaches are rapidly increasing in scale and frequency.

  • 29% increase in total cost of data breach since 2013**
  • $158 is the average cost per lost or stolen record**
  • 26% probability of a material data breach involving 10,000 lost or stolen records in the next 24 months***

Single passwords aren't helping.

They are complex to remember, often shared and easy for hackers to crack. The average user has to manage 26 passwords and shares the same password amongst 5 systems. Once one profile is accessed, criminals inevitably try credentials on other popular applications such as social media and email provider sites. The only way to safeguard customers and employees is by introducing additional forms of authentication.

Read more here.

* Verizon Data Breach Investigations Report (DBIR), April 2016
** Identity Theft Resource Center Breach Report, Dec 2015
*** Ponemon Institute Report, 2016


Foxmole: the specialist security consulting unit

Our dedicated Foxmole team offers an extensive range of services such as:

  • Strategy: reviewing investment areas and the people, processes and technology focus
  • Diagnostics: penetration testing, source code audits and more
  • Application Security: DevOpsSec, code reviews and SDLC analysis
  • Infrastructure: IoT, networks and other physical components
  • Governance: data protection and compliance
  • Security Reviews: assessing the delta between the "as is" and "desired" states

For more details on Foxmole Security Consulting, visit the dedicated site.

A fresh approach to 2FA: open, scalable, non-disruptive and flexibly priced

A revised risk management approach is driving legacy replacement:

  • The right solution to match different requirements: not a "one size fits all" mandate
  • Security vs Ease-of-Use: adoption rates slow when maximum security in every use case determines solution choice
  • Token vs Push Token: remote, offline or device-based authentication should be available
  • Openness for new Token technologies: vendor choices should be capable of integration with advances as they occur
  • Flexible licensing: SAAS, on premise and more to meet current demands and adapt to future requirements
  • Ultra scalable for B2C: many established 2FA offerings cannot manage the vast volumes of consumer profiles that telco, retail, banking and other industries must support

By using open standards like FIDO U2F and OATH, and abstracting the implementation of a specific token from the core management and handling of tokens, LinOTP can easily support a broad range of hardware and software tokens.

Read more here.

Modular, adaptable and futureproof for the needs you don‘t yet know

Time-to-market is critical for all companies, and given the velocity with which business moves today, an investment in a security solution should deliver initial results in weeks, not months or years. Automated installation and a modular approach that integrates existing authentication services to add MFA capabilities will help speed adoption of a new solution.

User adoption can be eased when additional authentication appears a natural progression from existing security systems. LinOTP addresses these types of demands by offering, for example,  a Token-Abstraction Layer and a Token-Database, which can even be secured by an HSM (Hardware-Security-Module) to support an extremely broad range of token-Types.

Equally, LinOTP caters for on premise as well as cloud implementations, which helps address the needs of clients who are concerned with data hosting and access regulations.

Disruption of existing systems is often a cause of friction and ideally, the existing IT landscape should not need to be disrupted or deinstalled. LinOTP's API-centric approach helps accelerate integration with existing tools, and reduces the need to revisit the existing technology infrastructure.

Read more here.

Is your password putting you at risk?

One major cause of data breaches is the stolen password. Once hackers have an email address and password, a world of possibilities are open to them. The dangers are not just limited to the account they have access to. Their hacker’s next steps usually include not only selling the details to other criminals but also … Continue reading Is your password putting you at risk?

Read more

FIDO U2F: what it is and how you can secure your web applications using LinOTP

This is the first part of a series of blog entries about FIDO U2F and how you can use FIDO U2F and LinOTP to secure your web applications. Kicking off, we would like to introduce you to FIDO U2F and explain the idea behind it. Following blogs will be about the protocols and how you … Continue reading FIDO U2F: what it is and how you can secure your web applications using LinOTP

Read more

Why biometric authentication isn’t a silver bullet

There has been a lot of noise in the press recently about the rising tide of biometric authentication. The concept has been around for longer than many might think. For example, facial recognition was tested at the Superbowl in 2001, though the results were not widely circulated. A few pioneering companies (particularly banks) are rolling … Continue reading Why biometric authentication isn’t a silver bullet

Read more

"2FA: Safeguard the digital enterprise's brand and reputation"