Joint Press Release: SurePassID and Swissbit
Swissbit and SurePassID Announce Phishing-Resistant, Passwordless User Authentication Solution for Government Agencies and Large Enterprises
Expanding Zero Trust and cybersecurity mandates require FIDO2-based authentication across public cloud, private cloud, and air-gapped networks
St. Petersburg, FL, April 26, 2023 - Cybersecurity leaders Swissbit and SurePassID today announced a joint solution that allows government agencies and large enterprises to accelerate their Zero Trust initiatives while complying with phishing-resistant user authentication requirements.
Swissbit's new iShield Key Pro hardware authentication device, combined with SurePassID Authentication Server's unmatched scalability and availability, enables the rapid deployment of phishing-resistant, passwordless multi-factor authentication (MFA) across public cloud, private cloud, and air-gapped networks. Cybersecurity administrators can add FIDO2-based authentication quickly and easily to domain logins and web, mobile, and legacy applications, without incorporating insecure and costly public cloud gateways or orchestration layers. The joint solution also addresses access scenarios where FIDO2 is not available, automatically falling back to a compliant HMAC-based one-time password (HOTP) authentication method without any interruption to the user experience.
"Phishing-resistant, passwordless user authentication is a vital need for public and private sector enterprises that are seeking to meet their Zero Trust requirements and extend their cybersecurity infrastructures," said Claus Gründel, general manager of Swissbit's Embedded IoT Solutions division. "Swissbit and SurePassID deliver the joint solution needed to seamlessly deploy FIDO2-based authentication to all users, from those remotely logging into cloud applications and workplace systems to those on-premises and using applications and devices within high-security facilities."
"Adopting FIDO2 across network topographies must be done with Zero Trust principles in mind, because existing cloud-based authentication solutions and public cloud gateways are not appropriate for user authentication in private clouds and air-gapped networks," said Mark Poidomani, founder and CEO of SurePassID. "Our joint solution with Swissbit provides phishing-resistant, passwordless user authentication natively and wherever it is needed, along with the global scalability and 99.999 % availability that government agencies and large enterprises require."
To secure access to critical data and applications, various United States federal laws require government agencies and contractors to implement Zero Trust and phishing-resistant, passwordless user authentication as outlined in the White House's "Improving the Nation's Cybersecurity" (EO 14028) and the Office of Management and Budget (OMB)'s "Federal Zero Trust Strategy" (M-22-09). FIDO2 provides a convenient and cost-effective alternative to personal identity verification (PIV) or common access (CAC) cards, the only other form of phishing-resistant MFA.
Swissbit and SurePassID's joint solution provides an array of features that streamline iShield Key Pro deployments for large numbers of users across heterogenous networks, such as automated provisioning and deprovisioning and centralized credential management. Other features that address the requirements of government agencies and large enterprises include core security features such as a secure software bill of materials (SBOM) and default protection of secrets in Microsoft Key Vault, comprehensive logging and audit trail for all aspects of user authentication, and available premium 24/7/365 support.
"Swissbit and SurePassID believe that phishing-resistant, passwordless MFA should be ubiquitous," said Gründel. "Our joint solution provides the capabilities, robustness, and price points that will enable widespread adoption of FIDO2-based authentication throughout the private and public sectors."
SurePassID is the leading provider of user authentication solutions for IT/OT systems and critical infrastructure. The company's platform is highly extensible, highly scalable, and highly available, and can be deployed wherever secure user access is needed - on-premise, in the cloud, within air-gapped networks, or across embedded systems and the Internet of Things. SurePassID's customers include federal law enforcement agencies, Top 5 defense contractors, and Fortune 10 healthcare companies. SurePassID sells its solutions direct and via a global network of resellers and integrators. Visit surepassid.com to find out more.