By John Gruber
1Password — Secure every sign-in for every app on every device.
My thanks to Kolide for sponsoring DF last week. Kolide’s Shadow IT report found that 47% of companies let unmanaged devices access their resources, and authenticate via credentials alone.
Even with phishing-resistant MFA, it’s frighteningly easy for bad actors to impersonate end users — in the case of the MGM hack, all it took was a call to the help desk. What could have prevented that attack (and so many others) was an un-spoofable form of authentication for the device itself.
That’s what you get with Kolide’s device trust solution: a chance to verify that a device is both known and secure before it authenticates. Kolide’s agent looks at hundreds of device properties; their competitors look at only a handful. What’s more, Kolide’s user-first, privacy-respecting approach means you can put it on machines outside MDM: contractor devices, mobile phones, and even Linux machines.
Without a device trust solution, all the security in the world is just security theater. But Kolide can help close the gaps.
★ Saturday, 8 June 2024