Teleport Study Suggests Weaknesses in SSO Research uncovers problems that arise with single line of defense with IdPs

New York: A report issued today from cybersecurity vendor Teleport offers guidance to enterprise teams concerned about compromises to identity provider (IdP) systems – and how these can have a cascading effect on single sign on (SSO). The report details how to mitigate the effect with a method known as infrastructure defense in depth.

“I think the idea of defense in depth for modern infrastructure access should be a mandatory requirement,” explained Dr. Edward Amoroso , lead analyst for TAG Infosphere. “The series of troubling issues we’ve seen with identity providers drives our view here at TAG that additional protection features are needed to layer on top of service provider capabilities for infrastructure access, including SSO.”

The Teleport report details recent analysis done with Doyensec, a research company that specializes in security vulnerability-related work. The report found that methods such as phishing resistant MFA offered good protection against attacks cascading from successful IdP breaches. The report also found that mandatory MFA enrollment helped to avoid weak access patterns.

“We’ve reviewed the Teleport secure infrastructure access solution,” explained Dr. Amoroso, “and their support for the various defense in depth features called out in the Doyensec report looks like a good match for enterprise teams. We now regularly recommend Teleport for engineers and developers who need to access services, systems, and infrastructure in modern environments.”

The Teleport report includes access to a white paper that covers the findings in much greater detail, including a taxonomy of compromise levels using an IdP Threat Vector Tree that should serve as a useful guide for security practitioners worried about the impact of IdP compromise to their infrastructure access.

Readers interested in learning more about TAG Infosphere, should contact Laurie Mushinsky at [email protected].

?

About TAG

TAG is a trusted next generation research and advisory company that utilizes an AI-powered SaaS platform to provide on demand insights, guidance, and recommendations to enterprise teams, government agencies, and commercial vendors in cybersecurity, artificial intelligence, and climate science.

Copyright ? 2024 TAG Infosphere, Inc. This report may not be reproduced, distributed, or shared without TAG Infosphere’s written permission. The material in this report is comprised of the opinions of the TAG Infosphere analysts and is not to be interpreted as consisting of factual assertions. All warranties regarding the correctness, usefulness, accuracy, or completeness of this report are disclaimed herein.