Teleport Embraces FIDO to Eliminate IT Infrastructure Passwords
Teleport announced the latest version of its IT infrastructure access platform supports the Fast Identity Online (FIDO) Alliance web authentication standard to eliminate the need for usernames, passwords, private keys and other secrets to ensure security.
Michael Ferranti, chief marketing officer for Teleport, said the passwordless access capability within Teleport 10 gives IT teams a single sign-on capability that can also be integrated with biometric tools such as TouchID, Windows Hello and Yubikey BIO.
The FIDO Alliance was initially formed in 2013. It is an industry consortium that aims to advance an alternative to passwords based on a universal second factor (FIDO U2F), FIDO Universal Authentication Framework (FIDO UAF) and FIDO2, an associated set of specifications. Google, Apple and Microsoft have all committed to building support for FIDO-based passwordless sign-in capabilities within their endpoints.
Teleport is now applying that capability to IT infrastructure authentication as part of an effort to one day enable IT organizations to eliminate reliance on password credentials that are easily compromised, said Ferranti. Interest in eliminating passwords is rising as organizations begin adopting zero-trust approaches to securing IT environments, he noted.
The challenge organizations face when making that transition is the need for an authentication framework that can reliably grant access in real-time each time an end user makes a request. Historically, most organizations have relied on passwords that are managed via a directory. Cybercriminals today routinely target IT professionals with phishing attacks in the hopes of gaining access to those credentials.
To facilitate the transition to a real-time authentication framework, Teleport 10 also now includes a just-in-time resource access request capability that enables a user to request access to one or more individual resources when they need it. The request can be approved automatically based on policy or through tools such as Slack or Jira project management software from Atlassian.
The latest version of Teleport also adds support for Kubernetes infrastructure as well as Snowflake, Elasticsearch, Cassandra, Amazon Elasticache and Amazon MemoryDB databases.
Teleport creates a data plane that provides a security gateway that acts as a proxy for remotely accessing IT infrastructure. It is available both as open source software being advanced under the auspices of the Cloud Native Computing Foundation as well as via commercial offerings supported by Teleport, the original developer of the platform. Rather than relying on, for example, Secure Shell (SSH) keys to access IT infrastructure, the latest version of Teleport creates a more streamlined authentication process that improves the overall end-user experience, noted Ferranti.
Given the current level of reliance on passwords, it may take the better part of a decade to transition away from them. However, when it comes to IT infrastructure, the transition might be faster as more organizations rely on Teleport to manage access. Regardless of the approach to authentication, end users may soon refuse to remember passwords if there’s a simpler, more effective alternative available.
