In a recent webinar HERE where we held a security round-table with contributors Dana Epp and Michael Fraser, we discussed double authentication. We were able to put book ends on this conversation from 15+ years ago, when Epp pioneered some of this technology with his Vancouver, B.C.-based security ISV called Scorpion Software. Epp’s claim to fame initially was to provide a double authentication solution for Remote Web Workplace (RWW) inside Windows Small Business Server (SBS). Epp discovered that RWW had extreme vulnerabilities starting with Port 4125.
Fast forward the movie and Epp sold Scorpion Software to Kaseya (where his double-encryption solution became the AuthAnvil). After serving Kaseya post-acquisition for almost four years, Epp is back in the wild with Wildrook – an ISV focused on Azure security and the focus of a future blog.
Back to double authentication and today’s security environment. I’d offer double authentication started out as an exception in Epp’s early days. Today it is a security best practice for a lot of my online activity concerning finances, health care and the like. I welcome the “pain in the rear” factor (it takes longer to logon and authenticate) because I value security.
For some, it’s about balance. Are you willing to put up with double authentication for greater security? Security is always about balance. Lemme know your sentiments.