Highlights –

  • Enterprise users will be able to access critical resources like servers, databases, Kubernetes clusters, and internal web apps without using usernames, passwords, private keys, or other vulnerable secrets.
  • Instead of worrying about password or log-in credential theft, users would be able to employ biometric solutions like TouchID, Windows Hello, and Yubikey BIO.

The future of enterprise security is still dictated by passwordless and biometric technology. Industry leaders like Apple, Microsoft, and Google have been experimenting with passwordless authentication systems in conjunction with the FIDO alliance to phase out the need for passwords to give consumers a stronger defense against credential-based assaults, social engineering ploys, and phishing scams.

In line with this trend, Teleport, an open-source identity-based Infrastructure Access Management (IAM) provider, has introduced Teleport 10, the most recent version of Teleport Access Plane.

Thanks to the new solution, enterprise users will be able to access critical resources like servers, databases, Kubernetes clusters and internal web apps without using usernames, passwords, private keys, or other vulnerable secrets.

Instead of worrying about passwords or log-in credential theft, users would be able to employ biometric solutions like TouchID, Windows Hello, and Yubikey BIO.

Extending the capabilities of password-based security

The launch has come at an appropriate time when the company closed a USD 110 million Series C funding round. The firm’s total valuation stands at USD 1.1 billion. The new release is an example of how technology providers are attempting to phase away password-based authentication to stop credential-based assaults that have caused so much misery in recent years.

Every year, roughly 15 billion passwords get exposed on the dark web. For some time now, password-based security has been unable to shield users from nefarious threat actors.

“Once bad actors gain access to an organization’s infrastructure through static credentials, they can then pivot within the system and access as much sensitive information as possible,” Ev Kontsevoy, Teleport CEO and co-founder said.

According to Kontsevoy, Teleport 10 attempts to stop this common exploitation by using biometric identity-based access control to authenticate users.

Using the non-electronic physical characteristics of employees to log in is more secure as this information cannot be stolen, lost, or shared in the same way.

Teleport 10 represents a trend toward biometric infrastructure access management as “the first” Unified Access Plane based on the FIDO alliance’s WebAuthn standard.

Managing passwordless authentication and privilege access

It is hardly surprising that the global market for passwordless authentication is expanding quickly, given the dire predictions for password-based security. Researchers estimate that the market will be worth USD 12.79 billion in 2021 and USD 53.64 billion in 2030.

Teleport’s new solution faces competition from Privileged Access Management (PAM) programs like CyberArk as an identity and access management provider, in addition to DIY access programs and VPNs.

Enterprises can maintain privileged identities in a secure repository and authenticate users using a single web portal with the help of CyberArk’s Privileged Access Manager.

CyberArk announced the formation of a new venture capital fund, CyberArk Ventures, with USD 30 million earlier this year to encourage investment in a broader range of cybersecurity firms. CyberArk also said it generated USD 502.9 million in revenue last year.

Delinea, a competitor and leader in the PAM market’s 2022 Gartner Magic Quadrant, has a product called Secret Server that is intended to find privileged accounts.

With Secret Server, users can store valuable credentials in an encrypted vault while provisioning and de-provisioning to help rotate credentials safely and efficiently. Delinea recently announced raising USD 200 million in annual recurring revenue last year.

However, Kontsevoy explains that the lack of reliance on passwords and use of biometrics by Teleport distinguishes the provider from other competitors.

Experts’ Take

Ev Kontsevoy, Teleport CEO and co-founder, said, “Because passwords, usernames, private keys, and even browser cookies can be copied, lost, or stolen, collectively they are the number one cause of data breaches. According to the Verizon Business 2022 Data Breach Investigations Report, the most common causes of data breaches can be traced to either human error or malcontent.”

“Teleport is the only identity-based infrastructure access solution on the market. Most access solutions rely on secrets like keys and passwords to grant access. But secrets are not identity and can be stolen,” he said.