We will be the first to admit it: we are obsessed with security. In an era where cybercriminals are more sophisticated and persistent than ever, that obsession is a necessity. Modern security requires a fundamental shift in mindset: you cannot implicitly trust anyone. Not outside hackers, and—uncomfortable as it may be—not even the people inside your organization. This trust-no-one approach is the foundation of Zero-Trust Security.
While still critical to get right, passwords aren’t nearly as secure as you would expect them to be. They can be guessed (especially if proper password practices haven’t been followed), stolen in data breaches, or phished from a well-meaning—albeit shortsighted—employee. Passwords are basically the lock built into the front door of a building. They’re enough to keep out honest people, but what about the people who are willing to go to the deep web and 3D print the master key to the type of lock you use?