Archive for January 24, 2022

Guest Post: It’s Data Privacy Week from January 24th-28th: Learn How Private Your Data Really Is

Posted in Commentary with tags , on January 24, 2022 by itnerd

As the line between our offline and online lives continues to blur, Data Privacy Week  from  January 24th-28th  is the little push we need at the start of the year to make safeguarding our personal information a priority. Although we live in an increasingly digital world, most of us give little thought to data privacy until after our personal data has been compromised.

Our increased reliance on digital technologies to manage every facet of life provides the need to rethink what we share about our lives and how to protect our most vulnerable information. From phishing attacks to wide-spread data breaches, key threats exist that put our important information at risk. Lookout, the leader in delivering integrated Security, Privacy, and Identity Theft Protection solutions, can help  ensure that your devices and data remain private while enjoying the best  technology has to offer. 

To help ensure your important data stays secure and private, Lookout recommends:

  1. Guarding your personal data & sharing information only when needed: Think twice before you share your personal data. Consider why a company is requesting your email address and what they might do with it before you enter it online. If a store asks for your birth date, driver’s license or phone number, you can decline to share that information.
  2. Staying vigilant about online scams & phishing attacks‍: Online phishing attacks and scams are becoming increasingly hard to discern with the naked eye; remember that not everything you see online is real. If a text message or email is written with extreme urgency, or asks you to send money or take action regarding your account, stop and go directly to the source to validate whether it is legitimate.  
  3. Downloading a dedicated mobile security softwarelike Lookout Security, Privacy & Identity Protection – to secure against digital threats, including phishing attacks, malware and identity theft.

All consumers can also scan their email for FREE on Lookout’s website to learn about breaches that may have leaked their personal data and take immediate action to secure their information. 

Black Kite 2022 Third-Party Breach Report Released

Posted in Commentary with tags on January 24, 2022 by itnerd

Black Kite has released their 2022 Third-Party Breach Report, with some key findings including:

  • Ransomware became the most common attack method of third-party attacks, initiating 27% of breaches analyzed in 2021.
  • Software publishers were the most common source of third-party breaches for a third consecutive year, accounting for 23% of related incidents.
  • The average time between an attack and the disclosure date was 75 days.
  • The healthcare industry was the most common victim of attacks caused by third parties, accounting for 33% of incidents in 2021.
  • Unauthorized network access followed ransomware, contributing to 15% of breaches
  • Unsecured servers and databases came third, accounting for 12% of breaches.

Aimei Wei, Founder and CTO, Stellar Cyber has this commentary:

“Our findings align with what the report discovered. Organizations have never adopted third party software at today’s speed due to the huge productivity improvement or the enablement brought in by this software. With the benefits comes the security threat from the increased attack surface. It is very challenging to ensure each one of them is vulnerability free, especially with the dynamic software upgrade, it is not future proof even if a software is vulnerability free today. The more practical way to fight this battle is to have a security monitoring system that can protect your entire attack surface dynamically by detecting any suspicious behaviors.”

This report can be a great roadmap for companies of all sorts to better secure themselves. Thus I encourage those in charge of cyber security to read the report and take the necessary action to secure themselves.

UPDATE: Kevin Novak, Managing Director, Breakwater Solutions had this to say:

“By attacking third parties, attackers gain the benefit of hitting an aggregated target; particularly when they can compromise the product being provided by that third party…a software package that then gets distributed to end-users for instance. It’s no wonder why the supply-chain vector has increased so broadly as a preferred target of cyber-attacks. Suppliers are data rich and have significant impetus to pay ransoms lest they lose customers who are paying for their services to remain online and for their data to remain secure.”

“While it is certainly the case that some ransomware attacks are all about ransom and quick returns, a sizeable percentage of ransomware attacks have a more protracted lifecycle that includes deployment of a ransomware across the enterprise, but also includes other objectives too.  In these cases, attackers will attempt to find opportunities to commit fraud or exfiltrate data, leaving ransomware as a final parting gift.”

“Whereas ransomware, phishing, unauthorized network access, malware (ransomware being a type), zero-day vulnerabilities, etc., are all methods, these attacks are not all perfectly detached from one another.  A phishing attack may lead to unauthorized network access, which might lead to discovery and exploitation of a zero-day vulnerability, that leads to account compromise, that finally give an attacker the ability to deploy ransomware throughout the organization.  Sometimes there are fewer steps in the process (phishing that self-propagates ransomware enterprise-wide), but this often isn’t the case.”

Top Malware Payload Families, Q4 2021 Have Qbot & ZLoader At The Top By A Lot

Posted in Commentary with tags on January 24, 2022 by itnerd

Qbot and ZLoader payloads targeting enterprises contributed to almost 89% of email-based malware volume in Q4 2021 according to PhishLabs by Helpsystems. The company monitors payload families reported in corporate inboxes to proactively prevent and remediate these threats.

Key findings are:

  • The Qbot banking trojan was the top payload family detected in phishing attacks in Q4, contributing to 59.3% of reports.  Qbot led all other payloads in the first half of 2021, before experiencing a dip in volume in Q3.
    • Active since 2008, Qbot is capable of logging keystrokes, stealing financial information, and compromising credentials.
  • ZLoader had the second highest payload volume among known families in Q4, contributing to almost 30% of reports. A variant of the Zeus banking trojan, ZLoader is a popular MaaS that maintained a dominant presence throughout 2021.
    • ZLoader is a multipurpose dropper often associated with the Conti and Ryuk ransomware families. Recent Zloader email campaigns delivered the malware through malicious Google ad campaigns and by exploiting Microsoft’s signature verification.

According to PhishLabs:

“Ransomware is a billion dollar business with a low barrier to entry. The tools used for a campaign and the actors behind them are in a constant state of metamorphosis as pressure to evade detection goes hand-in-hand with a successful attack. This fluidity makes it challenging for enterprises to proactively detect malicious payloads before they culminate in a ransomware attack.”

Visit: for the complete findings.

Cisco Talos Takes A Looks At ‘WhisperGate’ Wiper Malware Used In Ukraine

Posted in Commentary with tags on January 24, 2022 by itnerd

Researchers with Cisco Talos have broken down the WhisperGate wiper malware used in Ukraine to deface websites, noting similarities between the ‘WhisperGate’ dubbed malware and the previously seen NotPetya wiper. Cisco Talos reports that while there are similarities, WhisperGate has more capabilities ‘designed to inflict additional damage’ using multiple wipers to successfully attack different modern systems.

Saryu Nayyar, CEO and Founder, Gurucul had this comment:

“Stolen credentials being abused continues to be a major factor in many malware campaigns. However, identity infrastructure is insufficient to prevent seemingly legitimate users from doing damage. User access analytics with advanced machine learning models that understand how users are engaging in abnormal behaviors which we can then clearly attribute to a malware attack with high confidence. Only a next generation SIEM with these specific capabilities can help security teams with a critical vector of many major attack campaigns in order to accelerate an appropriate response.”

Cisco Talos recommends this mitigation strategy:

Cisco Talos supports the recommendations made by CISA that organizations with interests in the area carefully monitor and isolate systems with connections to Ukraine due to the ongoing challenges they face. This mirrors the recommendations we made in 2017 shortly after NotPetya and our analysis of the malware’s effects.

If that’s you, I would take their advice and run with it.

UPDATE: Chris Olson, CEO, The Media Trust had this to say:

“New reports on the ‘WhisperGate’ malware prove that global cyber actors are becoming more sophisticated, more dangerous and better at evading detection. As web-based attacks become increasingly intertwined with political motives, we expect a rise in similar incidents targeting government agencies, big corporations and critical infrastructure.”

“It’s crucial for decision makers to realize that Web is a powerful threat vector: more powerful than email, and other traditional channels for cyberattacks. Going forward, continuous monitoring of digital assets is the only way to stay safe, collect evidence, and keep up with a constantly shifting cyber landscape.”

UPDATE #2: Bryson Bort, Founder & CEO, SCYTHE had this to say:

“WhisperGate reflects the gray area of destruction and disruption that nation state actors use as a lever in realpolitik: in this case, Russia is using these tactics because there is no reprisal they fear from Ukraine and her allies while making a clear threat of more. Expect more. And, the rest of us can only hope the collateral damage is contained.”

HP Enhances The Ultimate Office Experience With Intelligent Collaboration & Creation Technology

Posted in Commentary with tags on January 24, 2022 by itnerd

HP Inc. today introduced new commercial All-in-One (AiO) and desktop PCs for dedicated work spaces in today’s hybrid world, expanding its portfolio of PCs designed to empower workforces and IT departments to securely collaborate and create from in the office or at home.

With nearly 60% of people splitting their time between work and home, hybrid work doesn’t always mean mobility and notebook PCs. Desk-side users need dedicated places to work and want robust and reliable desktop PCs designed for always-on, always-ready productivity.

Collaborate with All-in-One PCs Enhanced by HP Presence

When people are working from a dedicated space in the office or home, HP All-in-One PCs are the optimal collaboration solutions. Enhanced by HP Presence, the latest HP AiO PCs deliver exceptional video conferencing experiences that give everyone an equal seat at the table. Users can look and sound their best with a 5MP camera with HP Auto Frame to keep them in the camera’s field of vision, Dynamic Voice Leveling for optimized voice clarity, and AI-noise reduction 2.0 for enhanced audio. The optional 16MP binning (4MP) camera automatically adjusts to capture more video detail when working in extreme lighting conditions – very dark or very bright. Using the MyHP app, users can easily customize their PC experience in a single dashboard – from adjusting audio and video settings to enabling the latest updates for HP hardware and software innovations. Users can also stay focused and minimize distractions with HP Run Quiet Design.

When it comes to IT, the new HP AiO PCs helps simplify the way they deploy, secure, and manage their HP PC fleets. The self-contained design makes them easy to set up so users can get to work quickly. With the security of company assets and data always a top concern for IT teams, HP Wolf Security for Business helps protect the AiO PCs from modern threats to keep company and user data safe. Additionally, Monitor Mode extends the PC lifecycle by automatically converting the AiO PCs into a stand-alone display, giving IT incremental devices to deploy while users gain a secondary monitor without adjusting input settings.

The HP Presence AiO Conferencing PC with Zoom Rooms is a superb solution for people who want to collaborate and get work done from a focus space. Available with a 23.8” or 27” display and powered by the latest Intel® processor, the elegant HP Presence AiO Conferencing PC promotes productive business and personal meetings where content sharing is a snap and working together is seamless. With Zoom Rooms software preinstalled, users have everything they need to conduct high quality meetings and when collaboration needs more than verbal expression, they can get their point across with on-screen annotation and whiteboarding to better brainstorm and visually connect with their team.

The HP EliteOne 800 G9 AiO Desktop PC Enhanced by HP Presence, powered by the latest Intel® processors and Windows 11,is the perfect command center for your hybrid workspace. Available with a 23.8” or 27” display, the HP EliteOne 800 G9 AiO features beautiful silver aesthetics complemented by clean-desk cable management and a small footprint making it superb for the home or office. Users can tackle demanding projects and virtual conferences throughout their workday with Wi-Fi 6E and Bluetooth 5.2 for improved connectivity. The adjustable height on the stand with optional wireless charging, and integrated VESA mounting provide hybrid work flexibility.

Take on the Workday with Powerful Desktops

The HP Elite 800 G9 Desktop PC Series, powered by the latest Intel® processor, is designed for the performance and multi-tasking required by today’s increasing workload for modern workers. These desktop PCs provide adaptable performance, AI-enabled collaboration, and strong security and manageability experiences.

  • The HP Elite Desktop Mini 800 G9 Desktop PC can tackle intense workflows and handle big files and multi-tasking with ease – all in a PC the size of a book. Users can connect up to eight displays to increase their digital canvas and productivity. The PC turns into a collaboration powerhouse when paired with an HP E-Series Conferencing Monitor – built fully integrated with a webcam, mic, and speakers so users can conduct meetings like a pro and present their best self on every call.
  • The HP Elite Small Form Factor 800 G9 Desktop PC delivers uncompromising performance, expandability, and reliability in a space-saving design.
  • The HP Elite Tower 800 G8 Desktop PC delivers the high-performance needed for power users whose workloads include handling complex programs, rendering, and demanding graphics content.

HP also announced the HP Elite 600 G9 Series Desktop PCs and HP Pro 400 G9 Series Desktop PCs with the latest Intel® processors and fast DDR5 memory for the speed and responsiveness needed by multi-taskers working in the office or a dedicated workspace at home.

Step into Professional Performance with Z

At CES 2022, HP announced the HP Z2 Mini G9, the world’s most powerful mini workstation,[vi] engineered to get incredibly high performance in an insanely petite PC design. The Z by HP entry desktop portfolio is built for designers working in multiple applications at once, 3D modeling, and complex visualization, including ray tracing and virtual reality. Today’s designers, engineers, and students strive to stay in the creative zone, yet physical environments range from spacious to tight desk spaces, from the office or classroom lab to home. The new entry Z desktop line-up combines uncompromised performance and market-leading expandability.

  • The Z2 SFF G9, the world’s most powerful SFF workstation, is a hybrid work powerhouse with the ability to tackle high-performance design, simulations, and real-time ray tracing for the first time on a SFF workstation. With support for full height, full length NVIDIA RTX™ professional graphics and next-gen Intel® Core™ K-Series processors, the Z2 SFF G9 brings tower power at a fraction of the size. 
  • The HP Z2 Tower G9, HP’s most powerful entry workstation, is engineered to seamlessly run applications for quick rendering, fast simulations, and real-time raytracing. Powered by next-gen Intel® Core™ processors, including K-Series, and NVIDIA RTX™ professional graphics, tackle high-performance workflows without any throttling in a product built for today, and future-proofed with impressive expandability features for when performance demands change.
  • The HP Z1 Tower G9, HP’s most affordable entry desktop workstation, brings designers and editors ISV certified hardware and industry leading security for professional workflows.

Dark Souls Servers Taken Down To Prevent Hacks Using Critical Remote Execution Bug

Posted in Commentary with tags , on January 24, 2022 by itnerd

Dark Souls, the popular video game, has reportedly taken down their servers to prevent hacks via some critical bugs that could allow bad actors to take control of your PC. According to reports on Reddit, the vulnerability is a remote code execution, which could allow attackers to take control of users’ systems, gain access to sensitive info, plant malware or use resources for crypto mining. Dark Souls confirmed the temporary deactivation of Twitter.

There is currently no indication when things will come back online.

I have a pair of comments to share. First is from Saryu Nayyar, CEO and Founder, Gurucul:

“The risk of remote worker networks is very apparent from this attack. As we connect our gaming systems to the same network as resources that attach to the corporate network, the infection can easily spread from home to a much bigger operation. It is critical for security teams to understand how users are accessing network resources but incorporate that information into risks and severity associated with attack campaigns. This is where identity and specifically access analytics incorporated into next generation SIEM can narrow down indicators of compromise and determine malicious behaviors hiding as authorized user activity.”

The second is from Jorge Orchilles, CTO, SCYTHE:

Remote code execution (RCE) vulnerabilities aren’t new or rare but they are dangerous when no one knows they exist. We see threat actors use RCEs all the time, especially when the vulnerabilities do not have a patch available. Cybercriminals can use these vulnerabilities to execute malicious code in the application to gain access to the underlying system for fun and profit. Companies impacted by these types of vulnerabilities need to take immediate action to protect their customers by releasing patches. Meanwhile, gamers affected should monitor their systems for abnormal activity such as crypto-miners.

Taking this game offline, at least partially is the right move. Hopefully that Bandai Namco who make the game are able to fix this issue, bring the service back online, and assure users that the only pwnage that will take place is related to the game.

Review: Creative Outlier Air V3 True Wireless Earbuds

Posted in Products with tags on January 24, 2022 by itnerd

Creative is a name that has been around for a very long time. In fact as a kid in the 1980’s and early 90’s I would insist on having a Sound Blaster audio card in every PC that I built on the kitchen table.

There. I’ve dated myself.

Creative past the 90’s then fell off my radar screen. Largely due to the fact that sound cards started to be built into every PC motherboard. But thanks to the Creative Outlier Air V3 True Wireless Earbuds, Creative is back on my radar screen as these are very good true wireless earbuds at a pretty compelling price. Let’s start with what comes in the box.

Here you get the earbuds which can be used independently as they connect as two separate devices to your phone, and the charging case. You get up to 40 hours of total playtime factoring in the case with up to 10 hours of battery life per charge of the earbuds which is none too shabby.

You also get small and large ear tips (mediums are installed), a USB-C to USB-A cable, and the usual documentation. But if you have a Qi wireless charger, you won’t need the USB cable as it is Qi compatible. Simply drop it on your charger and watch it charge.

One thing that I really have to highlight is that the case makes it really easy to discern what the charge status is.

The above video shows three red lights that are flashing. This means that the case as well as the individual earbuds are not fully charged. I have this placed on this wireless charger which is charging them.

In this video you’ll note that there’s one green light in the middle. That means that the case is charged, but the earbuds are still charging.

Alternately in this example, the earbuds are charged as shown by the green lights on the left and right side. But the case isn’t charged as shown by the red light in the middle.

If everything is charged, you get three green lights. You can also see the USB-C connector that you can use to charge via a cable. All of this makes it crystal clear what the state of the earbuds are. I applaud Creative for making it simple.

Here’s the earbuds in the case which slides to the left to give you access to the earbuds. I have to say that while you can still put these in your pocket, they are not going to fit comfortably in the pockets of your skinny jeans.

With all of that out way, here’s the key specs:

  • 6mm drivers
  • AAC and SBC audio codec support
  • Bluetooth 5.2
  • IPX5 Water resistance
  • Support for virtual assistants such as Siri or Google Assistant
  • Two microphones per earbud for a total of four
  • Ambient Mode and Active Noise Reduction
  • Support for Super X-Fi
  • Touch controls on each earbud

I want to draw your attention to the fact that it has IPX5 water resistance. That’s kind of unusual in a good way as most truly wireless earbuds have IPX4 water resistance. That makes these perfect for those who work out and sweat heavily. But on the flip side they aren’t waterproof. So if you submerge them, they will likely die.

Pairing them is just like any other pair of truly wireless earbuds. But to make sure that you have the best experience, I would recommend downloading the Creative App which is available for Android or iOS. This will help you to update the firmware and set up the touch controls to your liking. And as a plus you have total control over most things that matter like volume, switching between Ambient Mode and Active Noise Reduction, going to the next track or back a track, or summoning your smart assistant. Not to mention tweak the Ambient Mode and Active Noise Reduction to your liking. Now there’s a second app called the SXFI app which according to Creative helps you to “Create your Super X-Fi profile and enjoy a preview of Super X-Fi Headphone Holography’s cinematic audio wirelessly on your mobile device’s local content. The Super X-Fi Headphone Holography works for local music files downloaded onto your device; it does not support streaming content (e.g., Spotify, YouTube, and Netflix).” In other words, it’s Creative’s answer to Apple Spatial Audio. It’s also available for Android and iOS and I’ll talk about that more in a bit.

My first test was to do a voice recording and see how it sounded like if I was on a phone call, a Zoom call or a Teams call. I’ve got the recording below and I’ll let you listen to it before I share my thoughts.

Like I said in the audio test, it sounds a bit hollow. But the audio is otherwise fine. Thus if you need them for Teams or Zoom calls, people will be able to hear you just fine. Ditto for old fashioned phone calls.

Music however is where the Outlier Air V3 start to shine. I tested these against the AirPods Pro in a variety of scenarios. Some of which included background noise so that I could see how they would handle blocking out the noise, or letting it in. My test song was “Let’s Do This” Danell Arma and here’s my thoughts:

  • Compared to the AirPods Pro, the Outlier Air V3’s had a bit more bass but bright treble and mids. The result is that music doesn’t sound as “flat” as the AirPods Pro. This is a sound that I personally like. The Outlier Air V3’s also do a great job of picking up small details as well.
  • The active noise reduction is good, but not as good as the AirPods Pro as that will eliminate things like HVAC units while the Outlier Air V3’s simply reduces the noise. Having said that, these will work well in an office environment as they eliminate all but the loudest of spoken words.
  • The ambient mode is pretty good as it does let in the outside noise pretty decently. But it doesn’t measure up to the AirPods Pro which are freakishly good. But I doubt that you will have any reason to complain in terms of what the Outlier Air V3’s deliver.

Now let’s get to Super X-Fi. As mentioned above this is Creative’s answer to Apple’s Spatial Audio. I tried this out with the same song that I used with my earlier testing and found that X-Fi does make what are pretty good even better. The catch is that you have to use their SXFI app and create an audio profile using your phone’s camera to listen to music this way. Creating the audio profile was a bit of a challenge as I had to use a bathroom mirror to help me position the rear camera relative to my ears and my face. But once you do that, you never have to do it again.

My final test was to test how well they performed in a workout seeing as Creative advertises them as being ideal for workouts as they are marketed as being “sweat proof”. To that end, I did two bike rides on Zwift. The first was an all out 7 kilometre ride which made me sweat a lot. The second was a moderate 1 hour ride that had two all out efforts lasting 40 seconds each and one all out effort lasting 7 minutes. The all out efforts made me sweat a lot. The result was that once I had the proper ear tips installed, they had no issues staying in my ears and felt comfortable the entire time. And I had no issues with sweat as the earbuds still worked fine after both rides.

Gripes? I have three that are sort of minor:

  • The first is that these earbuds don’t support multiple connections. While they can pair with up to nine devices, you can only use one device at a time. So connecting with a phone and a laptop at the same time for example is a no go. That functionality would be handy for those of us who spend a lot of time on Teams and Zoom calls on the computer, but at the same time you still need to answer a call on a smartphone. It’s not a deal breaker for me, but it would be nice to have that functionality as I am used to it with the AirPods Pro. And there are other earbuds that do this as well. Perhaps Creative can bring that functionality to these earbuds via a software update in the future.
  • The sensitivity of the touch controls is kind of finicky. For example, I tried to go from Ambient Mode to Active Noise Reduction and I got Siri instead. While I am sure that you will eventually get used to the touch controls, it would have been nice to have tactile physical buttons to make life easier.
  • Finally, there’s no in-ear sensor that stops the music when you take one of the buds out of your ears. It’s not a deal breaker for me as I’ve turned that functionality off on my AirPods Pro. But it may be a deal breaker for someone.

Now to the cool part of this review. The price for these is $69.99 USD. But Amazon Canada has them for $79.99 CAD and Amazon US has them for $54.99 USD. So you can find a deal if you look around. The bottom line is that the Creative Outlier Air V3’s are a great value given the sound quality and the feature set. Thus they absolutely deserve your time and attention if you are in the market for truly wireless earbuds.

TruU & CrowdStrike Deliver Identity-First Security For True Zero Trust

Posted in Commentary with tags , on January 24, 2022 by itnerd

You can’t execute a Zero Trust model without first trusting user identities, and that means authenticating them continuously–from the time they try to login to the moment they log out.

Combining continuous identity authentication with risk assessment at the endpoint allows for intelligent real-time threat response and strikes the perfect balance between a robust security posture and a seamless user experience. 

Too often, security controls are too stringent, which results in loss of productivity, or too permissive, which increases enterprise risk. Now, TruU and CrowdStrike have teamed up to add Zero Trust assessment (ZTA) scores to the TruIdentity Cloud authentication risk engine, providing the most comprehensive and efficacious Zero Trust solution with continuous identity at its core.

Simultaneous device risk data and identity authentication allow customers to implement policies that respond to potential threats as they happen by stepping up identity verification on compromised endpoints and limiting access to high-value assets associated with those endpoints.  

Use Case #1: Stepping up identity authentication on potentially compromised devices

  • How they do it: TruU + CrowdStrike takes the endpoint ZTA rating and feeds it into the TruU risk engine for an overall risk score. The TruU risk score is compared against the user’s policy threshold, and if the score is within bounds, the user is logged in. If the score is higher than the threshold, then another factor is required for access.
  • Why they do it: To ensure the combination of user identity and endpoint trust meets enterprise security requirements.

Use Case #2: Stopping authentication into high-value assets from compromised devices

  • How they do it: Once authenticated into a potentially compromised device, TruU stops the user from further authenticating into servers or remote machines until the local device ZTA score is mitigated.
  • Why they do it: To allow users to authenticate at the endpoint while limiting the spread of data breaches and lateral movement threats.

Use Case #3: Rewarding users with better experiences while keeping endpoints secure

  • How they do it: The authentication experience communicates and demonstrates more productive ways for users to authenticate when they follow prescribed endpoint update schedules. 
  • Why they do it: Boosts employee engagement across the enterprise employees so they care more deeply and keep their endpoints within acceptable security guidelines.

TruU combines strong identity proofing, presence, biometrics, and behavioral markers in the TruIdentity Cloud to deliver the most comprehensive passwordless solution for all physical and digital workflows. Its TruPresence capability is a groundbreaking innovation that allows individuals to authenticate into workstations, physical doors, and other sensing assets simply by being close to them and removes the zero-sum trade-off between better security and a better user experience. 

TruIdentity Cloud comes with pre-built, standards-based integrations across the entire identity stack to support full-spectrum authentication. Remote onboarding and identity proofing, workstations, apps, servers, VPNs, Windows, Mac, and privileged access are all supported, as is physical access via badge readers. To discover how TruU can help you remove the largest security risk in your organization, visit