Adopting Zero Trust with Bitwarden: The Mighty Password
Adopting Zero Trust11 Touko 2023

Adopting Zero Trust with Bitwarden: The Mighty Password

There’s no avoiding it, the headlines have not been kind to the ways we access systems today. Users are still using 1234, password, and even their dog's name. Not just using these weak passwords but also reusing them across multiple platforms, making it incredibly easy to breach someone once they’ve been caught up in a previous breach. On the vendor side, well we all know what’s happened there in the past 12 months, and now more than ever, password management platforms have growing targets on their back as high-value assets.

But we are not here to throw rocks in the glass house nor try to dissect what goes well or goes wrong in these situations; however, we should all focus on what we can take away from them and ensure they are not repeated. This concept aligns well with Zero Trust, where we should assume systems are already breached, that your users - be it intentionally to shitpost in a discord channel or accidentally fall for a phishing lure- and we should remove as much implicit, unchecked trust as possible. At least until Skynet takes us all out, but we have a few good years ahead.

Jokes aside, we have a great episode for you and appreciate Bitwarden lending us two of their C-suite members who cover a range of topics, including how they navigate these challenges. This week we chat with Bitwarden’s CEO Michael Crandell and Chief Customer Officer Gary Orenstein. Bitwarden offers an integrated open-source password management solution for individuals, teams, and business organizations. It also offers a self-hosted solution, which appeals to those who want greater control over their secrets.

Key Takeaways
  • The use of a Zero Knowledge architecture means that the company, whether cloud-hosted or self-hosted, should not be able to access sensitive information without the user's permission.
  • Open-sourced solutions offer additional layers of trust as there are more eyes are on the product and can vet it for security
  • Passwordless authentication is the future

Hosted on Acast. See acast.com/privacy for more information.

Jaksot(58)

The key to growing a cybersecurity career are soft skills

The key to growing a cybersecurity career are soft skills

In this episode of 'Adopting Zero Trust (AZT)', host Neal Dennis and producer Elliot Volkman delve into the often-overlooked realm of soft or 'non-tech' skills in cybersecurity.This week, we chat with...

19 Joulu 202450min

Behind the scenes of cybersecurity media and reporting

Behind the scenes of cybersecurity media and reporting

Season 3, Episode 15: We gather a panel of journalists, communications, and a researcher to discuss how cybersecurity news and incidents are reported.You can read the show notes here.In the world of c...

21 Marras 20241h 4min

GRC tool or spreadsheets, that is the question | GRC Uncensored Preview

GRC tool or spreadsheets, that is the question | GRC Uncensored Preview

In our final preview episode of GRC Uncensored, we explore a particularly bipolar debate: do you need a GRC tool to manage compliance, or will spreadsheets suffice?After this, we will be back to our r...

24 Loka 202443min

Podcast Preview: GRC Uncensored and the commoditization of compliance

Podcast Preview: GRC Uncensored and the commoditization of compliance

We are interrupting our regularly scheduled podcast series to introduce you to a new series we developed: GRC Uncensored.This pilot season will elevate conversations about GRC that are often buried un...

10 Loka 202441min

How to prepare your operations team for Zero Trust

How to prepare your operations team for Zero Trust

Welcome back to Adopting Zero Trust! In this episode, hosts Elliot Volkman and Neal Dennis are joined by Rob Allen, Chief Product Officer of ThreatLocker, to dive deep into the operationalization of Z...

26 Syys 202446min

Log4j Continues to act as Organizational Vulnerability

Log4j Continues to act as Organizational Vulnerability

Season 3, Episode 13: Cato Network’s Etay Maor provides fresh research on the abuse of unpatched log4j libraries.Catch this episode on YouTube, Apple, Spotify, or Amazon. You can read the show notes h...

5 Syys 202447min

Overturning of Chevron Deference’s Impact on Cybersecurity Regulation

Overturning of Chevron Deference’s Impact on Cybersecurity Regulation

Season 3, Episode 12: Could the overturning of Chevron Deference impact cybersecurity and privacy regulations?Catch this episode on YouTube, Apple, Spotify, or Amazon. You can read the show notes here...

20 Elo 202451min

Applying Vulnerability Management to Zero Trust

Applying Vulnerability Management to Zero Trust

Season 3, Episode 11: Vulnerability management is critical to any Zero Trust strategy, but you probably already know that. Fortra’s Tyler Reguly breaks down severity vs. risk.Catch this episode on You...

1 Elo 202445min