Axiad Releases Certificate-Based Authentication (CBA) for IAM to Amplify Protection for Organizations with Existing Identity Security Systems

November 15, 2022

Axiad Cloud Extends Functionality of Identity Access Management (IAM) Systems to Deliver Phishing-Resistant, Multi-Factor Authentication (MFA)

Santa Clara, CA, November 15, 2022 – Axiad, a leading provider of organization-wide passwordless orchestration, today released Certificate-Based Authentication (CBA) for IAM, its newest offering in the Axiad Cloud authentication product line.  Certificate-based authentication is a more secure, phishing-resistant form of multi-factor authentication (MFA) which is an essential part of the White House’s mandate to adopt a Zero Trust architecture.  With Axiad’s CBA for IAM, security teams can easily extend the capabilities of their existing IAM systems and boost their overall cybersecurity posture.

An organization’s IAM ecosystem can be surprisingly complex. According to a recent Axiad survey of security executives, 70% use 3 or more IAM systems across their organization, and more than half use 4 or more. Since it rarely makes sense to replace these disparate systems, and because most organizations don’t have the resources to create a custom approach that spans all systems, security teams are under constant pressure to manage the risks caused by gaps in visibility and functionality. Moreover, most IAM systems don’t support certificate capabilities, and most IT teams don’t have the tools to manage credential roll out and maintenance across a diverse end-user base.

Augmenting the Security of Existing IAM Solutions

Leveraging the power of the Axiad Cloud, CBA for IAM extends the built-in functionality of a company’s existing IAM system(s) to provide passwordless, phishing-resistant MFA for every user.  Further, because CBA for IAM can overlay multiple IAM systems, use cases, and operating systems – including Microsoft Windows, Apple OS, and Linux – it can help organizations be more consistent and systematic in how they authenticate, which naturally delivers additional protection by eliminating inconsistencies that can be exploited by bad actors.

“As the number of identity-related attack vectors continues to rise, organizations can no longer rely on fragmented and independent authentication processes for each individually supported IT service,” noted Steve Brasen, Research Director at Enterprise Management Associates. “Instead, businesses must look at the problem holistically and apply an appropriate level of phishing-resistant security in a methodical, consistent manner across the whole of the organization in a way that does not diminish workforce productivity. If cyber attackers are no longer thinking in silos, then neither should security professionals.”

Streamlining Credential Management

In addition to bolstering security, CBA for IAM also delivers operational and end-user benefits that are critical for organizations that need to manage the bottom line and avoid business disruption.  Its Credential Dashboard uniquely provides streamlined workflows to roll out and to manage credentials across their lifecycle, and its self-service capabilities enable end users to provision and reset credentials without IT involvement.

“Enhancing your security with phishing-resistant, multi-factor authentication for every user is a must have in today’s environment, but if you do so at the expense of your administrators or end users, any success will be fleeting as costs will mount and users will work around the practices you’ve implemented,” said Yves Audebert, Chairman, President & Co-CEO of Axiad.  “Axiad’s CBA for IAM helps organizations find a balance by augmenting the native authentication capabilities of an organization’s IAM systems, while also helping streamline core processes for administrators and making the enhanced authentication process friction free for end users.”

About Certificate-Based Authentication (CBA)

Certificate-based authentication is one of the most secure, phishing-resistant forms of multi-factor authentication (MFA) and is increasingly deployed in enterprises and the public sector. Many enterprise employees, as well as the majority of federal agency and defense employees/contractors, use a strong token such as a smart card or hardware device for authentication. CBA streamlines the process of authenticating users with a variety of tokens while improving overall protection.

As part of the movement towards CBA, last month Axiad joined with Microsoft to announce support for Microsoft Entra ID certificate-based authentication (CBA). With integrated support for Microsoft Entra ID CBA, Axiad enables Microsoft customers to implement phishing-resistant MFA and ensures a seamless migration from legacy infrastructure to the cloud. Further, Axiad’s Credential Dashboard provides visibility into Microsoft Entra ID and Windows Hello for Business credential issuance, status, and issues across the entire user base. Taken as a whole, these capabilities streamline administrators’ work while minimizing friction for end users.

The requirement to implement phishing-resistant MFA is addressed in the January 2022 memo from the U.S. Office of Management and Budget. This directive requires agencies to achieve specific zero trust security goals by FY 2024, including the use of phishing-resistant MFA to protect personnel from sophisticated online attacks.

Axiad’s CBA for IAM is a turnkey SaaS offering that supports a wide range of smart cards and hardware devices (such as YubiKey) without requiring a Trusted Platform Module (TPM). This combination of packaging and flexibility overcomes the organizational barriers to adoption described previously.  For more information about this solution, visit Axiad’s product page.

About Axiad

Axiad delivers organization-wide passwordless orchestration to secure people, machines, and interactions for enterprise and public sector organizations that must optimize their cybersecurity posture while navigating underlying IT complexity. The company’s flagship product, Axiad Cloud, is a comprehensive, secure and integrated authentication platform that allows customers to move to a passwordless future without the friction and risk of fragmented solutions. Axiad supports the widest range of credentials in the industry including FIDO, mobile MFA, Windows Hello for Business, YubiKeys, smart cards, TPM and biometrics, and is trusted by public sector organizations and Fortune 500 companies across aerospace & defense, financial services, insurance, healthcare, oil & energy and more.

 For more information visit and follow us on Twitter and LinkedIn.


Media Contact:

Suzanne Tuchler, Eskenzi PR, 408-307-6900, [email protected]