|
Data Security Solutions – from WinMagicData Security Solutions – from WinMagic

WinMagic Data Security Blog

Thi Nguyen-Huu
40 posts
Thi is the President and CEO of WinMagic, which he founded in 1997, with a vision to create encryption solutions that are secure, sophisticated yet easy-to-use for enterprises. Today this vision has evolved to Intelligent Management for Everything Encryption. When he is not busy running and growing the company, Thi is sport enthusiastic and thus always competitive. His one concession to constant competitiveness is leading a weekly Integral Taichi CK10 class at work, which provides relaxation and harmony to his hard working WinMagicians. Thi writes from a position of constant leadership and innovation; having two past successful ventures, his knowledge and experience will offer interesting insights within the security industry.
WinMagic CEO Thi Nguyen-Huu featured in The Fast Mode on endpoint encryption as the missing foundation of zero trust

Why Endpoint Encryption Is the Missing Foundation of Zero Trust

Your endpoints already have the hardware to verify and prove device and user integrity continuously. The industry just has not been using them correctly. The cybersecurity industry has been looking at the endpoint backwards. The prevailing view treats endpoints as vulnerabilities to be locked down. In his interview to the Fast Mode, our Founder and…
The Flaw in Modern Passwordless Authentication

The Flaw in Modern Passwordless Authentication

The architectural flaw behind trillions of online transactions every day — and the fix that is already possible today. The passwordless authentication protocols we rely on trillions of times a day have a fundamental flaw. Correcting it eliminates phishing, session hijacking, and AI-driven attacks — with no user action at all. This is the argument…

Electronic Signatures vs. Digital Signatures: What Most Businesses Get Wrong

Not all electronic signatures are created equal. As WinMagic CEO Thi Nguyen-Huu puts it during his interview with Forbes: “A simple electronic signature is just an image of ink on a screen. A true digital signature is pure math, legally and cryptographically binding an identity to a file.” The efficiency benefits of e-signatures are well…
How Should Businesses Disable SSO for Security

How Should Businesses “Disable SSO” Without Destroying Productivity?

The era of the long-lived session is over. The most damaging cyberattacks of recent years have proven that session hijacking is the path of least resistance for modern threat actors. Attackers no longer need to steal your password. They steal your session, and they become you. In response, enterprises are increasingly attempting to “disable SSO”…

60% of Cyberattacks Break Identity — Is Identity First a Bad Idea?

WinMagic CEO Thi Nguyen-Huu was recently featured in the March 2026 edition of Cyber Defense Magazine, challenging a foundational assumption in modern cybersecurity.   For years, the industry has moved away from network perimeters toward identity-based security. Zero Trust architectures reinforce this shift by requiring identity verification before granting access. At the same time, identity attacks…
What Comes Next for Passkeys?

What Comes Next for Passkeys?

Passkeys are rapidly becoming the modern baseline for secure login. They replace passwords with strong public-key cryptography, provide consistent protection across platforms, and help everyday users move away from fragile, error-prone authentication habits. The industry’s broad embrace of Passkeys is a meaningful step forward. But as WinMagic has been doing for almost three decades, we…

WinMagic Challenges Identity-First Security: The Industry Has Been Verifying the Wrong Identity

As identity-first security continues to fail, WinMagic, a cybersecurity innovator known for pioneering full-disk encryption and secure endpoint authentication, calls for a structural shift in online security—toward simpler, stronger trust with no user friction. TORONTO, Jan. 13, 2026 /PRNewswire/ — Historic and current approaches to online security have focused on the user, but overlooked three essentials: verifying…

Why Online Access Doesn’t Need Authentication: Lessons from Spycraft

In cybersecurity, we often treat authentication as sacred. Passwords, tokens, biometrics, MFA—these rituals dominate our mental model of what it means to be secure online. But what if we’ve been asking the wrong question? What if the real goal of online access—especially in its most common form—is confidentiality, not identity? And what if authentication isn’t…

Cybersecurity: The Puzzle We Can Solve with Common Sense!

For decades, cybersecurity has been treated as an unsolvable puzzle—too complex, too layered, too dependent on human behavior. The industry responded with more layers, more products, more frameworks—each trying to patch the last gap. But what if the answer was hiding in plain sight? What if common sense—the same logic we’ve trusted for thousands of…

The Forgotten Factor in the Authentication Hall of Fame

For decades, authentication has been built on three pillars: What you know (passwords, PINs) What you have (tokens, phones) What you are (biometrics) These factors have served us well. They’ve become the Hall of Fame of authentication. But what if there’s another factor—one that makes authentication harder for attackers to fake and easier for users to experience? In…
keyboard_arrow_up