Authentication is Hot – Again?

By Mark Bouchard | September 30, 2020
space shuttle

Wait a sec. Was authentication ever hot? Perhaps when clientless VPNs took off (~2005), but only somewhat. More like warm, I’d say.

Well, don’t look now, because as the late Robin Williams exclaimed in Good Morning Vietnam, “it’s hot, damn hot.”

Apparently, so too is the rest of the IAM (identity and access management) panoply.

According to the May edition of TRN Insights (available at www.theroundtablenetwork.com), “revamp or enhance IAM” is the #2 priority of today’s CISOs, behind only the closely related priority of achieving “safe migration to cloud.” What’s in the #3 slot? More IAM stuff, of course: “privileged access management & access controls.”

So what’s behind this surge in all things identity?

There’s little doubt that the work-from-home trend is a major factor; sort of like a diesel train pushing/pulling IAM up the track. Then there’s the parallel trend on the B2C side, as COVID-19 (more like a rocket ship) drives an ever greater portion of our lives into the digital domain.

All of this “access” results in a greater digital footprint, a greater attack surface that needs to be defended. And having confidence in users’ identities (aka, authentication) is foundational to that defense – especially when it comes to thwarting phishing, account takeover attacks, and myriad other forms of online fraud.

Equally important, all of this access is also driving the need for more effective authentication (and IAM solutions, in general). Unpacking that deceptively simple concept of “effective” a bit further, what’s needed are solutions that:

  • are stronger, in terms of the level of identity confidence they deliver,
  • carry a lower TCO, so that they can be applied more broadly, and
  • are easier to use, such that they don’t slow users down or promote undesirable behaviors.

The result is not only a resurgence of interest by the enterprise in everything IAM, but also a forced evolution of associated solutions. The emergence over the past couple of years of so many passwordless authentication – and, now, passwordless IAM – solutions is evidence of that point.

The trick for enterprise security teams is finding a minimum set of solutions that deliver against the requirements listed above while providing coverage for a maximum set of use cases.

The trick for authentication and IAM solution providers is clearly differentiating your offerings from all of the others that are also clamoring for buyers’ attention.

AimPoint Group is here to help. If you’re struggling to solve either of these puzzles, give us a call today.

Posted in Cybersecurity Trends