The evolution of strong authentication
- Sensitive corporate and personal information is of value to criminals
With data losses becoming everyday news, there has never been a stronger imperative to secure sensitive information. To prevent data falling into the wrong hands, governments and industry standards bodies are increasingly mandating that stronger security controls be used to protect data. The use of strong authentication removes uncertainties as to who is accessing what information.
- Strong authentication systems have evolved to remove the complexities and costs of deployments
The current generation of server-based authentication systems provide centralised management capabilities that automate all of the tasks involved in strong authentication rollouts, removing the complexities and costs associated with manual processes and reducing the burdens on help desks through provision of self-service capabilities.
- New services using cloud-based delivery models open up the playing field
Subscription-based services, provided in the cloud, place strong authentication services within the reach of even the smallest organisation and are especially suited to today's economic climate where capital expenditures are being slashed, since no upfront software or hardware investments are needed.
- New authentication methods cover a wider range of needs
Hardware tokens provide high levels of security, but are expensive to purchase, distribute to users and manage on an ongoing basis. New types of authentication form factors are now available as software tokens, SMS tokens or even non-token-based authentication methods. These allow strong authentication to be extended to a wider range of environments, including mobile devices, and online portals and collaboration tools for increased productivity and security.
- The evolution to open authentication platforms will herald a new era for digital identities
Open authentication platforms that accept authentication methods from any technology vendor or service provider will see strong authentication come into much more widespread use among organisations, their customers and individuals for identity and access assurance across a wide variety of online services. Incorporation of industry standards such as the security assertion markup language (SAML) will see the promise of federated identity realised, requiring just one authentication event to access a range of services.
Strong authentication is not a new approach for removing the uncertainties of who is accessing what information and has always provided higher levels of security than the use of user name and password combinations alone. However, such technologies have evolved a long way from the manually intensive implementations of yesteryear. Now, efficient, fully automated systems have cut much of the cost and complexity of deploying such technologies and new cloud-based delivery models provide the ability to cut bottom-line costs yet further-something that is essential for many resource-strapped organisations facing today's economic realities. Further evolution will see cloud-based platforms opened to a wider range of constituents and, combined with new authentication methods, will provide the potential for a future where secure digital identities will be available for all users across all communications channels.