By: Lucas Budman
Everyone hates passwords. They slow us down. They can be complicated. And of course we have to remember so many of them.
Cyber ââthreat actors are the exception. Hackers love passwords. After all, passwords are easy to discover and use. And they are many.
In other words, hackers don’t break in, they log in with stolen passwords. In fact, 81% of data breaches start this way, making passwords the biggest attack vector in modern business. And although more than $ 16 billion was spent on Identity and Access Management (IAM) solutions in 2020, the problem continues to worsen. Existing two-factor and multi-factor authentication (MFA) tools are simply insufficient; they can improve poor security posture, but they do nothing to prevent phishing attacks, credential stuffing, or man-in-the-middle SIM card swaps. However, they cause significant friction between users and disruption of workflow, hampering their adoption and use.
A recent report from Forrester notes the increased criticality of IAM to secure access, ensure business continuity, and support remote workers while addressing evolving threats across workloads dispersed across site and in the cloud. The push towards an entirely remote workforce and the pressure of layoffs, rehires, contractors and role changes have exposed the fragility of manual governance of in-house identities and paved the way for a renewed interest in solutions without password.
But as organizations know too well, the identity and authentication management landscape is incredibly expensive and complex, and as Forrester analysts note, the adoption of too many security solutions in a short period of time. Time can lead to unforeseen integration challenges, tools that don’t match well with existing business processes and unnecessary or overlapping capabilities.
For businesses committed to supporting the transition to hybrid work, innovative and robust password-less enterprise technologies can help protect the business from rapidly growing cybersecurity threats while ensuring a seamless experience for employees who can. connect easily and securely from anywhere in the world without the need for outdated and insecure passwords. As Walter Yosefat of Wyndham Destinations noted: âAs an CIO my vision has been to live in an era where user IDs and passwords are no longer needed and I am simply known to my people. applications and systems without the need to continually assert it. ”
Successful password-less deployments should reduce complexity, end fragmented user experiences, and streamline use case support to reduce costs. After all, great technology only makes sense if it’s useful and used. To remove the threat of compromised credentials and support a secure, easy-to-use solution, organizations should:
- Completely eliminate credentials with a completely password-less experience based on true identity and industry standards such as FIDO and FIDO2
- Deploy a Continuously Validated Behavior Based Identity and environmental signals
- Create a frictionless user experience
The best solutions available today align with the Zero Trust model. They constantly receive signals from a user’s smartphone, computer, network, and proximal environment to make highly secure decisions about identity and authentication. They also use sophisticated multipath optimization technology to find the most secure path to communicate identity to systems, applications and resources. But perhaps more importantly, the winning solutions offer pre-built, standards-based integrations across the entire identity stack to support full spectrum authentication. Remote integration and identity verification, workstations, SSO / applications, servers, VPNs, Windows, Mac and privileged access should all be supported, as should physical access via badge readers. Benefits include fast and secure deployment, shorter supply cycles, easier maintenance schedules, lower product subscription costs, lower integration costs, more accurate IAM policy management and reporting centralized.
Solutions must also be more than just a biometric alternative to passwords; they must offer frictionless access, coupled with an analysis of behavioral patterns and the ability to