BRAND VISIBILITY 2019

The CloudTweaks brand visibility 2019 program provides a number of terrific opportunities to help leverage your brand and service bringing it to the forefront of the technology world. We provide sponsorship, lead generation services, custom content packages, blog management and promotion. Contact us for a quote!

partner-fortune-cloudtweaks
John Barco

Do Not Rely On Passwords To Protect Your Online Information

Do Not Rely On Passwords

Simple passwords are no longer safe to use online. John Barco, vice president of Global Product Marketing at ForgeRock, explains why it’s time the industry embraced more advanced identity-centric solutions that improve the customer experience while also providing stronger security.

Since the beginning of logins, consumers have used a simple username and password to secure their sensitive information across the Internet. This approach made do in the early days of ecommerce, but with the rampant growth of phishing and other fraudulent activity, it’s time for a new industry standard. For businesses everywhere, this need for change has created important questions about how to protect sensitive information in a cost-effective manner, without diluting customer usability and convenience.

Everyone is on mobile, which calls for more security on-the-go

The mass adoption of mobile devices presents the most obvious need for greater online security control. The sheer number of mobile devices around the world means organizations can implement more robust, two-factor or multi-factor authentication systems without having to worry about the high cost of providing the devices to consumers themselves. Under a two-factor authentication system, traditional usernames and passwords remain the first step in identity verification, but users are then required to input a second authentication factor to further verify who they are. This involves sending a unique code or password to a user’s mobile device; the user must input this along with his or her credentials to be granted access. Multi-factor authentication systems such as the Apple iPhone TouchID add a biometric factor such as a fingerprint.

Mobile-based authentication, which is gradually becoming the benchmark standard for online businesses, gives peace of mind to consumers. However, such authentication is not without its issues. Mobile devices are not always secure, and unfortunately, a growing volume of malware is specifically programmed to target them. Such malware can allow criminals to scrape verification codes directly from devices if the codes are sent over data networks. The impact of mobile-based authentication on the user experience is also a concern, as many consumers do not want to have to enter multiple passwords every time they access their online accounts.

Next-gen security goes biometric

Adding biometric layers such as fingerprint or facial recognition technology, or messaging-based authentication processes could be the answer to the woes of mobile-based authentication. Biometrics could further boost security, with minimal impact on the user experience. As pointed out in a recent Gartner report, “Smartphone devices can make use of network-based push notification services that provide a secure out-of-band authentication channel. Authentication servers send notifications via the smartphone OS vendor. These messages are routed to a preregistered device and awaken a local app that can further authenticate the user via contextual information, PIN/password or biometric method. After successful local authentication, the app notifies the requesting authentication service of success, which completes the out of band (OOB) loop.” High-end smartphones offer these capabilities, but until they are more widely available, biometric authentication is unfortunately unlikely to be a viable solution for the majority of consumers.

Another alternative is to add extra layers, such as push authentication, to the two-factor process; this increases security but does not impact the customer experience. When first-time consumers sign into a website that uses push authentication, they will be asked to scan an on-screen Quick Response (QR) code with their mobile devices. This creates an ‘ID tether’ between users and their devices. The next time the user logs in, a push notification is sent to his or her device; all the user has to do is tap ‘approve’ in order to proceed. Importantly, these messages are usually sent over a different network, usually the cellular network, making interception by malware or other criminal monitoring of data activity extremely difficult.

Behavior-based monitoring will become an industry standard

Do Not Rely On Passwords

(Image Source: Shutterstock)

End users’ demand for multifactor authentication has accelerated in recent months, and businesses are more aware of the threats posed by online criminal activity, which makes major news headlines almost daily. Multifactor authentication, however, still relies upon a lock and key approach to online security. This means that once someone is through the front door (i.e., they have gained entry to the account), there are usually no other obstacles between them and the sensitive data contained within. For these reasons the most forward-thinking organizations are looking to implement solutions that offer adaptive risk authentication and continuous security.

Adaptive risk authentication and continuous security provide an on-going view of online security. Which means that just because someone has gained access to an account, it does not mean they have full and free access to the data within the account. Adaptive risk authentication scores user behavior based on key criteria such as IP address, device ID, number of failed login attempts and more to establish if the behavior is consistent with established ‘normal’ user behavior patterns. Any deviations outside of the norm result in a higher risk score, which triggers additional security questions, re-authentication or, if necessary, the removal of the token assigned to the online session. Most importantly, algorithms responsible for scoring each session run silently in the background. Users are only made aware of them if their behavior is deemed to be suspicious. The user experience is not compromised in any way, despite the higher levels of security in place.

Usernames and passwords are not dead just yet. They will continue to have their place online for a while, but it is increasingly obvious that in isolation, they are no longer enough to keep sensitive information safe. Thankfully for consumers, advanced security such as multifactor authentication, adaptive risk and continuous security is on the horizon. Inevitably, even the most robust lock-and-key solutions will give way to more reliable behavior-based monitoring, as the fight to keep sensitive data secure online continues to evolve.

By John Barco

John Barco

John Barco is vice president of Global Product Marketing at ForgeRock. John has 20+ years of experience building innovative products for enterprise customers, focusing on identity and access management for the last 12 years. Prior to joining ForgeRock, he served as Senior Director of Product Management for the Identity Management group at Sun. John has also held leadership positions at iPlanet, Silicon Graphics, NComputing, and IronKey. He holds a degree in industrial engineering from Missouri State University.

Avoiding the IOT ‘Twister’ Business Strategy

Avoiding the IOT ‘Twister’ Business Strategy

IOT ‘Twister’ Most organizations’ ‪ IOT Strategy look like a game of ‪ ‘Twister’ with progress across important IOT capabilities such as architecture, technology, ...
Secure Business Agility

Contrary to popular belief, a pro-privacy stance is good for business

Pro-Privacy Stance Right now privacy is a hot topic on LinkedIn posts, especially as it pertains to compliance with the ...
Cloud Migration – 10 ‘Do it Right’ Tips

Cloud Migration – 10 ‘Do it Right’ Tips

Cloud Migration Tips Businesses continue to adopt the cloud at break neck speed. Inherent benefits like lower operational costs, no ...
Critical Success Factors when shifting Workloads into the Cloud

Critical Success Factors when shifting Workloads into the Cloud

Shifting Workloads into the Cloud By 2020, 92 percent of all workloads will reside in the cloud. Yet challenges remain ...
What Skills Do I Need to Become a Data Scientist?

What Skills Do I Need to Become a Data Scientist?

Becoming a Data Scientist Leveraging the use of big data, as an insight-generating engine, has driven the demand for data ...
Small Businesses CAN Compete Using The Cloud

Small Businesses CAN Compete Using The Cloud

Small Businesses Cloud In the past, small business owners had to either run applications or software that was downloaded physically ...

Cloud Community Supporters

(ISC)²
AWS
HPE
CA Technologies
Cisco

Cloud community support comes from sponsorship, service opportunities and collaborative network partnership initiatives.

Leading Multicloud Strategies

The Promise of the Cisco Hybrid Cloud Platform for Google Cloud, Delivered

Many of today’s global enterprises are looking to service providers (SPs) for the infrastructure, platforms and services they need to help them innovate. We’re excited that the Cisco Hybrid Cloud Platform for Google Cloud is now shipping. With it, businesses can accelerate on-prem app modernization,
Survey results reveal the biggest Artificial Intelligence challenges

Survey results reveal the biggest Artificial Intelligence challenges

Biggest Artificial Intelligence Challenges We’ve been told countless times over the past few years what an impact Artificial Intelligence (AI) is going to have on all our lives. But while it’s true that Artificial Intelligence will certainly provide some huge opportunities, a recent survey we

"Top 100 Brand Influencer, Cloud”
-ONALYTICA

"Best Cloud Computing Blog"
-SYSADMIN MAGAZINE

"Top 10 Sites For Cloud Computing"
-DIGITALISTMAG SAP

"Top 10 Cloud Computing Blogs”
-MARKETING ENVY

"Top 25 Must Read Cloud Blogs"
-CLOUDENDURE