Digital Identity Trends – Previewing The Year Ahead

Digital Identity Trends

The lack of security of the Internet of Things captured public attention this year as massive distributed denial of service attacks took down much of the internet. The culprits? Unsecured connected devices that were easily accessed and manipulated to do the bidding of shadowy hackers. When you can’t access Netflix anymore, cybersecurity is suddenly a dinner table conversation. Looking forward to 2017, we expect security to continue to be a point of concern, but also see an increased focus on privacy as regulations and connected devices put new pressures on organization to protect customer data.

Attacks will Continue Until Security Improves

Due to the massive number of cheap/unsecure IoT devices around the world, DDoS attacks are likely to continue through 2017. However, the ramifications will be less severe as key service providers harden defenses and device manufacturers adopt identity-based security to minimize vulnerabilities. And while catastrophic DDoS attacks may have received the biggest news coverage 2016, just as big a story was the failure of IoT device manufacturers, and service and infrastructure providers to adopt and scale robust security and privacy tactics. We can expect that trend to begin to reverse in 2017, with device manufacturers turning away from hard-coded username and password access management and adopting passwordless authentication.

Passwordless Security Will Prevail

As millions of IoT devices go online to enable new products and services, it will no longer be enough to apply a legacy approach to authentication, authorization and identity management. For modern connected devices like home lighting arrays, garage door openers, and smart wearables, using username and passwords to control access and authorization just won’t work. Innovative new IoT initiatives in 2017 will require passwordless identity management and continuous security techniques to maintain secure access to devices and services.

One such passwordless methodology that will be widely used is push notifications – using real-time messaging to smartphones to grant access to data or authorize use of online services. Mobile phones are an ideal method of authentication because they’re familiar, they’re usually always with the user, and they can receive notifications. The smartphone/push notification methodology also enables continuous security. If a suspicious action is detected – for example, a user moves from a protected network at their office to an unprotected network at a bookstore nearby – an additional factor of authentication can be invoked, sending a push notification with a code that would need to be entered in order to continue the session.

In 2017, organizations will also be focused on making sure that security doesn’t get in the way of a great customer experience. The added benefit of passwordless authentication is that it reduces friction in the login process, because responding to a push notification or biometric cue is so easy. Passwordless authentication will help businesses and governments get closer to that coveted seamless experience.

Organizations will Think Beyond the Perimeter

Organizations adopting IoT devices or services into their business models will face new challenges as connected devices moves the collection and sharing of customer data beyond the confines of the business and into people’s homes. Take healthcare for example. The distinction between in-home and clinical healthcare devices will continue to erode. Smart, portable medical devices enable patients to measure their vitals at home, enabling a connected healthcare experience that continues after the patient has left the hospital. Remote monitoring leads to a wealth of data available to clinicians, not just at annual checkups, and gives patients a larger, active role to play in preventative care. However, the proliferation of digital systems and devices and the ease with which personal health data can be collected and shared creates more vulnerabilities where personal data can get exposed or stolen. Here is why healthcare IT decision-makers are increasingly turning to customer identity management as the technology most effective for achieving new security objectives that extend beyond the hospital grounds. By adding features like contextual authentication and authorization, hacking these systems becomes more difficult and personal health data can be secured more effectively.

New Privacy Tools Will Proliferate

Consumer-facing IoT in healthcare, household appliances, and more, will have a critical requirement: privacy. As connected devices collect and share massive amounts of data, patients, customers, and citizens will need a way to control who can access what data, on what device, and under what circumstances. To address this challenge, organizations will look to new consent and sharing standards such as the OAuth-based User-Managed Access (UMA) protocol. Adding momentum to the adoption of new consent and sharing standards will be the fast-evolving global privacy regulatory environment. The Federal Communication Commission (FCC) in the U.S. recently announced rules that will require broadband Service Providers to take greater steps to protect the privacy of consumers. Meanwhile, in Europe, the E.U.’s General Data Protection Regulation (GDPR) – slated to come into effect May 2018 – will give citizens control over their personal data, while simplifying the regulatory environment for international business. Both new regulations present opportunities for organizations to use strong privacy protections as a competitive differentiator. Strong, scalable customer identity technology will be a critical element in those efforts to build customer loyalty.

By Simon Moffatt

Kash Shaikh

A Clairvoyant Look Back on 2021

In a lookback from the future, here is what happened in 2021 as reported on January 1, 2022. 2021 was the year that our world worked its way out of the 2020 pandemic and back ...
Sebastian Grady

Leveraging Hybrid IT Now to Power Digital Transformation 

Leveraging Hybrid IT Summary: Cloud is a dominant force in enterprise software today. Global market turbulence is forcing some companies to accelerate moving parts of IT to the cloud sooner than expected to adapt to ...
AI and ML: Key Drivers to Building a Resilient Business

AI and ML: Key Drivers to Building a Resilient Business

The future is here. It’s 2021 and it’s already time for businesses to ready themselves for the new decade. The previous year has shown us that you have to be prepared for both expected and ...
Building a Robust Virtual Agent (VA) Rollout Strategy for DSPs

Building a Robust Virtual Agent (VA) Rollout Strategy for DSPs

Building a Robust Virtual Agent (VA) Rollout Strategy for DSPs Proven methods to increase VA containment & customer satisfaction The virtual agent’s market is at an all-time high and is garnering more and more interest ...
Bruce Guptill

As The Digital Workplace Strengthens, Traditional Business Thinking Must Die

The Digital Workplace The cloud-driven, digital workplace is enabling better ways of working, new ways of doing business, and entirely new business opportunities. It is also breaking down traditional boundaries and barriers within and between ...
Anita Raj

Can the cloud handle the streaming explosion caused by the pandemic?

The Streaming Digital Explosion From the time the coronavirus forced the global community to stay at home, a whopping 16 million people have newly subscribed to Netflix, which is more than double the number the ...