Simon Moffatt_ForgeRock

Digital Identity Trends 2017 – Previewing The Year Ahead

Digital Identity Trends 2017

The lack of security of the Internet of Things captured public attention this year as massive distributed denial of service attacks took down much of the internet. The culprits? Unsecured connected devices that were easily accessed and manipulated to do the bidding of shadowy hackers. When you can’t access Netflix anymore, cybersecurity is suddenly a dinner table conversation. Looking forward to 2017, we expect security to continue to be a point of concern, but also see an increased focus on privacy as regulations and connected devices put new pressures on organization to protect customer data.

Attacks will Continue Until Security Improves

Due to the massive number of cheap/unsecure IoT devices around the world, DDoS attacks are likely to continue through 2017. However, the ramifications will be less severe as key service providers harden defenses and device manufacturers adopt identity-based security to minimize vulnerabilities. And while catastrophic DDoS attacks may have received the biggest news coverage 2016, just as big a story was the failure of IoT device manufacturers, and service and infrastructure providers to adopt and scale robust security and privacy tactics. We can expect that trend to begin to reverse in 2017, with device manufacturers turning away from hard-coded username and password access management and adopting passwordless authentication.

Passwordless Security Will Prevail

As millions of IoT devices go online to enable new products and services, it will no longer be enough to apply a legacy approach to authentication, authorization and identity management. For modern connected devices like home lighting arrays, garage door openers, and smart wearables, using username and passwords to control access and authorization just won’t work. Innovative new IoT initiatives in 2017 will require passwordless identity management and continuous security techniques to maintain secure access to devices and services.

Digital identity trends

One such passwordless methodology that will be widely used is push notifications – using real-time messaging to smartphones to grant access to data or authorize use of online services. Mobile phones are an ideal method of authentication because they’re familiar, they’re usually always with the user, and they can receive notifications. The smartphone/push notification methodology also enables continuous security. If a suspicious action is detected – for example, a user moves from a protected network at their office to an unprotected network at a bookstore nearby – an additional factor of authentication can be invoked, sending a push notification with a code that would need to be entered in order to continue the session.

In 2017, organizations will also be focused on making sure that security doesn’t get in the way of a great customer experience. The added benefit of passwordless authentication is that it reduces friction in the login process, because responding to a push notification or biometric cue is so easy. Passwordless authentication will help businesses and governments get closer to that coveted seamless experience.

Organizations will Think Beyond the Perimeter

Organizations adopting IoT devices or services into their business models will face new challenges as connected devices moves the collection and sharing of customer data beyond the confines of the business and into people’s homes. Take healthcare for example. The distinction between in-home and clinical healthcare devices will continue to erode. Smart, portable medical devices enable patients to measure their vitals at home, enabling a connected healthcare experience that continues after the patient has left the hospital. Remote monitoring leads to a wealth of data available to clinicians, not just at annual checkups, and gives patients a larger, active role to play in preventative care. However, the proliferation of digital systems and devices and the ease with which personal health data can be collected and shared creates more vulnerabilities where personal data can get exposed or stolen. Here is why healthcare IT decision-makers are increasingly turning to customer identity management as the technology most effective for achieving new security objectives that extend beyond the hospital grounds. By adding features like contextual authentication and authorization, hacking these systems becomes more difficult and personal health data can be secured more effectively.

New Privacy Tools Will Proliferate

Consumer-facing IoT in healthcare, household appliances, and more, will have a critical requirement: privacy. As connected devices collect and share massive amounts of data, patients, customers, and citizens will need a way to control who can access what data, on what device, and under what circumstances. To address this challenge, organizations will look to new consent and sharing standards such as the OAuth-based User-Managed Access (UMA) protocol. Adding momentum to the adoption of new consent and sharing standards will be the fast-evolving global privacy regulatory environment. The Federal Communication Commission (FCC) in the U.S. recently announced rules that will require broadband service providers to take greater steps to protect the privacy of consumers. Meanwhile, in Europe, the E.U.’s General Data Protection Regulation (GDPR) – slated to come into effect May 2018 – will give citizens control over their personal data, while simplifying the regulatory environment for international business. Both new regulations present opportunities for organizations to use strong privacy protections as a competitive differentiator. Strong, scalable customer identity technology will be a critical element in those efforts to build customer loyalty.

By Simon Moffatt, Senior Product Manager, ForgeRock

Simon is a recognized technology leader in the fields of identity and access management, the identity of things and devices, consumer identity management and digital transformation. Much sought after as an industry speaker, Simon has co-authored several whitepapers on the topic of consumer identity and digital transformation.

He also regularly posts his thoughts on his blog The Economics of Identity. His 15-year career encompasses roles within venture capitalists as well as privately backed US start-ups.

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as technology related infographics and comics.

Contact us for more information on how to get involved in our content related services and placement programs.

CONTRIBUTORS

Shaking Up The Cloud Technology Marketplace

Shaking Up The Cloud Technology Marketplace

Cloud Technology Marketplace Cloud continues its devastating rearrangement of the technology marketplace. As legacy vendors struggle to compete many deck ...
How to Improve the Backup Success Rate of Data Centers?

How to Improve the Backup Success Rate of Data Centers?

Improve Backup Success Rate According to industry analysts, a significant number of backup jobs (from 5 to 25%) are failing ...
Are You Thinking of Going to the Cloud Because of FOMO? Don’t!

Are You Thinking of Going to the Cloud Because of FOMO? Don’t!

The Fear of Missing Out A new study says FOMO – “Fear of Missing Out” is the reason cited by ...
The Drone Explosion

The Drone Explosion Continues To Provide Unique Options

The Drone Explosion One of the things I have posted about often here on CloudTweaks is the ever growing world ...
Get Used To It – Artificial Intelligence For Real-time Gas Pricing

Get Used To It – Artificial Intelligence For Real-time Gas Pricing

Real-time Gas Pricing Get used to it – we will extract every dollar you can afford at your friendly … ...
CALLING DOCTOR CLOUD, CALLING DOCTOR CLOUD!

CALLING DOCTOR CLOUD, CALLING DOCTOR CLOUD!

Medical Technology Listen: THUMP-thump, THUMP-thump. No, it’s not your heartbeat but the new rhythm of healthcare IT: the Cloud. Even ...
Having Your Cybersecurity And Eating It Too

Having Your Cybersecurity And Eating It Too

The Catch 22 The very same year Marc Andreessen famously said that software was eating the world, the Chief Information ...
Combatting Malware in the Cloud Requires a New Way of Thinking

Combatting Malware in the Cloud Requires a New Way of Thinking

Malware in the Cloud It’s no secret that cloud adoption has exploded in the enterprise over last few years. However, ...

NEWS

HPE CEO Whitman's surprise exit stumps Wall Street

HPE CEO Whitman’s surprise exit stumps Wall Street

(Reuters) - Shares of Hewlett Packard Enterprise Co (HPE.N) fell 6 percent on Wednesday after Chief Executive Officer Meg Whitman’s ...
OVH Announces New Hosted Private Cloud Offerings for US Market

OVH Announces New Hosted Private Cloud Offerings for US Market

OVH delivers next-generation services for hosted private cloud, disaster recovery, and hybridity leveraging industry-leading solutions RESTON, VA--(Marketwired - Nov 20, ...
EU privacy regulators to discuss Uber hack next week

EU privacy regulators to discuss Uber hack next week

BRUSSELS (Reuters) - European Union privacy regulators will discuss ride-hailing app Uber’s [UBER.UL] massive data breach cover-up next week and ...

SPONSORS

How Printers Help Hackers Hide In Plain Sight

How Printers Help Hackers Hide In Plain Sight

Printers and Hackers Spies and thieves often do their best work by hiding in plain sight. No one suspects the ...
The Skill & Training Mandates of Big Data

The Skill & Training Mandates of Big Data

Big Data Mandates For some years a dearth of data scientists and analysts has caused concern, with McKinsey expecting a ...
Hybrid IT Matures Just In Time To Tackle Complex Challenges

Hybrid IT Matures Just In Time To Tackle Complex Challenges

Tackling Complex IT Challenges Today’s sophisticated business environment demands a dynamic and robust IT infrastructure which is a far cry ...