December 20, 2016

Digital Identity Trends – Previewing The Year Ahead

By Simon Moffatt

Digital Identity Trends

The lack of security of the Internet of Things captured public attention this year as massive distributed denial of service attacks took down much of the internet. The culprits? Unsecured connected devices that were easily accessed and manipulated to do the bidding of shadowy hackers. When you can’t access Netflix anymore, cybersecurity is suddenly a dinner table conversation. Looking forward to 2017, we expect security to continue to be a point of concern, but also see an increased focus on privacy as regulations and connected devices put new pressures on organization to protect customer data.

Attacks will Continue Until Security Improves

Due to the massive number of cheap/unsecure IoT devices around the world, DDoS attacks are likely to continue through 2017. However, the ramifications will be less severe as key service providers harden defenses and device manufacturers adopt identity-based security to minimize vulnerabilities. And while catastrophic DDoS attacks may have received the biggest news coverage 2016, just as big a story was the failure of IoT device manufacturers, and service and infrastructure providers to adopt and scale robust security and privacy tactics. We can expect that trend to begin to reverse in 2017, with device manufacturers turning away from hard-coded username and password access management and adopting passwordless authentication.

Passwordless Security Will Prevail

As millions of IoT devices go online to enable new products and services, it will no longer be enough to apply a legacy approach to authentication, authorization and identity management. For modern connected devices like home lighting arrays, garage door openers, and smart wearables, using username and passwords to control access and authorization just won’t work. Innovative new IoT initiatives in 2017 will require passwordless identity management and continuous security techniques to maintain secure access to devices and services.

One such passwordless methodology that will be widely used is push notifications – using real-time messaging to smartphones to grant access to data or authorize use of online services. Mobile phones are an ideal method of authentication because they’re familiar, they’re usually always with the user, and they can receive notifications. The smartphone/push notification methodology also enables continuous security. If a suspicious action is detected – for example, a user moves from a protected network at their office to an unprotected network at a bookstore nearby – an additional factor of authentication can be invoked, sending a push notification with a code that would need to be entered in order to continue the session.

In 2017, organizations will also be focused on making sure that security doesn’t get in the way of a great customer experience. The added benefit of passwordless authentication is that it reduces friction in the login process, because responding to a push notification or biometric cue is so easy. Passwordless authentication will help businesses and governments get closer to that coveted seamless experience.

Organizations will Think Beyond the Perimeter

Organizations adopting IoT devices or services into their business models will face new challenges as connected devices moves the collection and sharing of customer data beyond the confines of the business and into people’s homes. Take healthcare for example. The distinction between in-home and clinical healthcare devices will continue to erode. Smart, portable medical devices enable patients to measure their vitals at home, enabling a connected healthcare experience that continues after the patient has left the hospital. Remote monitoring leads to a wealth of data available to clinicians, not just at annual checkups, and gives patients a larger, active role to play in preventative care. However, the proliferation of digital systems and devices and the ease with which personal health data can be collected and shared creates more vulnerabilities where personal data can get exposed or stolen. Here is why healthcare IT decision-makers are increasingly turning to customer identity management as the technology most effective for achieving new security objectives that extend beyond the hospital grounds. By adding features like contextual authentication and authorization, hacking these systems becomes more difficult and personal health data can be secured more effectively.

New Privacy Tools Will Proliferate

Consumer-facing IoT in healthcare, household appliances, and more, will have a critical requirement: privacy. As connected devices collect and share massive amounts of data, patients, customers, and citizens will need a way to control who can access what data, on what device, and under what circumstances. To address this challenge, organizations will look to new consent and sharing standards such as the OAuth-based User-Managed Access (UMA) protocol. Adding momentum to the adoption of new consent and sharing standards will be the fast-evolving global privacy regulatory environment. The Federal Communication Commission (FCC) in the U.S. recently announced rules that will require broadband Service Providers to take greater steps to protect the privacy of consumers. Meanwhile, in Europe, the E.U.’s General Data Protection Regulation (GDPR) – slated to come into effect May 2018 – will give citizens control over their personal data, while simplifying the regulatory environment for international business. Both new regulations present opportunities for organizations to use strong privacy protections as a competitive differentiator. Strong, scalable customer identity technology will be a critical element in those efforts to build customer loyalty.

By Simon Moffatt

Simon Moffatt

The Lighter Side Of The Cloud
Freshworks

Freshservice’s Journey to Streamlining IT Operations

Freshservice, a cloud-based IT service management solution, is a part of Freshworks Inc., a company [...]
Read more

Leading Data Virtualization Solutions: 10 Services Transforming Data Management

10 Services Transforming Data Management Data virtualization is a technology that allows for the integration [...]
Read more
Sushil Kumar

Generative AI and Cloud Computing: The Greatest Infusion

Generative AI The fusion of cloud computing, app modernization, and artificial intelligence (AI) drives digital [...]
Read more
Nagaraj Kuppuswamy

Next-Generation Threats: Securing Multi-Cloud Environment

Next-Generation Threats Using cloud services from multiple cloud service providers is the fundamental tenet of [...]
Read more
Stacey Farrar

Copilot Is Here: What to know before migrating to Microsoft 365

Migrating to Microsoft 365 Microsoft is the latest company to unveil enhanced artificial intelligence (AI) [...]
Read more

5 Azure Cost Management Strategies

What Is Azure Cost Management? Azure cost management refers to the practices and processes that [...]
Read more
Unlock unparalleled exposure for your brand with CloudTweaks' premium sponsorship and advertising programs. Reach a global audience, amplify your message, and drive growth with our tailored solutions. Partner with us today and elevate your marketing strategy to new heights!
© 2024 CloudTweaks. All rights reserved.