Virtualization and Cloud executives share their predictions for 2014. Read them in this VMblog.com series exclusive.
Contributed article by Doron Cohen, CTO of the Authentication Business Unit at SafeNet, Inc.
Multi-Factor Authentication Trends for 2014
I have been in the Identity Management and Authentication
business for more than two decades and the shift I am seeing toward user
authentication technologies and adoption of cloud over the last few years is
truly fundamental. While many of these changes have been evolving for
some time, I believe that 2014 will be the tipping point, where enterprises and
consumers will embrace better authentication technologies that will further
change the way we protect our accounts and identities in the cloud.
The journey away from the most used
authentication method of all - passwords - has already started. With the power of mobile devices and cloud
services, we may finally have a chance to solve key challenges on how we
authenticate ourselves in the digital world.
Every day we see news on passwords being compromised, from Adobe
to Cupid
Media. It's not only users who feel weary and insecure. Enterprises and security
professionals know all too well how common it is for users to use the same
password for multiple services - be it credentials to the corporate network or
their bank account.
Customers are tired of the password experience. Adding
insult to injury, the imposition of having to use complex passwords is highly
aggravating - especially when there is a general sense that they do nothing
more to protect us. Consumers are reaching that tipping point: all they want is
to have a secure, yet easy and frictionless authentication experience, to
regain a sense of basic online security. In this regard, we are at a unique
point in time when consumer and enterprise interests are converging.
Enterprises have long recognized the need for strong
authentication, but at times have been held back by the perceived costs and inconvenience
that this might cause their users. What businesses and corporations expect is
better integrated identity and access solutions that provide both confidence as
well as secure authentication for mobile devices without compromising the user
experience. Organizations want to be
able to implement and offer their users cost effective and easier ways to
authenticate and manage their identity whether on corporate networks, or as
part of cloud services and applications.
This common goal, along with the emergence of sensors and security
elements that are built into mobile devices, will transform the way we
authenticate. Recent examples include biometrics-based authentication such as Apple's
Touch ID on the iPhone, or Android
face-unlock by Google.
These are just examples of better authentication
technologies that change the way we protect our accounts and identities in the cloud.
Here are additional predictions for 2014:
1.
The majority of enterprises that deploy and
refresh their authentication systems will be taking a broader approach to
authentication and will select versatile authentication over traditional
hardware, one time password (OTP) token-based solutions. Next generation
authentication systems allow them to address several use cases, going beyond a
silo approach. Using identity federation technologies with seamless
authentication enables better adoption and more security to cloud environments
- whether it is for end users accessing the services, or privileged users who
administer the virtualized environments.
2.
One of the key challenges in the cloud is the
fragmentation of identity information and the need to have cross domain and
cross device interoperability. The need of users to make their identity
portable and usable across domains and the need to strongly authenticate cannot
be fulfilled with plain password authentication. New product releases
around the FIDO Alliance
authentication specifications will hasten the demise of static passwords by
enabling consumers and organizations to more easily use higher assurance
solutions.
3.
Next Generation Authentication and identity
management systems will rely on virtualized infrastructure that provides a multi-tenant
service delivery platform. This will fuel a greater demand for service
providers to apply hardware-based key security root-of-trust and enhanced
security around their offerings, enabled by the ability to leverage HSMs and
key managers in the data center and the cloud (for example, Amazon
Cloud HSM).
There is no doubt in my mind that we are in the midst of a transformation
in user authentication, which to a large extent is being driven by us as users.
The day we can say goodbye to dozens of static passwords is drawing near. This
will make our lives easier and more secure. For organizations, the prospect of multi-factor
authentication that is easier to deploy and use in both physical and virtual
worlds is fast becoming a reality.
##
About the Author
Doron Cohen serves as CTO of the Authentication
Business Unit at SafeNet, Inc. As the leader of technology strategy for the
SafeNet authentication solutions, Cohen is responsible for product strategy
while also playing an active role in numerous industry standard communities. He
has led the development of identity management solutions for the enterprise in
distributed cross-platform environments, spanning operating systems, databases
and applications.