Virtualization Technology News and Information
Article
RSS
1Kosmos 2025 Predictions: Identity Management in 2025

vmblog-predictions-2025 

Industry executives and experts share their predictions for 2025.  Read them in this 17th annual VMblog.com series exclusive.

By Michael Engle, CSO and co-founder of 1Kosmos

Here are several predictions for identity management in 2025, along with the implications for organizations:

1. Single-factor biometric authentication gets traction

  • Prediction: Biometrics, where your "real" face, fingerprint, and iris are used, will gain traction in enterprise and consumer application access. Compared to passwords and MFA codes, this reduces customer friction and is the only way to prove who is logging in.
  • Implications: The improved experience will be a game changer and be seen as a competitive differentiator, ultimately driving revenue. Companies will need to stay ahead of the latest privacy and deepfake threats to take advantage of them without creating exposure.

2. Blockchain-based Digital Wallets Gain Momentum

  • Prediction: Blockchain will play a pivotal role in mainstream decentralized identity, enabling individuals and organizations to move away from centralized identity stores. This shift will reduce reliance on third-party identity providers, giving companies more control over employee and partner data.
  • Implications: Organizations can establish trust without intermediaries, reducing costs and administrative overhead. However, they'll need to think differently about storing and managing user data and leverage consent-based, privacy-by-design practices. The shift may also require new key management and account recovery protocols.

3. Remote Onboarding Turns Fully Digital

  • Prediction: Organizations will fully transition to digital onboarding processes, leveraging biometrics and remote identity verification technologies to securely verify the identity of new employees, partners, and contractors without physical presence.  Mobile drivers licenses and verifiable credentials become enablers for customer and employee onboarding.
  • Implications: This will streamline the hiring and contracting process, making it faster and more cost-effective. However, organizations will need to adopt stringent identity verification standards to ensure secure onboarding, potentially exposing them to regulatory scrutiny if these standards aren't met. Investments in high-quality identity verification solutions and the training of HR and IT staff will be critical.

4. Passwordless Authentication Goes Mainstream

  • Prediction: Passwordless authentication methods, such as biometrics and FIDO2-based solutions, will become the default for enterprise applications, reducing the use of traditional passwords.
  • Implications: This transition will simplify user access while decreasing password-related security vulnerabilities, like phishing and credential stuffing. Yet, organizations will need to ensure compatibility across a wider range of devices and operating systems and address concerns about the privacy of biometric data, which may require new policies and vendor assessments.

5. Service Desk Phishing Escalates

  • Prediction: Phishing attacks targeting service desks will increase, exploiting the trust service desk agents place in user-provided information. These attacks will focus on resetting accounts or gaining unauthorized access via social engineering.
  • Implications: Organizations will need to tighten service desk security protocols, including implementing identity verification not just multi-factor authentication for all account resets and using AI-driven anomaly detection to identify suspicious requests. Increased training for service desk personnel and a zero-trust approach for identity verification will also be necessary to mitigate these risks.

6. Shared Account Logins Become a Greater Concern in Certain Industries

  • Prediction: Industries reliant on shared account logins, such as manufacturing and maritime (e.g., cruise ships), will face heightened scrutiny around access management, as shared credentials represent a significant security gap.
  • Implications: Organizations in these sectors will need to move towards more granular identity management, leveraging biometrics, FIDO keys, role-based access control (RBAC) and user behavior analytics to detect anomalies. Adoption of identity orchestration platforms will become critical, enabling them to differentiate and authenticate users, even in scenarios where shared accounts are necessary.

##

ABOUT THE AUTHOR

mike-engle 

Michael Engle is CSO and co-founder of 1Kosmos. He is a proven information technology executive, company builder and entrepreneur, as well as an expert in information security, business development and product design/development. Mike was previously head of information security at Lehman Brothers and co-founder of Bastille Networks.

Published Tuesday, November 05, 2024 7:31 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2024>
SuMoTuWeThFrSa
272829303112
3456789
10111213141516
17181920212223
24252627282930
1234567