CIOReview
CIOREVIEW >> Identity and Access Management >>

Five Solutions to Improve Authentication under COVID-19

Erik Hart, Chief Information Security Officer at Cushman & Wakefield
Erik Hart, Chief Information Security Officer at Cushman & Wakefield

Erik Hart, Chief Information Security Officer at Cushman & Wakefield

As the world adapts to the new “normal,” we know for sure that technology will impact our lives more than ever. Look no further than the rapid expansion of mobile applications for things like health checks, contact tracing, and location-based alerts as recent examples. One of the biggest changes we’ve experienced is the incredible acceleration of the virtual office, with millions of people working from anywhere, on any device. While that shift brings increased pressures for business continuity, it also represents a significant opportunity to better manage user identities and access and improve user experience.

As organizations continue to move to cloud-based systems—look at the growth of virtual meetings and collaboration tools like Microsoft Teams or Zoom in a matter of months—their ability to integrate and manage identities and access is vital. Provisioning and de-provisioning accounts and securing access, become key elements in keeping company applications and information safe from unauthorized parties, especially since many of these systems are open to the internet.

  The global pandemic—and the incredible speed in which it brought change to the way many people work—underscores the importance of having a flexible strategy that can be responsive to changing business needs, while supporting all types of user identities and maintaining security controls 

But what else should we be doing to make identity and access management a strength for organizations? It is time for us to step up our game and focus on what we should offer as solutions to improve the authentication experience:

• Federation of Access – Most organizations have to manage access to their systems or applications for employees but for customers, vendors, contractors, and others. Requiring a user to have multiple, disjointed accounts can be cumbersome and can lead to significant operational overhead and security gaps. Federating identity systems, so each individual has a single identity source instead of multiple competing accounts, can reduce potential gaps in security.

• Single Sign-on–With the continual expansion of various systems and utilization of software as a service, the ability to streamline accounts with single sign-on not only helps users but also significantly simplifies onboarding and offboarding processes. Having common authentication across platforms improves user experience and the ability to recover when nefarious activities occur.

• Passwordless Login–Many organizations have implemented multifactor authentication as the first step in mitigating risk to accounts; it is time to expand this technology. The elimination of passwords and utilization of alternate methods of access like challenge prompts and facial recognition allows for greater security with significantly less friction for authentication. In most cases, solutions like this exist in platforms organizations already own, and as such, require little investment to implement.

• Conditional Access Policies –Validating a user’s identity is more than just a username and password. Platforms can perform analytics on behaviors, make correlations based on access times and locations, and analyze devices. When thinking about your identity strategy, think beyond who and learn what can secure your environment.

• Unification of Physical and Logical Access Controls–With technological advancements and the increased deployment of sensors, there is greater integration of physical and logical access controls. Companies can integrate keycard access and even an employee’s phone and its location to allow a person to login to computing resources. These technologies are worth continual evaluation as they mature to see if they can add value and security to your business.

The days of investing security dollars in firewalls, intrusion detection systems, and other hardware devices are quickly fading as organizations opt for protections that can be customized to a specific user or integrated with important pieces of information. The global pandemic—and the incredible speed in which it brought change to the way many people work—underscores the importance of having a flexible strategy that can be responsive to changing business needs, while supporting all types of user identities and maintaining security controls.

Read Also

"Well, How did I (we) get here?"

Louis DiModugno, Chief Data Officer with HSB
How to Build a Techforce

How to Build a Techforce

Christian N. Schmid (Managing Director and Partner), Raffael Kazda (Associate Director), Daniel Wagner (Manager) and Annika Melchert (Senior IT Architect), all core members of the Banking Practice Area of BCG and BCG Platinion
Data Archival - Rest in peace

Data Archival - Rest in peace

Himali Kumar, Director Data Management, AutoZone
What Does RBG's Death Mean for the Investing World?

What Does RBG's Death Mean for the Investing World?

Jenny Abramson, Founder & Managing Partner, Rethink Impact
The New Bridges and Barriers to an Integrated World view

The New Bridges and Barriers to an Integrated World view

Brandon Beals, Director of Data & Analytics, Dot Foods