Opinion piece: World Password Day is about more than just passwords: identity management is important too

Opinion piece: World Password Day is about more than just passwords: identity management is important too

Opinion piece: World Password Day is about more than just passwords: identity management is important too

Passwords have undergone an evolution in recent years and with good reason.

The trend of password recycling, as well as the endless possibilities for password theft, have made conventional passwords ineffective for the needs of today’s business environment.

In their place, other alternatives have emerged such as one-time passwords (OTP), two-factor authentication (2FA), multi-factor authentication (MFA), and even biometric authentication methods. However, when even facial recognition or fingerprint-based authentication have proven fallible, the reality that businesses must reckon with is that these methods alone simply will not be sufficient as a last line of defense against cyberattacks. malicious

Instead, the risks present today require a multi-pronged approach to protect identities and, by extension, businesses. A passwordless approach gives IT teams better control over the organization’s overall identity management strategy by eliminating compromised passwords as a vulnerability. The use of security devices or keys also improves employee convenience while reducing IT complexities. However, in a rapidly advancing era of artificial intelligence (AI)-based cyberattacks, where publicly available biometric information can be used to launch attacks, a passwordless approach alone is not a guarantee.

Instead, passwordless authentication methods should be integrated with intelligent, automated identity management solutions that increase enterprise security by ensuring the right level of access is assigned to the right users through a single digital identity. After all, the fact of the matter is that while passwords can be a gateway that can be exploited, malicious actors often break through enterprise systems that do not have privileged access practices.

This is especially critical today as organizations rely more than ever on third-party vendors and non-employees for contingency work. By controlling the level of access that both employees and non-employees have, companies can nip illegitimate attempts to access privileged information or systems in the bud, having visibility throughout their organization and, therefore, first knowledge of the activity. irregular.

Ultimately, companies are prepared to manage Explosive growth in digital identities.catalyzed by a growing reliance on the Internet of Things (IoT) and robotic process automation (RPA) technologies, as well as growing digital work environments. That said, moving toward a password-free future is just one piece of the puzzle.

For businesses to truly strengthen their overall cybersecurity postures and prevent password-related threats, it will be crucial to bring identity management into the mix.

Chern-Yue Boey is senior vice president of SailPoint’s Asia-Pacific region.

Leave a Reply

Your email address will not be published. Required fields are marked *