Lessons from next-gen approach to user authentication
Enterprises could take lessons from the way identity is being managed in consumer applications, says Andrew Whittaker, practice lead at Ubusha.
Speaking at the ITWeb Security Summit in Midrand yesterday, Whittaker said that in the consumer space, users experience multiple applications as one unified application accessed by using a single identity.
"Many of these large cloud service providers, like Google or Microsoft 365, deliver siloes of applications with a single identity experience. Many of these providers are also allowing third parties to latch on to their single identity ecosystem, within phenomenally secure controls.
"But in corporates, users still experience disparate IT systems with multiple passwords and authentication," he said. "Shouldn't we be looking at a simpler, more secure next-generation approach to user authentication and user experience within our traditional corporate IT environment?"
Shouldn't we be looking at a simpler, more secure next-generation approach to user authentication ... within our traditional corporate IT environment?
User experience would be improved and governance and administration would be supported by developing a unified cloud services identity and harnessing federation services for single sign-on.
"Federation services is the modern way of tying identity together into one single identity," said Whittaker.
He noted that to cater for a variety of standards and existing systems and applications, vendor technology existed to provide token translation services between various stacks of federation standards.
"You need repositories of identity information, federation services and traditional access management, allowing users to come from any device and be able to seamlessly access any modern, cloud or legacy application, and at the same time allowing us to apply strong central risk and policy-based controls," he said.