modernizing authentication (part 1)

Share

One of the perks of being in the IT & telecommunications industry is working with people who are using the latest technologies to bring new services to market.   About this time last year, I first came across the term “IDaaS” on Twitter, via a colleague at Orange Silicon Valley.  Since it was an  “as a Service” term I hadn’t come across before, I set about investigating what it meant, and how it fit in with other cloud services. 

My search brought me to Brice Renaud, our Product Manager for authentication services, who spoke with me about authentication, identity management and how those technologies are adapting to new cloud-based environments and the wave of personal devices and applications crossing into the corporate network as part of the growing BYOD trend. 

authentication – what’s at stake?

Almost everyone is familiar with basic authentication method of a username and password.  Unfortunately that level of authentication no longer makes the grade in today’s complex and distributed IT environments.

In the past year, several cloud services had massive password leakages, including LinkedIn and EverNote. More recently, corporate Twitter accounts are being hacked, re-iterating the need for stronger authentication methods across the board.

  • Google introduced  two-factor authentication in for all users in early 2011
  • Amazon did the same for the management of its AWS cloud service
  • EverNote is planning to adopt the measure
  • and rumors are that Twitter is as well

what solution?

Yet, while social accounts are important to a brand’s reputation (not to mention being near and dear to my day job), they’re not nearly as critical as the Business Process Management,  Enterprise Resource Management or e-commerce applications sitting within a private corporate network. And, according to Brice, and many other security experts, one of the most fundamental changes to make to improve perimeter security is to require multi-factor authentication for all users accessing a corporate network. 

Check back in a few days for part two of this post, when I’ll discuss how Identity & Access Management is adapting to cloud-based services and the importance of user experience.

Katie

image © Ben Chams - Fotolia.com

Katie DeTitta

I've spent more than 17 years in global telecommunications, and was formerly responsible for international social media activities at Orange Business Services. I enjoy making technology accessible to non-techies and I'm a strong supporter of flexible working.