The subject of security and authentication is often talked about these days. Driving this interest is the continuing onslaught of data breaches. At the heart of the matter is the disintegration of the aging password as a viable authentication factor. There is dismay and fear at every level, from consumer, to IT, to the board room.
Security for a Complex Modern IT Environment
To understand the underlying security issues, I recommend reading a series of articles from WeLiveSecurity.com on the four “A”s of account management:
- Authentication provides a way of identification. A person is who they claim to be.
- Authorization ensures that a user, once identified, is permitted to gain access to certain resources.
- Access Control limits user access to only the resources they need, but no more.
- Auditing provides a record of what a user accesses and when. This is helpful in monitoring, reporting and forensic purposes.
All of this is straight forward in concept but proves very difficult to carry out in practice. The modern IT environment is highly complex, which is characterized by:
- Varied systems with incompatible security plumbing.
- An increase in the number and type of individuals trying to access corporate data assets.
- The rise of cloud computing.
- A rapid growth of new endpoint devices that must be managed and secured.
Added to this complexity is change, constant change:
- New systems are frequently brought online.
- Expanding compliance mandates require new security provisions.
- New threat models demand new security methods.
- Corporate restructuring calls upon IT to reshuffle their inventory of assets.
All these changes require that access security be applied, by policy, to an array of systems and users. It is no wonder that data breaches continue to wreak havoc.
Managing this complexity while applying secure, policy driven access to all aspects of an IT environment can be daunting. However, there is a solution available that makes the complex simple. The DigitalPersona® composite authentication solution is specifically designed to give users secure access without obstacles — anytime, anywhere. Read more about composite authentication here.
To read the WeLiveSecurity series of articles, click here.
Chris Trytten has over two decades of technical and managerial experience in systems and security at leading companies in Silicon Valley, including positions with Crossmatch, DigitalPersona, Interlink Networks, Apple, Siemens and Amdahl. In his current position as Market Solutions Manager at Crossmatch, he is using his experience serving the Financial and Retail markets by guiding the product and market teams to address the security needs of these industries. Chris is the author of multiple security white papers and articles.