Current Filter: Security>>>>>>

   

The most exciting thing I see coming is the continued need to evolve ways in which to authenticate our trusted users, while simplifying the log-in process, decreasing the user interaction and lowering the cost.

Let's consider for a moment the emergence of wearable tech. Google Glass, intelligent watches and the continued evolution of the smartphone all lead us to a more consumerised 'always on' and 'always accessible' work environment. So how will the security market embrace these new and rapidly developing technologies?

BOND-STYLE TECH
We are already starting to see new technology coming to market to address the need for easier and more usable authentication. I have seen tokens that reside within a wrist strap and that validate a user's identity when used in conjunction with a paired device. There are also tokens that reside in iPhone covers to provide the same seamless log-on experience. Two years ago, this would have been perceived as James Bond-style tech, but now it is within the grasp of most of us.

In the business world, however, what authentication trends will most organisations be considering in the next twelve months? For me, there is one area of the authentication market that makes great sense when we consider the context of access from more and more connected devices: adaptive authentication.

This is a concept that allows an organisation to dynamically prompt a user for additional credentials, in the event that their level of trust does not meet corporate policy. For instance, the user could enter the correct credentials, but their request to log in may be from a geographic region where they don't usually work. The request may well be legitimate, but, by asking for additional credentials, an organisation can be surer of the trusted identity of the user.

PERSONAL IDENTIFIERS
The supplementary factor could be something as simple as prompting for answers to personal identifier questions. It could also require the submission of an additional one-time password which may be sent to a mobile phone or associated email address.

Looking ahead to the embryonic technologies such as Google Glass, it will be interesting to see to what extent authentication can leverage the data logged by this wearable tech. Using GPS to track the location of the user when logging on is a great example. If we know our user takes a specific route to work, or regularly stops at a coffee shop, or leaves their house at a certain time every day, then this is all data that could be addressed, analysed and used to build and determine the identity of our user, without necessarily intruding on their day-to-day activity.

The extent to which we are now able to capture a biometric snapshot of our users' lives –and then transform that into a security key that can be used to access our corporate assets – is an evolutionary step that will revolutionise the way we work. CS