By Stephen Cox
This is part one in a series of four posts on adaptive authentication and the KuppingerCole Leadership Compass Report.
Recently we wrote about the KuppingerCole Leadership Compass Report, which not only named us as an adaptive authentication leader, but rated SecureAuth IdP with distinction in all five categories of the report. If you haven’t checked the report out yet, we recommend it (download the full report here) – not because it praised our products, but because it offers a thorough deep dive into today’s market. If you’re looking to augment your identity and access management strategies with adaptive authentication, there’s no better resource to consider the solutions available to you.
The report also goes beyond ranking vendors to examine why adaptive authentication has become so vital to a strong defense. The need for improved identity security has accelerated for multiple reasons. Simple username and password based methodologies are no longer sufficient for most IT leaders, who are typically managing a complex tech stack of platforms across on-premise and cloud, protecting a diverse ecosystem of users, and facing off against skilled criminals. Stopping breaches is a partial goal for most organizations; the security technologies used must also be intuitive and user-friendly.
That’s where adaptive authentication enters the game. We’re all familiar with the cumbersome security methods of yesterday, such as hardware tokens or smart cards that get lost and are expensive to replace. We also know that users will opt for convenient workarounds rather than following a multi-step policy. Security teams have learned the hard way that more friction actually means less security when it comes to authenticating users.
The Benefits of Adaptive Authentication
Adaptive authentication fits the bill precisely because it offers a better user experience and enhances older methodologies like two-factor authentication. Behind the scenes, the solution relies on user and device-based attributes like geo-location, IP addresses, device fingerprints and other data to validate them against risk-based workflows. Those context-based tools distinguish between authorized users and possible bad actors. The user doesn’t perceive any of those steps, instead they quickly access the resources they need without being asked to supply their grandmother’s maiden name or a string of numbers from a hardware token. It's all about smoothly and efficiently confirming user identity without disruption.
Flexible adaptive authentication tools address the different nuances of user identities and environments, recognizing that some situations will require an authentication “step-up.” A good solution also provides teams with a range of options, such as phone/email/SMS based one-time passwords (OTPs), push notifications or push-to-accept. More sophisticated platforms can include behavioral biometrics to analyze physical behavior such as keystroke dynamics and mouse movements, and behavior analytics to analyze logical behavior, such as the historical region of the user, or usual time of day they are active.
The KuppingerCole report examines these authenticators and adaptive authentication methodologies, including SecureAuth’s tools. If you’re curious how different vendors stack up, you’ll find detailed comparisons in terms of functionality, user experience, flexibility and security. You can also consider solutions in terms of integration and on-premise and cloud enterprise applications.
The report is a must-read for any team serious about making a smart investment in their identity and access management technology – and a roadmap to partnering modern authentication technologies with effective security strategies.
Watch the webinar with KuppingerCole’s lead analysts, John Tolbert and me to get an insider’s view into The KuppingerCole Leadership Compass report and better understand how to evaluate and implement adaptive authentication here.