Thoma Bravo’s investment in the IAM and authentication space continues with another massive ($2.8B) acquisition of Ping Identity on the heels of announcing that it intends to acquire SailPoint later this year. I believe it’s a great transaction for both sides. Shareholders of Ping get a nice exit after the stock was trading near its IPO price recently and Thoma Bravo expands its footprint into the hottest segment of cybersecurity.
This move certainly provides a huge endorsement for the fast-growing authentication space. Ping, which had begun its journey in identity and access management with a focus on federation, had recently started dabbling in the passwordless space which is the future of authentication. The dramatic movement towards passwordless just makes sense. Passwords are a highly insecure method of authentication, and their intrinsic vulnerabilities account for 80 percent of all breaches. Adopting authentication methods without reliance on passwords can eliminate most of the breaches and account takeover (ATO) attacks for an enterprise. Furthermore, while the bad actors find a way to hack passwords easily, the good users waste a ton of their time trying to get in with cumbersome authentication methods. Forgotten passwords result in a significant burden on the Help Desk as well as productivity loss leading to the loss of millions of dollars.
There’s clearly a tectonic shift occurring towards passwordless authentication. A few months ago, Apple, Google, and Microsoft announced plans to expand support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium. According to the latest research report by ESG (Enterprise Strategy Group) and SecureAuth, Passwordless initiatives have become strategic, with 70 percent of organizations reporting they will start going passwordless in the next 24 months.
Although passwordless authentication is a good step forward, it’s a small step toward advanced authentication nirvana. That’s why SecureAuth recently announced a next-gen platform called Arculix, that goes beyond passwordless and delivers continuous authentication. Imagine a world where users log in with a simple biometric-based passwordless solution and after that, they are able to access the right apps and systems from any endpoint, cloud, browser, or other devices based on their profile and behavior. Well, imagine no more. SecureAuth’s Arculix provides all of this and more with its AI/ML-driven behavior-based risk engine that allows organizations to set up policies that provide strong security while making the user experience frictionless. Nirvana for security professionals, employees, and consumers.
We wish Ping the best as they go private. And in the meantime, SecureAuth will continue to work with Ping Identity customers to help them augment their solution with the Arculix platform, to provide true passwordless, continuous authentication throughout the digital journey of both employees and consumers.