Authentication for the cloud is not one-size-fits-all
Sign-on security must adapt to changing conditions
Published 17:07, 26 March 12
Corporations and consumers must be aware that the levels of authentication provided are adequate and scalable to meet the specific transactional need. In other worlds, adaptive.
The Identity and Access Management (IAM) market is in a state of disruption, driven by the realisation that Identity, Protection and Trust must be intertwined at the core of any successful Cloud strategy. That said, technologies in the strong authentication space are being evaluated in a new light. For example, encrypting data at all levels of a transaction is increasingly necessary for many organisations as they evaluate cloud computing and an ever-wider variety of mobile devices and remote access scenarios.
Market disruption is being fuelled by deployment options such as PaaS/SaaS/IaaS and the consumer/corporate phenomena of BYOD. Add to that, Authentication as a Service (AaaS) has recently been added to the acronym lexicon.
Security offerings are multiplying to address these scenarios. Telcos are now entering the advanced authentication arena with services designed to provide multi-factor authentication to both consumers and corporate users. Verizon is an example here. Established security leaders such as SafeNet are transitioning to provide these services as well, demonstrated by the company's recent acquisition of AaaS provider Cryptocard. NEC recently announced they will implement CA Technologies ArcotID for their Cloud services. The list goes on.
This increased demand for strong authentication creates additional opportunities for vendors and service providers by creating offerings that are scalable and appropriate to the application. The opportunity to differentiate from the competition based on transparent yet sophisticated security mechanisms is crucial, since as always, ease of use increases the likelihood of market success.
Look for IDC's upcoming report: Corporate and Consumer authentication: Evaluating the State of Traditional, Cloud and Mobile for Authentication Products and Service.
By Sally Hudson