Digital Identity means more than just capturing a username and password. It means how does that identity data become useful for other business purposes, such as providing unique digital experiences or dynamic security? It means knowing that your customer and employee data remains secure and private and in compliance with a host of local, regional and national regulations. It means knowing that the identity management solution that you select today will be both agile and future proof against the ever-increasing user demands and security risks of tomorrow.
Digital identity today is much more complex than it was in the past. At one time, a username and a password were all that was needed for a desktop terminal to access data on a server located somewhere else within the same office. That terminal and that system were physically secure within the perimeter of a building and virtually secure from the outside internet within a perimeter of firewalls. That is no longer the case. Over time, organizations have had to accommodate work from home or remote employees, and firewalls have had to become more porous because network requests today often come from different devices in different locations. The only constant is the user, so it is the identity of the user that must be authenticated independent of how they chose to access your network. Just authenticating against username and password is no longer enough.
The risks are higher today for organizations that do not modernize their digital identity solutions. Data breaches, for example, are on the rise in part because of antiquated authentication systems still in use. In our 2019 Consumer Data Breach Report, ForgeRock found that personally identifiable information (PII) was the most targeted data for breaches in 2018, comprising 97% of all breaches. The most frequent attack method was from unauthorized access, encompassing 34% of all attacks with industry verticals healthcare, financial services, and government being most impacted by cyberattacks. Organizations directly affected may face a loss in brand reputation if not customer trust; they may also be fined as the result of local, state, and federal regulations introduced worldwide. The General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) in the United States are recent examples. Each spell out specific penalties for violations of compliance and, in the case of GDPR, million-dollar penalties have already been assessed.
Your users certainly do not want to learn that their personal information was compromised. Yet they do not necessarily want to take additional steps to gain access to something they consider basic, such as listening to music or chatting with friends online. Balancing this requires a strong yet adaptive backend identity solution.
Given the myriad of interconnected device options available today, a modern identity solution must assume zero trust and therefore leverage additional data points such as geolocation, biometrics, device or browser fingerprints, or some other contextual information to authenticate each request for access. This requires intelligent authentication, a way to minimize interactions with known devices from known locations while gradually escalating challenges if the device or location is new or otherwise unknown. And it requires a modern analytic engine to interpret the inputs. A modern identity solution must collect a variety of unique data points for each user and then quickly validate all of that information not just against one but potentially millions of customers.
Users, too, have new expectations. They expect to enjoy seamless, frictionless, yet secure interactions with the accounts they have. They expect not to have to log in every time they access certain accounts; they expect those services to know already whether they are at home or at the office or using their prefered device. Users expect to have the option for social integration, the ability to use identifiers from popular social networks to vouch for their identity across other affiliated services. Additionally, with the increasing ubiquity of smart devices, users expect to carry their access and personal preferences seamlessly from their homes to their offices and to their cars– such as having their favorite music preloaded for them on whatever car they own or might rent. This requires a robust identity management solution.
The ForgeRock Identity Cloud
The ForgeRock Identity Platform has these features– and more. It’s able to solve the most complex identity use cases. We realize that’s not enough. That’s why we’re building the ForgeRock Identity Cloud. It will help our customers get even further ahead of the changes in the identity landscape, to be future proof, and do so simply, easily, all with one extensible platform.
Our ForgeRock Identity Cloud PaaS is the market’s most comprehensive identity platform as-a-service solution. It’s built with the same codebase and features of the ForgeRock Identity Platform and accessible through one central dashboard. Our ForgeRock Identity Cloud Express is our preconfigured SaaS. It offers a prescriptive solution to handle common Customer Identity and Access Management (CIAM) needs quickly and easily.
Now, whether you deploy ForgeRock on premises, in a hybrid or multi-cloud environment, or with the ForgeRock Identity Cloud, you can solve tomorrow’s most complex identity problems with a single platform.
*** This is a Security Bloggers Network syndicated blog from Forgerock Blog authored by Robert Vamosin. Read the original post at: https://www.forgerock.com/blog/cloud-series-ready-cloud-centric-approach-digital-identity