Continuous Authentication: The future of Identity and Access Management (IAM)
Although vendor-written, this contributed piece does not promote a product or service and has been edited and approved by Network World editors.
Usernames and passwords act as a gateway. Insert another authentication step on top of these credentials and this gateway becomes harder to infiltrate. But once access is gained, how can the device or Web application be certain that the authenticated user is, in fact, the same person throughout the entire session?
For example, you may log in and walk away from your device, creating an opportunity for someone else to take over your session and thus, your identity. Or more commonly, you may hand the device to a colleague – a non-authenticated user – trusting they won’t do anything nonsensical or malicious. In fact, according to a survey by B2B International and Kaspersky Lab, 32% of respondents who share an Internet-enabled device with their relatives, colleagues or friends noted that they do not take any precautions in protecting their information.