- 12 myths about how the Internet works
- Smartphone smackdown: Storm vs. iPhone
- IETF: Should we ignore the Kaminsky bug?
- Top 10 wicked cool algorithms
- How to recession-proof yourself
Dave Kearns provides the information you need to evaluate, install and maintain your corporate identity management system.
As someone pointed out to me last week, we're still spending an inordinate amount of time talking about authentication, and still trying to find a way to obviate the need for users to either memorize or write down lists of passwords and account names. Certainly that issue has come up in this newsletter a number of times over the past few weeks and months.
This all seemed to come to a head last week as I carried on conversations with Kuppinger Cole analyst Felix Gaehtgens and Metapass CEO David Dupouy, as well as in things I read in a New York Times column (Goodbye, Passwords. You Aren’t a Good Defense – note: registration required) and the various reactions to it on numerous blogs.
There is a lot of agreement that passwords are never going to be the best way to authenticate, no matter how strong we make them. Other authentication factors - biometrics, software tokens, out-of-band responses and hardware devices - are all better but require greater or lesser degrees of action on the part of users. And users, as most of us know, are more reluctant to change than a baseball player on a hitting streak. Getting the changes implemented is going to be a slow slog, but there should be steady progress. So what else should we be working on?
One area that Dupouy and I discussed at length was validation - ensuring that the account that gets created accurately reflects the true identity of the entity that it's created for. This step can overcome much of the identity fraud (what the popular press calls “identity theft”) that is prevalent today.
But we also mentioned - and Gaehtgens emphasized - that beyond authentication comes authorization. Getting people to the proper resources - the ones they need as well as the ones they should be allowed to access - is the next big thing. It’s time for the entitlement management people to take the center ring and show us what tricks they have. The audience is ready. Perhaps we’ll hear some amazing things at next month’s Digital ID World in Anaheim.
Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment