Mission

Search

Why Digital Identities are All About a Secure Customer Experience

Play episode

The modern worker needs access to multiple applications. And with every new piece of software implemented, the security and identity requirements grow exponentially.  Identity authentication is creating increasing headaches for IT professionals everywhere. Relying on usernames and passwords won’t be enough much longer.

“We’ve been using usernames and passwords as the primary identity feature for 50 years. I really have been working in my career to help change that and come up with a better way. When I think of usernames and passwords, I think that is a lose, lose situation. It’s a bad experience and it’s bad security because everybody uses the same passwords and doesn’t change them.” 

That’s Fran Rosch, the CEO of ForgeRock, a company that is helping users connect with the world and its software safely and simply with it’s A.I.-driven platform. On this episode of IT Visionaries, Fran explains how ForgeRock is pioneering next generation identity authentication that can help verify users through multiple passive data points such as domains, ip addresses, time of day, previous logins, concurrent logins, and many others. If his future comes into reality, you might be able to forget that username and password for good.

Main Takeaways

  • Under Pressure: IT organizations today are under immense pressure to not only create a secure and safe digital environment, but also where their employees feel safe. Today employees need to trust where they are storing their information, but that user experience must also be seamless.
  • What’s the Username?: For more than 50 years, usernames and passwords have been one of the primary features used to secure a digital environment. The problem with this process is those passwords have to constantly be changed in order to remain secure, which creates a poor user experience. An emerging tool when it comes to creating a seamless experience is using face ID.
  • Demanding control: Enterprises are now demanding control over where their identity lives. As more companies operate in the cloud — whether that’s a private or public cloud — they want their identity authentication to run separately and have control over it and not have to have multiple identity services based on where they’re running the technology.

For a more in-depth look at this episode, check out the article below.


Article 

Today, large enterprise companies have thousands of employees who all need access to hundreds of applications. And with every new piece of software implemented to make things easier on the employee side, the security side gets a bit trickier. Every new application adds another need for identity authentication and that leads to mounting headaches for IT professionals everywhere.

“We’ve been using usernames and passwords as the primary identity feature for 50 years. I really have been working in my career to help change that and come up with a better way. When I think of usernames and passwords, I think that is a lose, lose situation. It’s a bad experience and it’s bad security because everybody uses the same passwords and doesn’t change them.” 

That’s Fran Rosch,  the CEO of ForgeRock, a company that is helping solve this problem. ForgeRock helps enterprises connect with the world and its software safely and simply by creating a seamless customer experience while providing next-level security. On this episode of IT Visionaries, Fran explains how ForgeRock is securely connecting people to thousands of applications with a flexible platform built to scale and how we get to a single-pass login experience.

Today’s digital standards have evolved to the point that users now expect one-click access to checkout experience, documents, and sensitive information. But deciding who has access to that sensitive information can be a daunting task for large-scale enterprises.

“Identity is a lot about decision-making,” Rosch said. “Do I know who you are? Should I trust you? Should you get access to this? The ForgeRock platform allows our customers to collect a lot of signals and clues about that user to make a risk-based decision on whether they should get access [or not].”

But the truth is, companies across various sizes require multiple permissions a day. SMBs that employ as few as ten people could still use anywhere from 10-50 different cloud-based softwares daily and large-scale enterprises that employ hundreds of thousands could use as many as 10,000 applications that all have different layers of access needed.

“Those 10,000 applications create an amazing web of approvals and entitlements that have to be tracked [and managed],” Rosch said. “Things never say static, you’re always bringing on new employees or people are changing jobs or people are leaving the company. So the ability to track all of that is really difficult. And if you use an old rules-based approach, you can never manage that over time.”

For digitally-native companies, managing those passwords and rules might be easier than their legacy brethren that still deploy on-premises mainframe systems. But it brings the question to bear, will we ever get to the point where users — either in the corporate world or consumers — of having a single-password sign in? Rosch said we aren’t that far off.

“It’s all about layers,” Rosch said. “If you’re using the face ID to determine who you are, maybe it gets you 90-95% there. But the smart organization is also looking at other factors like the device that you’re coming in from, the types of transactions you’ve done in the past, your geolocation IP address, all of these things could be spoofed or broken to some degree, but in combination you keep getting a higher and higher confidence score.”

To hear more about how ForgeRock is helping to create a more seamless digital experience, while minimizing risk, check out the full episode of IT Visionaries!

To hear the entire discussion, tune into IT Visionaries here

Menu

Episode 268