Identity and Authentication Solutions Beyond Passwords, Pins, and Verification Questions.
Passwordless Authentication Experiences
As the demand for a reduction in password reliance continues, new identity and authentication solutions and tools are perpetually launching. Which of these solutions, methodologies or tools should an organization consider implementing? MorganFranklin can help an organization discover all of the options, budget, and best solutions that meet top priorities.
Biometrics: Effortless Authentication
Fingerprint, voice recognition, facial recognition, iris/eye scanning, and in-app or on network behavior mapping, are today’s most common biologically used sources for authentication. Typically used within mobile app environments to verify customers, but also prevalent in traditional security measures such as building access, MorganFranklin can evaluate and determine if biometrics is a solution an organization needs to consider implementing.
FIDO: Simpler, more secure passwordless logins
Balanced with a user-friendly and secure user experience through a simple action at log in, such as swiping a finger, entering a PIN, speaking into a microphone, inserting a second-factor device or pressing a button, the FIDO protocols use standard public key cryptography techniques to provide stronger authentication.
The FIDO Alliance currently has published three sets of specifications for simpler, stronger authentication: FIDO Universal Second Factor (FIDO U2F), FIDO Universal Authentication Framework (FIDO UAF) and FIDO2, which includes the W3C’s Web Authentication (WebAuthn) specification and FIDO Client to Authenticator Protocol (CTAP). The specifications are open and free for global use.
MorganFranklin will assist an organization in building a business case, buying in and implementing FIDO Authentication for simpler, more secure passwordless logins.
Zero Trust Architecture: Transforming how security is managed
“Never trust, always verify.” On track to becoming one of the major frameworks in cybersecurity, Zero Trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access.
The biggest challenge in implementing the Zero Trust architecture is that it becomes a multi-year project for many large organizations, and many of the legacy environments simply cannot support the new framework. Building Zero Trust is a digital transformation activity, rather than a solution or tool implementation. MorganFranklin can take a seat at the strategy and planning discussion table, bringing in the C-suite to guide prioritization of which pieces of the environment move to the model and which can wait as legacy systems are retired and new environments move to the cloud.