As Passwords Diminish, Mobile Efficiencies Will Increase

Contributor: Jason Koestenblatt
Posted: 02/08/2018
Image: 
Password Security

All good things must come to an end. And most annoying things are usually replaced with slightly less annoying items.

Such is the case with passwords. Ever since you locked your siblings out of the homemade couch fort in the living room as a kid, requiring a password for guests to enter, we’ve been accustomed to some kind of gatekeeping measure to obtain access to… well, just about anything of importance.

In the world of enterprise mobility, passwords have been paramount – the first, and often last line of defense between a user and his or her work data and functions. But then we made passwords predictable, which lead to malicious hackers figuring out how to get those credentials with minimal effort, and ultimately exposing the user and the enterprise to a host of problems.

See related: Securing Mobility With Next Generation Authentication

So here we are in 2018, and passwords are seemingly going by the wayside, thanks to new technologies like Next Generation Authentication, biometrics, and continuous behavorial authentication, to name a few. Not only is the plan for this pivot in mobile security going to make for better protections, but once all is said and done, workflows will become quicker and more efficient for employees.

“This year, 2018, is the year the world will start shifting away from authentication methods currently used in business. The FIDO Alliance is seeing success as solutions are emerging from Bank of America, ING, and PayPal, and enterprise application companies like Salesforce and Dropbox,” said ESG Global Analyst Mark Bowker.

FIDO refers to the Fast Identity Online Alliance, an ecosystem created for standards-based interoperable authentication, and includes board members from the likes of Google, Lenovo, PayPal, and Bank of America.

“Eliminating passwords combined with the power to produce strong authentication presents an ideal opportunity for IT vendors, which have traditionally owned the initial authentication process,” Bowker continued. “These vendors include Microsoft, which has owned Active Directory for many years; Google as it starts getting very sticky inside of enterprises; and Amazon as companies choose AWS services as the de facto choice for new applications.”

Bowker also points out that passwords are often arduous or difficult to submit via mobile device. In fact, passwords have become obstacles more than protective applications, hence the reluctancy to continue down this path.

“The most basic reason why we have smartphones with collaboration tools at work is to be efficiently productive,” said Brian Heemsoth, Senior Director of Global Security Innovation at Aetna. “But there’s a hindrance in the amount of security controls that must be put in place. Having email on your phone is great, but having to type a nine-digit passcode to access it isn’t.”

Mobile device manufacturers are now building biometric capabilities directly into the hardware, and by 2020 it’s expected that all smartphones created will at the very least have a biometric capability. The year 2018 will see plenty of new technological innovations, particularly on the mobile security side, but many will also go by the wayside. Passwords won’t be deleted completely, but the number of use cases will certainly diminish.

Jason Koestenblatt
Contributor: Jason Koestenblatt